← Back to Overview

COLLECTIONS

Collection JSON Schema

Complete type reference for the .openpost/collections.json file format. The file contains an array of Collection objects.

File Structure

// .openpost/collections.json
[
  {
    "id": "uuid-v4",
    "name": "My API",
    "description": "Optional markdown description",
    "folders": [ /* CollectionFolder[] */ ],
    "requests": [ /* ApiRequest[] */ ],
    "variables": [ /* KeyValue[] */ ],
    "auth": { /* AuthConfig */ },
    "certificateConfig": { /* CertificateConfig */ },
    "preRequestScript": "// JS code",
    "testScript": "// JS code"
  }
]

Collection

FieldTypeRequiredDescription
idstringUUID v4 unique identifier
namestringDisplay name
descriptionstringMarkdown description shown in collection editor Overview tab
foldersCollectionFolder[]Nested folders. Array index = display order
requestsApiRequest[]Top-level requests. Array index = display order
variablesKeyValue[]Collection-scoped variables (lowest priority in resolution chain)
authAuthConfigCollection-level auth inherited by children
certificateConfigCertificateConfigTLS client certificates at collection level
preRequestScriptstringJavaScript that runs before each inherited request
testScriptstringJavaScript that runs after each inherited request

CollectionFolder

FieldTypeRequiredDescription
idstringUUID v4
namestringFolder name
requestsApiRequest[]Requests in this folder
foldersCollectionFolder[]Recursive child folders (unlimited depth)
authAuthConfigFolder-level auth
inheritAuthbooleanInherit auth from parent folder/collection
certificateConfigCertificateConfigTLS certs at folder level
inheritCertificatebooleanInherit certificates from parent
preRequestScriptstringPre-request JS for this folder
testScriptstringTest JS for this folder
inheritScriptsbooleanInherit scripts from parent (concatenated)

ApiRequest

FieldTypeReqDescription
idstringUUID v4
namestringDisplay name
methodstringHTTP method (GET, POST, PUT, DELETE, PATCH, HEAD, OPTIONS, or custom)
urlstringURL (may contain {{variable}} placeholders)
paramsKeyValue[]Query parameters
headersKeyValue[]Request headers
bodyRequestBodyRequest body configuration
authAuthConfigAuth configuration
inheritAuthbooleanInherit from parent (default: false)
inheritScriptsbooleanInherit scripts from parent
inheritCertificatebooleanInherit TLS certs from parent
preRequestScriptstringPre-request JavaScript
testScriptstringTest JavaScript
testRulesTestRule[]GUI assertion rules
setVariablesSetVariable[]Response extraction rules
proxyIdstringReferences a ProxyConfig.id
certificateConfigCertificateConfigPer-request TLS certificates
mcpDescriptionstringDescription when exposed as MCP tool
mcpInputSchemaobjectJSON Schema for MCP tool parameters
isSSEbooleanForce SSE streaming mode
grpcConfigGrpcConfiggRPC call configuration

RequestBody

FieldTypeDescription
type"none" | "json" | "raw" | "xml" | "graphql" | "form-data" | "x-www-form-urlencoded" | "binary"Body type selector
rawstringContent for json, raw, or xml types
formDataKeyValue[]Text fields for form-data / urlencoded
formDataFilesFormDataItem[]File fields for multipart form-data
graphqlGraphQLBodyGraphQL query, variables, and operation name
binaryPathstringAbsolute path to binary file
binaryNamestringDisplay filename for binary

AuthConfig

{
  "type": "none" | "basic" | "bearer" | "api-key" | "oauth2" | "aws-sigv4" | "digest",
  "basic": { "username": "string", "password": "string" },
  "bearer": { "token": "string" },
  "apiKey": { "key": "string", "value": "string", "addTo": "header" | "query" },
  "oauth2": {
    "grantType": "authorization_code" | "client_credentials",
    "authUrl": "string", "tokenUrl": "string",
    "clientId": "string", "clientSecret": "string",
    "scope": "string", "accessToken": "string"
  },
  "awsSigV4": { "accessKey": "string", "secretKey": "string", "region": "string", "service": "string" },
  "digest": { "username": "string", "password": "string" }
}

Only the sub-object matching type needs to be present. All string values support {{variable}} interpolation.

KeyValue

{ "key": "string", "value": "string", "enabled": true | false }

Used for params, headers, form fields, environment variables, and collection variables. Disabled entries are stored but not sent.

FormDataItem

{ "key": "string", "value": "string", "enabled": true, "fieldType": "text" | "file", "filePath": "/path", "fileName": "file.png" }

GraphQLBody

{ "query": "query { users { id name } }", "variables": "{}", "operationName": "GetUsers", "schemaUrlOverride": "https://..." }

variables is a JSON string. operationName is only needed when the document contains multiple operations.

TestRule

{
  "id": "uuid",
  "source": "status" | "time" | "size" | "body" | "jsonpath" | "header" | "content-type" | "content-length" | "body-contains" | "body-is-json" | "body-schema",
  "property": "$.data.id",      // JSONPath expression, header name, or empty
  "operator": "eq" | "neq" | "gt" | "gte" | "lt" | "lte" | "contains" | "not-contains" | "matches" | "not-matches" | "is-empty" | "is-not-empty" | "exists" | "not-exists" | "is-type",
  "expected": "200",
  "enabled": true
}

SetVariable

{
  "id": "uuid",
  "source": "jsonpath" | "header" | "body" | "regex",
  "property": "$.token",         // JSONPath, header name, or regex pattern
  "variableName": "auth_token",  // saved to active environment
  "enabled": true
}

CertificateConfig

{ "clientCertId": "vault-entry-id", "privateKeyId": "vault-entry-id", "caBundleId": "vault-entry-id" }

References CertificateEntry.id values stored in the encrypted vault.

GrpcConfig

{
  "protoFilePath": "/path/to/service.proto",
  "protoFileName": "service.proto",
  "serviceName": "UserService",
  "methodName": "GetUser",
  "useReflection": false,
  "callType": "unary" | "server-streaming",
  "messageBody": "{ \"id\": 1 }"
}

Full Example

[
  {
    "id": "a1b2c3d4-e5f6-7890-abcd-ef1234567890",
    "name": "User API",
    "description": "# User Service\nCRUD operations for user management.",
    "variables": [
      { "key": "base_url", "value": "https://api.example.com", "enabled": true }
    ],
    "auth": { "type": "bearer", "bearer": { "token": "{{api_token}}" } },
    "preRequestScript": "request.headers.push({ key: 'X-Request-Id', value: crypto.randomUUID(), enabled: true });",
    "testScript": "",
    "folders": [
      {
        "id": "f1f2f3f4-0000-0000-0000-000000000001",
        "name": "Users",
        "inheritAuth": true,
        "inheritScripts": true,
        "folders": [],
        "requests": [
          {
            "id": "r1r2r3r4-0000-0000-0000-000000000001",
            "name": "Get User",
            "method": "GET",
            "url": "{{base_url}}/users/{{user_id}}",
            "params": [],
            "headers": [
              { "key": "Accept", "value": "application/json", "enabled": true }
            ],
            "body": { "type": "none" },
            "auth": { "type": "none" },
            "inheritAuth": true,
            "testRules": [
              { "id": "t1", "source": "status", "property": "", "operator": "eq", "expected": "200", "enabled": true }
            ],
            "setVariables": [
              { "id": "sv1", "source": "jsonpath", "property": "$.name", "variableName": "user_name", "enabled": true }
            ]
          }
        ]
      }
    ],
    "requests": []
  }
]
Ko-fi