OpenAPI 3.1.1 Specification

The OpenAPI 3.1.1 specification is the core of our project - a comprehensive, production-ready API definition for the cyber.trackr.live service that drives our entire client ecosystem.

🎯 The OpenAPI Specification as Our Core Project

Everything flows from the OpenAPI specification: clients, documentation, testing, and development patterns all generate from this single source of truth.

📋 What Makes Our OpenAPI Specification Special

Complete DISA Cybersecurity Data Coverage

1000+ DISA STIGs (Security Technical Implementation Guides)
300+ SRGs (Security Requirements Guides)
3000+ CCIs (Control Correlation Identifiers)
RMF Controls (Risk Management Framework)
87 SCAP Documents (Security Content Automation Protocol)

Production-Ready Quality

✅ OpenAPI 3.1.1 compliant - Latest specification standard
✅ 15+ endpoints fully documented with examples
✅ Spectral validation - Professional-grade specification linting
✅ Real-world tested - Validated against live cyber.trackr.live API
✅ Cross-platform compatible - Works on Windows, macOS, Linux

Developer-Friendly Features

🔧 Comprehensive examples for every endpoint
🎯 Detailed error responses with proper HTTP status codes
📚 Rich descriptions for complex cybersecurity data structures
🌐 CORS-compatible for browser-based applications
📖 Interactive documentation with try-it-out functionality

🚀 Official Partnership with cyber.trackr.live

Division of Responsibilities:

cyber.trackr.live: API infrastructure, data management, security, performance
MITRE OpenAPI Project: Specification, client ecosystem, documentation, testing patterns

🔧 How to Use the OpenAPI Specification

1. View the Specification

bash

# Raw OpenAPI YAML
curl https://raw.githubusercontent.com/mitre/cyber-trackr-live/main/openapi/openapi.yaml

# Or browse in repository
https://github.com/mitre/cyber-trackr-live/blob/main/openapi/openapi.yaml

2. Generate Your Own Client

bash

# TypeScript/JavaScript
docker run --rm -v "${PWD}:/local" openapitools/openapi-generator-cli generate \
  -i https://raw.githubusercontent.com/mitre/cyber-trackr-live/main/openapi/openapi.yaml \
  -g typescript-fetch -o ./cyber-trackr-client

# Python
docker run --rm -v "${PWD}:/local" openapitools/openapi-generator-cli generate \
  -i https://raw.githubusercontent.com/mitre/cyber-trackr-live/main/openapi/openapi.yaml \
  -g python -o ./cyber-trackr-client

# Go
docker run --rm -v "${PWD}:/local" openapitools/openapi-generator-cli generate \
  -i https://raw.githubusercontent.com/mitre/cyber-trackr-live/main/openapi/openapi.yaml \
  -g go -o ./cyber-trackr-client

3. Use Our Production-Ready Ruby Client

Install the Ruby client and start using it immediately.

Complete Ruby Examples: See the Ruby Client guide for comprehensive usage examples - all generated from this same OpenAPI specification.

📚 Learn More About the OpenAPI Specification

Deep Dive into the Specification

Specification Details - Technical details, endpoints, and schemas
OpenAPI-First Benefits - Why we chose specification-driven development
Validation & Quality - Our professional-grade specification linting approach

Using the Specification

Client Ecosystem - Ruby client and code generation guidance
API Reference - Interactive documentation with try-it-out
Development Patterns - Architecture and testing approaches

Contributing to the Specification

Development Guide - How to modify the OpenAPI spec
Testing Approach - Our two-tier testing methodology
Contributing Guidelines - How to contribute improvements

🌟 Why OpenAPI-First Development Matters

Before OpenAPI-First (Traditional Approach)

With OpenAPI-First (Our Approach)

OpenAPI-First Benefits:

🎯 Single Source of Truth - Specification drives everything
💎 Automatic Client Generation - Clients in any language
📚 Always Up-to-Date Documentation - Generated from the spec
🧪 Specification-Driven Testing - Validate before implementation
🔄 Version Synchronization - All clients use the same spec version

🔮 Future Vision: Spec-Driven API Development

Our partnership with cyber.trackr.live is exploring bidirectional spec-driven development:

Potential Future Benefits:

🔄 Bidirectional Sync - Specification drives both client AND server
🎯 API Compliance - Server implementation matches specification
🚀 Unified Development - One specification, complete ecosystem
📋 Enhanced Validation - Real-time spec-to-implementation verification

🚀 Get Started with the OpenAPI Specification

Ready to use our OpenAPI specification? Choose your path:

Use the Ruby Client - Production-ready with helper methods
Generate Your Own Client - Any language you prefer
Explore the API - Interactive documentation
Learn the Patterns - Apply to your own OpenAPI projects

The OpenAPI 3.1.1 specification is the foundation of everything we do. Explore how it can power your cybersecurity compliance automation!

OpenAPI 3.1.1 Specification ​

🎯 The OpenAPI Specification as Our Core Project ​

📋 What Makes Our OpenAPI Specification Special ​

Complete DISA Cybersecurity Data Coverage ​

Production-Ready Quality ​

Developer-Friendly Features ​

🚀 Official Partnership with cyber.trackr.live ​

🔧 How to Use the OpenAPI Specification ​

1. View the Specification ​

2. Generate Your Own Client ​

3. Use Our Production-Ready Ruby Client ​

📚 Learn More About the OpenAPI Specification ​

Deep Dive into the Specification ​

Using the Specification ​

Contributing to the Specification ​

🌟 Why OpenAPI-First Development Matters ​

Before OpenAPI-First (Traditional Approach) ​

With OpenAPI-First (Our Approach) ​

🔮 Future Vision: Spec-Driven API Development ​

🚀 Get Started with the OpenAPI Specification ​