🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

openapi-core

Package Overview
Dependencies
Maintainers
1
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

openapi-core

client-side and server-side support for the OpenAPI Specification v3

0.19.5
PyPI
Maintainers
1

openapi-core

Package version Continuous Integration Tests coverage Python versions Package format Development status

About

Openapi-core is a Python library that provides client-side and server-side support for the OpenAPI v3.0 and OpenAPI v3.1 specifications.

Key features

  • Validation and unmarshalling of request and response data (including webhooks)
  • Integration with popular libraries (Requests, Werkzeug) and frameworks (Django, Falcon, Flask, Starlette)
  • Customization with media type deserializers and format unmarshallers
  • Security data providers (API keys, Cookie, Basic, and Bearer HTTP authentications)

Documentation

Check documentation to see more details about the features. All documentation is in the "docs" directory and online at openapi-core.readthedocs.io

Installation

Recommended way (via pip):

pip install openapi-core

Alternatively you can download the code and install from the repository:

pip install -e git+https://github.com/python-openapi/openapi-core.git#egg=openapi_core

First steps

First, create your OpenAPI object.

from openapi_core import OpenAPI

openapi = OpenAPI.from_file_path('openapi.json')

Now you can use it to validate and unmarshal against requests and/or responses.

# raises an error if the request is invalid
result = openapi.unmarshal_request(request)

Retrieve validated and unmarshalled request data.

# get parameters
path_params = result.parameters.path
query_params = result.parameters.query
cookies_params = result.parameters.cookies
headers_params = result.parameters.headers
# get body
body = result.body
# get security data
security = result.security

The request object should implement the OpenAPI Request protocol. Check Integrations to find officially supported implementations.

For more details read about the Unmarshalling process.

If you just want to validate your request/response data without unmarshalling, read about Validation instead.

Related projects

  • openapi-spec-validator : A Python library that validates OpenAPI Specs against the OpenAPI 2.0 (aka Swagger), OpenAPI 3.0, and OpenAPI 3.1 specification. The validator aims to check for full compliance with the Specification.
  • openapi-schema-validator : A Python library that validates schema against the OpenAPI Schema Specification v3.0 and OpenAPI Schema Specification v3.1.
  • bottle-openapi-3 : OpenAPI 3.0 Support for the Bottle Web Framework
  • pyramid_openapi3 : Pyramid addon for OpenAPI3 validation of requests and responses.
  • tornado-openapi3 : Tornado OpenAPI 3 request and response validation library.

License

The project is under the terms of the BSD 3-Clause License.

Keywords

openapi
swagger
schema

FAQs

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Meet Socket at Black Hat and DEF CON 2025 in Las Vegas

Security News

Meet Socket at Black Hat and DEF CON 2025 in Las Vegas

Meet Socket at Black Hat & DEF CON 2025 for 1:1s, insider security talks at Allegiant Stadium, and a private dinner with top minds in software supply chain security.

By Sarah Gooding  -  Jul 12, 2025