***

title: Track governance and security rule violations in the API specification
approved: 2024-07-01T00:00:00.000Z
slug: docs/api-governance/api-definition/api-definition-warnings
max-toc-depth: 2
ux: v12
-------

Postman supports API governance and API security rules for API specifications in [OpenAPI 3.1](/docs/api-governance/api-definition/openapi3/), [OpenAPI 3.0](/docs/api-governance/api-definition/openapi3/), and [OpenAPI 2.0](/docs/api-governance/api-definition/openapi2/) formats in [Spec Hub](#check-rule-violations-in-spec-hub).

<Info class="iconless-callout">
  **Rule customization**. [Enterprise teams](https://www.postman.com/pricing/) can also customize the rules that Postman applies to API specifications. For more information, see [Configure API governance rules](/docs/api-governance/configurable-rules/configuring-api-governance-rules/).
</Info>

## Check rule violations in Spec Hub

To check the governance rule violations in an API specification in [Spec Hub](/docs/design-apis/specifications/overview/), do the following:

1. Expand **Specs** in the sidebar, and then select an API specification you want to review.
2. Below the specification editor, click **Governance** to view the list of rule violations.

To learn more, see [View rule violations in your specification](/docs/design-apis/specifications/validate-a-specification/#view-rule-violations-in-your-specification).

## Track governance and security rule violations in CI/CD

<Info class="iconless-callout">
  This feature is available with [Postman Enterprise plans](https://www.postman.com/pricing/).
</Info>

You can configure your CI/CD pipeline to enforce the [API Governance and Security](/docs/api-governance/configurable-rules/configuring-api-governance-rules/) rules configured for your team every time the pipeline runs. To do this, generate a [Postman CLI](/docs/postman-cli/postman-cli-overview/) configuration. Then add the generated configuration to the CI/CD pipeline you're using, as described in [Configure the Postman CLI for CI](/docs/integrations/ci-integrations/#configure-the-postman-cli-for-ci).

To generate a Postman CLI configuration, do the following:

1. In the collection runner's **Functional** tab, select **Automate runs via CLI**.
2. Under **Run on CI/CD**, click **Configure command** to open the **Generate Postman CLI Configuration** tab.
3. From the dropdown menus, select your desired options.
4. If you haven't already saved a Postman API key as a secret environment variable, click **Generate API Key** and [save the key](/docs/developer/postman-api/authentication/#use-your-postman-api-key).
5. Click **Copy Postman CLI Command**. This generates and copies the command you'll need in the next step.
6. Paste the generated command into your CI/CD build configuration file.
7. When your CI/CD pipeline runs, it will run the command and check for governance and security rule violations.

## Next steps

For the list of all the rule violations that Postman might show at the API specification phase of development, see [OpenAPI 3 rules](/docs/api-governance/api-definition/openapi3/) and [OpenAPI 2 rules](/docs/api-governance/api-definition/openapi2/).