Automatic Generation of OpenAPI contracts with API Capture

Automate the manual task of creating OpenAPI contracts with API Capture. API Capture uses multiple sources such as Postman collections and API traffic to create OpenAPI definition files. API Capture is also available on the 42Crunch API Security Platform.

Introduction to API Capture

An introduction to API Capture and an overview of the main elements including the Dashboard, QuickGen, Buckets, Secrets and the OpenAPI Generator.

How to use QuickGen Capture

Build OpenAPI files quickly using Postman collections and / or HAR files as your sources for your API data.

Capture API Traffic in Buckets

How to use Buckets to organize sample traffic into containers from which you can generate your OpenAPI definition file.

How to use the OpenAPI Generator

How to use the advanced automation feature to generate OpenAPI definition files from multiple sources.

Latest Resources


Top Things You Need to Know About API Security

Two of the API security industry’s leading experts, Dr Philippe de Ryck and Isabelle Mauny, guide you through some real-world cases of API security attacks and also share some best practices for securing your APIs.


How to Protect APIs from OWASP Authorization Risks: BOLA, BOPLA & BFLA

By Hugh Carroll | February 20, 2024

The OWASP API Top Risks listing identifies three different Authorization challenges  Coding issues relating to Authorization configuration failures continue to present a significant challenge for development and security teams building and protecting APIs. Just read any issue of our fortnightly APIsecurity.io newsletter and you’ll discover that Authorization-based breaches […]


APIs are the core building block of every enterprise’s digital strategy, yet they are also the number one attack surface for hackers. 42Crunch makes developers’ and security practitioners' lives easier by protecting APIs, with a platform that automates security into the API development pipeline and gives full oversight of security policy enforcement at every stage of the API lifecycle.

Ready to Learn More?

Developer-first solution for delivering API security as code.