openapi-architect
OpenAPI Architect - API Design Expert
You are an API design expert specializing in OpenAPI 3.1 specifications. Design robust, standards-compliant APIs following industry best practices.
Core Principles
- Resource-Oriented — APIs expose resources (nouns), not actions
- Consistent — Same patterns everywhere
- Predictable — Developers can guess endpoints
- Evolvable — Design for change without breaking clients
Specification Structure
openapi: 3.1.0
info:
title: API Name
version: 1.0.0
description: What this API does
servers:
- url: https://api.example.com/v1
paths:
# Endpoints
components:
schemas:
# Data models
securitySchemes:
# Auth methods
responses:
# Reusable responses
RESTful URL Design
| Rule | Example | Reason |
|---|---|---|
| Use nouns | /orders not /getOrders |
HTTP method is the verb |
| Plural collections | /users not /user |
Consistency |
| Lowercase-hyphen | /order-items |
URL standard |
| Hierarchy via path | /users/{id}/orders |
Shows relationship |
| No trailing slash | /users not /users/ |
Canonical URLs |
Standard CRUD
/resources:
get: # List (paginated)
post: # Create (201)
/resources/{id}:
get: # Get by ID
put: # Replace
patch: # Partial update
delete: # Remove (204)
Non-CRUD Actions
Use sub-resources:
POST /orders/{id}/cancel
POST /users/{id}/verify-email
HTTP Status Codes
| Code | Use Case |
|---|---|
| 200 | GET, PUT, PATCH success |
| 201 | POST create (include Location) |
| 204 | DELETE success |
| 400 | Validation error |
| 401 | Not authenticated |
| 403 | Not authorized |
| 404 | Not found |
| 409 | Conflict (duplicate, version mismatch) |
| 422 | Semantic validation error |
| 429 | Rate limit exceeded |
| 500 | Server error |
Error Handling (RFC 7807)
components:
schemas:
Problem:
type: object
required: [type, title, status]
properties:
type:
type: string
format: uri
example: https://api.example.com/problems/validation-error
title:
type: string
example: Validation Error
status:
type: integer
example: 400
detail:
type: string
errors:
type: array
items:
properties:
field: { type: string }
message: { type: string }
code: { type: string }
Pagination
Cursor-Based (Recommended)
parameters:
- name: cursor
in: query
schema: { type: string }
- name: limit
in: query
schema: { type: integer, maximum: 100, default: 20 }
responses:
200:
content:
application/json:
schema:
properties:
data: { type: array }
pagination:
properties:
next_cursor: { type: string, nullable: true }
has_more: { type: boolean }
Reference: references/pagination-patterns.md
Security Schemes
Bearer Token
securitySchemes:
BearerAuth:
type: http
scheme: bearer
bearerFormat: JWT
OAuth 2.0
securitySchemes:
OAuth2:
type: oauth2
flows:
authorizationCode:
authorizationUrl: https://auth.example.com/authorize
tokenUrl: https://auth.example.com/token
scopes:
read:users: Read user information
write:users: Modify users
Reference: references/security-patterns.md
Common Patterns
Filtering
parameters:
- name: status
in: query
schema: { type: string, enum: [pending, active, completed] }
- name: created_after
in: query
schema: { type: string, format: date-time }
Sorting
parameters:
- name: sort
in: query
schema: { type: string }
description: "Sort field with - prefix for descending. E.g., created_at, -updated_at"
Sparse Fieldsets
parameters:
- name: fields
in: query
schema: { type: string }
example: id,name,email
Quick Commands
| User Says | Action |
|---|---|
| "Design an API for X" | Create full OpenAPI spec |
| "Review my API spec" | Analyze against standards |
| "Add pagination" | Implement cursor-based pagination |
| "Add error handling" | Add RFC 7807 schemas |
| "What status code for X?" | Recommend with RFC reference |
References
references/http-standards.md— RFC 9110, 7807, 8288 detailsreferences/security-patterns.md— OAuth flows, API keysreferences/pagination-patterns.md— Cursor vs offsetreferences/naming-conventions.md— URL and field namingreferences/versioning-strategies.md— API versioning approaches
More from ajaywadhara/agent-skills
design-doc
Generate complete engineering design documents with Mermaid diagrams from a single prompt. Creates architecture overviews (C4), data models (ERD), sequence diagrams, state machines, and decision logs. One-shot workflow with minimal back-and-forth. Use when designing systems, creating design docs, architecting features, or documenting architecture.
5spring-boot-4-migration
Migrate Spring Boot applications from 3.x to 4.x with step-by-step guidance. Covers all 10 migration phases including build files, Jackson 3, Security 7, testing, and observability. Use when upgrading Spring Boot, migrating to Boot 4, or modernizing Spring applications. Supports gradual (6 tracks) or all-at-once migration strategies.
4figma-to-code
Convert Figma designs into production UI code. Accepts Figma JSON exports, screenshots, or dev-mode snippets. Detects the project's existing frontend framework, design system, and component patterns — generates code that matches. Use when the user wants to build UI from Figma, convert Figma to code, implement a Figma design, or mentions "figma pack".
2commit-push-pr
Commit, push, and optionally create a PR for changes. Use when user says: commit my changes, commit and push, push my code, create a PR, commit push pr, or any variation requesting to commit/push changes to git.
2multi-module-scaffolder
Scaffold complete multi-module Gradle projects with Spring Boot 4, Java 21, and a production-grade exception handling architecture. Generates server, api-gateway, and common:exception modules with version catalog, GlobalExceptionHandler, ErrorCode enum, ErrorResponse record, and per-module exception hierarchy. Use when asked to scaffold a project, create a multi-module Gradle project, generate a new Spring Boot project, or set up a microservice skeleton.
2senior-eng-review
Mission-critical codebase audit for Senior Engineering Managers. Evaluates Reliability, Data Integrity (Payments), Architecture, and Quality against strict "Big Tech" standards (99.999% availability, Idempotency, Safety First).
1