0.7.16695.1 MB
MIT
strict
Unknown
Ory Oathkeeper rules from OpenAPI
This CLI generates OathKeeper rules that enforce authentication and authorization policies for each API endpoint from an OpenAPI file.
This project automate the generation of Oathkeeper rules from an OpenAPI contract and save a lot of time especially for larger projects with many endpoints or many services by using the existing documentation provided in an OpenAPI contract. This can improve the overall security of the API and ensure that access is granted only to authorized parties. Additionally, this tool can simplify the development process by reducing the amount of manual work required to write and maintain OathKeeper rules.
## Ory Oathkeeper
If you're not yet familiar with Ory Oathkeeper, Oathkeeper is an Identity & Access Proxy (IAP) and Access Control Decision API that authorizes HTTP requests based on sets of Access Rules. You can find more information and get started with Ory Oathkeeper: https://github.com/ory/oathkeeper.
> An Identity & Access Proxy is typically deployed in front of (think API Gateway or Service mesh) web-facing applications and is capable of authenticating and optionally authorizing access requests. The Access Control Decision API can be deployed alongside an existing API Gateway or reverse proxy.
Documentation is available on Github : https://github.com/cerberauth/openapi-oathkeeper
This project automate the generation of Oathkeeper rules from an OpenAPI contract and save a lot of time especially for larger projects with many endpoints or many services by using the existing documentation provided in an OpenAPI contract. This can improve the overall security of the API and ensure that access is granted only to authorized parties. Additionally, this tool can simplify the development process by reducing the amount of manual work required to write and maintain OathKeeper rules.
## Ory Oathkeeper
If you're not yet familiar with Ory Oathkeeper, Oathkeeper is an Identity & Access Proxy (IAP) and Access Control Decision API that authorizes HTTP requests based on sets of Access Rules. You can find more information and get started with Ory Oathkeeper: https://github.com/ory/oathkeeper.
> An Identity & Access Proxy is typically deployed in front of (think API Gateway or Service mesh) web-facing applications and is capable of authenticating and optionally authorizing access requests. The Access Control Decision API can be deployed alongside an existing API Gateway or reverse proxy.
Documentation is available on Github : https://github.com/cerberauth/openapi-oathkeeper
Update History
0.7.14 (45) → 0.7.16 (69)13 Apr 2026, 23:21 UTC
0.7.14 (45)13 Dec 2025, 09:47 UTC
18 Sept 2023, 05:29 UTC
13 Apr 2026, 22:50 UTC
13 Dec 2025, 09:47 UTC