Tutorials

OpenAPI (Swagger) Extension - VS Code

OpenAPI (Swagger) Extension for VS Code

Our previous tutorial used the build-in Security Editor in 42Crunch Platform to fix audit issues in the OpenAPI (formerly Swagger) definition. In this one, we do the same thing but in Microsoft Visual Studio Code (VS Code) using the 42Crunch OpenAPI extension.

Extension Overview

Below is an example of the 42Crunch OpenAPI (Swagger) extension for VS Code. If you do not already have it, just go to Extensions and search for OpenAPI.

The extension shows an extra panel on the left that helps navigate through your OpenAPI (Swagger) definition. The extension also provides time-saving templates that make creating new API definitions a breeze.

API Contract Security Audit in VS Code

To run an audit, click on the 42Crunch icon in the top right of your screen. The first time you run the audit, you must provide your email address so that we can send you an API key that VS Code can use to authenticate to our service.

Navigating Found Issues

The audit report is similar to the report that you get in 42Crunch Platform. Issues are highlighted in red. If you click on an issue, you can view its description and remediation on the right.

Another place to view the found issues is the Problems panel in VS Code. By default, the issues are organized by priority, and you can scroll through them and click on them individually, or search for specific issues at the top.

All in all, the function is very similar to the platform UI: the extension uses the same API behind the scenes. However, if you are a development IDE user, the extension provides a more familiar experience, and you do not need to switch between the different tools or windows to get your API secure by design.

Tutorials: In our next tutorial we'll give you an overview of the API Conformance Scan
Watch Now

Resources

Want to learn more? Here are some resources to help you out!

Free Tools

Looking to make OpenAPI / Swagger editing easier in VS Code? Or want to check how secure your API is? Check out our free tools.

Get Started

API Security Top 10

Are you protected from the OWASP API Security Top 10? 42Crunch can help with that! We also have a free cheat sheet you can download.

Learn More

API Sec Encyclopedia

Information on the risks, guidelines, and fixes relating to the OpenAPI Specification. Both OAS v2 and v3 are available!

Learn More

Ready to Get Started?

Developer-first solution for delivering API security as code.