Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

openapi-core

Package Overview
Dependencies
Maintainers
1
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

openapi-core

client-side and server-side support for the OpenAPI Specification v3

0.19.5
pipPyPI
Maintainers
1

openapi-core

Package version Continuous Integration Tests coverage Python versions Package format Development status

About

Openapi-core is a Python library that provides client-side and server-side support for the OpenAPI v3.0 and OpenAPI v3.1 specifications.

Key features

  • Validation and unmarshalling of request and response data (including webhooks)
  • Integration with popular libraries (Requests, Werkzeug) and frameworks (Django, Falcon, Flask, Starlette)
  • Customization with media type deserializers and format unmarshallers
  • Security data providers (API keys, Cookie, Basic, and Bearer HTTP authentications)

Documentation

Check documentation to see more details about the features. All documentation is in the "docs" directory and online at openapi-core.readthedocs.io

Installation

Recommended way (via pip):

pip install openapi-core

Alternatively you can download the code and install from the repository:

pip install -e git+https://github.com/python-openapi/openapi-core.git#egg=openapi_core

First steps

First, create your OpenAPI object.

from openapi_core import OpenAPI

openapi = OpenAPI.from_file_path('openapi.json')

Now you can use it to validate and unmarshal against requests and/or responses.

# raises an error if the request is invalid
result = openapi.unmarshal_request(request)

Retrieve validated and unmarshalled request data.

# get parameters
path_params = result.parameters.path
query_params = result.parameters.query
cookies_params = result.parameters.cookies
headers_params = result.parameters.headers
# get body
body = result.body
# get security data
security = result.security

The request object should implement the OpenAPI Request protocol. Check Integrations to find officially supported implementations.

For more details read about the Unmarshalling process.

If you just want to validate your request/response data without unmarshalling, read about Validation instead.

Related projects

  • openapi-spec-validator : A Python library that validates OpenAPI Specs against the OpenAPI 2.0 (aka Swagger), OpenAPI 3.0, and OpenAPI 3.1 specification. The validator aims to check for full compliance with the Specification.
  • openapi-schema-validator : A Python library that validates schema against the OpenAPI Schema Specification v3.0 and OpenAPI Schema Specification v3.1.
  • bottle-openapi-3 : OpenAPI 3.0 Support for the Bottle Web Framework
  • pyramid_openapi3 : Pyramid addon for OpenAPI3 validation of requests and responses.
  • tornado-openapi3 : Tornado OpenAPI 3 request and response validation library.

License

The project is under the terms of the BSD 3-Clause License.

Keywords

openapi
swagger
schema

FAQs

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Static vs. Runtime Reachability: Insights from Latio’s On the Record Podcast

Security News

Static vs. Runtime Reachability: Insights from Latio’s On the Record Podcast

The Latio podcast explores how static and runtime reachability help teams prioritize exploitable vulnerabilities and streamline AppSec workflows.

By Sarah Gooding  -  Aug 13, 2025
SocketSocket SOC 2 Logo

Product

About

Packages

Explore npm
Explore Cargo
Explore Go
Explore Maven
Explore NuGet
Explore PyPI
Explore Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc

U.S. Patent No. 12,346,443 & 12,314,394. Other pending.