Openapi Comment Parser

⚓️ JSDoc Comments for the OpenAPI Specification

Project README

OpenAPI Comment Parser
npm Version travis npm Downloads

A clean and simple way to document your code for generating OpenAPI (Swagger) specs.




$ npm install openapi-comment-parser --save


$ yarn add openapi-comment-parser


Create a yaml file with a base OpenAPI definition:

openapi: 3.0.0
  title: Title of your service
  version: 1.0.0

Add the following to your code:

const openapi = require('openapi-comment-parser');

const spec = openapi();

Swagger UI Express example

Swagger UI Express is a popular module that allows you to serve OpenAPI docs from express. The result is living documentation for your API hosted from your API server via a route.

const openapi = require('openapi-comment-parser');
const swaggerUi = require('swagger-ui-express');

const spec = openapi();

app.use('/api-docs', swaggerUi.serve, swaggerUi.setup(spec));

Configuration options

There are several configuration options for parsing. For example, including and excluding certain files and paths:

const spec = openapi({
  exclude: ['**/some/path/**']


Option name Default
cwd The directory where commentParser was called
extension ['.js', '.cjs', '.mjs', '.ts', '.tsx', '.jsx', '.yaml', '.yml']
include ['**']
exclude A large list that covers tests, coverage, and various development configs
excludeNodeModules true
verbose true
throwLevel off


npm install -g openapi-comment-parser

(optional) generate a .openapirc.js config file:

openapi-comment-parser --init

Generate an openapi.json file:

openapi-comment-parser . openapi.json

Eslint plugin

To enable linting of the OpenAPI jsdoc comments, install the eslint plugin:

$ npm install eslint-plugin-openapi --save-dev

or with yarn:

$ yarn add -D eslint-plugin-openapi

Then create an .eslintrc.json:

  "extends": ["plugin:openapi/recommended"]

Basic structure

You can write OpenAPI definitions in JSDoc comments or YAML files. In this guide, we use only JSDoc comments examples. However, YAML files work equally as well.

Each comment defines individual endpoints (paths) in your API, and the HTTP methods (operations) supported by these endpoints. For example, GET /users can be described as:

 * GET /users
 * @summary Returns a list of users.
 * @description Optional extended description in CommonMark or HTML.
 * @response 200 - A JSON array of user names
 * @responseContent {string[]} 200.application/json


Operations can have parameters passed via URL path (/users/{userId}), query string (/users?role=admin), headers (X-CustomHeader: Value) or cookies (Cookie: debug=0). You can define the parameter data types, format, whether they are required or optional, and other details:

 * GET /users/{userId}
 * @summary Returns a user by ID.
 * @pathParam {int64} userId - Parameter description in CommonMark or HTML.
 * @response 200 - OK

For more information, see Describing Parameters.

Request body

If an operation sends a request body, use the bodyContent keyword to describe the body content and media type. Use bodyRequired to indicate that a request body is required.

 * POST /users
 * @summary Creates a user.
 * @bodyContent {User} application/json
 * @bodyRequired
 * @response 201 - Created

For more information, see Describing Request Body.


For each operation, you can define possible status codes, such as 200 OK or 404 Not Found, and the response body content. You can also provide example responses for different content types:

 * GET /users/{userId}
 * @summary Returns a user by ID.
 * @pathParam {int64} userId - The ID of the user to return.
 * @response 200 - A user object.
 * @responseContent {User} 200.application/json
 * @response 400 - The specified user ID is invalid (not a number).
 * @response 404 - A user with the specified ID was not found.
 * @response default - Unexpected error

For more information, see Describing Responses.

Input and output models

You can create global components/schemas section lets you define common data structures used in your API. They can be referenced by name whenever a schema is required – in parameters, request bodies, and response bodies. For example, this JSON object:

  "id": 4,
  "name": "Arthur Dent"

can be represented as:

          type: integer
          type: string
      # Both properties are required
        - id
        - name

and then referenced in the request body schema and response body schema as follows:

 * GET /users/{userId}
 * @summary Returns a user by ID.
 * @pathParam {integer} userId
 * @response 200 - OK
 * @responseContent {User} 200.application/json

 * POST /users
 * @summary Creates a new user.
 * @bodyContent {User} application/json
 * @bodyRequired
 * @response 201 - Created


The securitySchemes and security keywords are used to describe the authentication methods used in your API.

      type: http
      scheme: basic
 * GET /users
 * @security BasicAuth

Supported authentication methods are:

  • HTTP authentication: Basic, Bearer, and so on.
  • API key as a header or query parameter or in cookies
  • OAuth 2
  • OpenID Connect Discovery

For more information, see Authentication.

Open Source Agenda is not affiliated with "Openapi Comment Parser" Project. README Source: bee-travels/openapi-comment-parser
Open Issues
Last Commit
1 day ago