***

title: Track governance violations in the API specification
approved: 2026-03-10T00:00:00.000Z
slug: docs/api-governance/api-definition/api-definition-warnings
max-toc-depth: 2
----------------

Postman supports API governance rules for API specifications in [OpenAPI 3.1](/docs/api-governance/api-definition/openapi3/), [OpenAPI 3.0](/docs/api-governance/api-definition/openapi3/), and [OpenAPI 2.0](/docs/api-governance/api-definition/openapi2/) formats in [Spec Hub](#check-rule-violations-in-spec-hub).

<Note>
  **Rule customization**. [Enterprise teams](https://www.postman.com/pricing/) can also customize the rules that Postman applies to API specifications. For more information, see [Configure API governance rules](/docs/api-governance/configurable-rules/configuring-api-governance-rules/).
</Note>

## Check rule violations in Spec Hub

To check the governance rule violations in an API specification in [Spec Hub](/docs/design-apis/specifications/overview/), do the following:

1. Expand **Specs** in the sidebar and select an API specification you want to review.
2. Below the specification editor, click **Governance** to view the list of rule violations.

To learn more, see [View rule violations in your specification](/docs/design-apis/specifications/validate-a-specification/#view-rule-violations-in-your-specification).

## Track governance rule violations in CI/CD

<Info>
  This feature is available with [Postman Enterprise plans](https://www.postman.com/pricing/).
</Info>

You can configure your CI/CD pipeline to enforce the [API Governance](/docs/api-governance/configurable-rules/configuring-api-governance-rules/) rules configured for your team every time the pipeline runs. To do this, generate a [Postman CLI](/docs/postman-cli/postman-cli-overview/) configuration. Then add the generated configuration to the CI/CD pipeline you're using.

To generate a Postman CLI configuration, do the following:

1. In the collection runner's **Functional** tab, click <img alt="Run icon" src="https://assets.postman.com/postman-docs/aether-icons/v12/icon-action-run-stroke.svg#icon" width="20px" /> **Run**.
2. In the **Functional** section of the collection runner configuration, select **Automate runs via CLI**.
3. Under **Run on CI/CD**, click **Configure command** to open the **Generate Postman CLI Configuration** tab.
4. From the dropdown menus, select your desired options.
5. If you haven't already saved a Postman API key as a secret environment variable, click **Generate API Key** and [save the key](/docs/developer/postman-api/authentication/#use-your-postman-api-key).
6. Click **Copy Postman CLI Command**. This generates and copies the command you'll need in the next step.
7. Paste the generated command into your CI/CD build configuration file.
8. When your CI/CD pipeline runs, it will run the command and check for governance rule violations.

## Next steps

For the list of all the rule violations that Postman might show at the API specification phase of development, see [OpenAPI 3 rules](/docs/api-governance/api-definition/openapi3/) and [OpenAPI 2 rules](/docs/api-governance/api-definition/openapi2/).