False positive: Operation is missing responses[401] on public endpoints

I have an API that has a number of public endpoints, even RFC-defined ones like `/.well-known/openid-configuration` (see [RFC 8414](https://datatracker.ietf.org/doc/html/rfc8414#section-3)).  I have properly defined a global `security` directive and, per openapi guidance, overridden the public endpoints with `"security": []`.

However, rate-my-openapi is still reporting this as an issue on every public endpoint.

If you want to reproduce, look at report [40c0b4f3-35e2-4913-af7c-d28d7e0dbed7](https://ratemyopenapi.com/report/40c0b4f3-35e2-4913-af7c-d28d7e0dbed7) or you can find my OpenAPI specification [here](https://github.com/ericfitz/tmi/blob/main/docs/reference/apis/tmi-openapi.json).

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

False positive: Operation is missing responses[401] on public endpoints #293

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

False positive: Operation is missing responses[401] on public endpoints #293

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions