Categories

← View All Tools

OpenAPI Diff Breach Detector

Compare OpenAPI or GraphQL schemas, flag breaking changes, and generate an impact-oriented change report for API teams

Example Results

2 examples

Catch a removed response field before release

Compare two OpenAPI revisions and flag that a previously returned property disappeared from a 200 response payload

{
  "releaseRisk": "high",
  "summary": {
    "breakingChanges": 1
  },
  "changes": [
    {
      "path": "GET /users/{id} -> response 200.email",
      "summary": "Response field removed"
    }
  ]
}
View input parameters
{ "oldSchema": "openapi: 3.0.0\npaths:\n /users/{id}:\n get:\n responses:\n \"200\":\n description: ok\n content:\n application/json:\n schema:\n type: object\n properties:\n id: { type: string }\n email: { type: string }\n", "newSchema": "openapi: 3.0.0\npaths:\n /users/{id}:\n get:\n responses:\n \"200\":\n description: ok\n content:\n application/json:\n schema:\n type: object\n properties:\n id: { type: string }\n", "schemaType": "openapi", "includeImpactAnalysis": true }

Review a GraphQL input contract change

Detect when a new required field is added to an input object so frontend and mobile teams can update mutations before rollout

{
  "schemaType": "graphql",
  "summary": {
    "totalChanges": 1,
    "breakingChanges": 1,
    "dangerousChanges": 0,
    "nonBreakingChanges": 0
  },
  "impactedAreas": [
    "field"
  ],
  "releaseRisk": "high",
  "changes": [
    {
      "severity": "breaking",
      "area": "field",
      "path": "input:CreatePostInput.category",
      "summary": "Required input field added",
      "impact": "Mutations or queries sending this input object must populate the new required field."
    }
  ]
}
View input parameters
{ "oldSchema": "input CreatePostInput { title: String! }\ntype Mutation { createPost(input: CreatePostInput!): String! }", "newSchema": "input CreatePostInput { title: String!, category: String! }\ntype Mutation { createPost(input: CreatePostInput!): String! }", "schemaType": "graphql", "includeImpactAnalysis": true }

Key Facts

Category
Development
Input Types
textarea, select, text, checkbox
Output Type
json
Sample Coverage
4
API Ready
Yes

Overview

The OpenAPI Diff Breach Detector is a specialized utility designed for API teams to compare OpenAPI or GraphQL schemas and instantly identify breaking changes. By analyzing the differences between your old and new schema versions, it generates an impact-oriented report that highlights removed fields, modified endpoints, and altered input contracts. This helps developers, architects, and QA teams catch potentially disruptive API updates before they reach production, ensuring seamless integration for frontend and mobile consumers.

When to Use

  • Before merging pull requests that modify API contracts to ensure no breaking changes are introduced.
  • When preparing a new software release to assess the impact of schema updates on existing frontend or mobile consumers.
  • During code reviews to quickly verify that GraphQL mutations or REST endpoint modifications remain backward compatible.

How It Works

  • Paste the previous version of your OpenAPI (YAML/JSON) or GraphQL SDL into the Old Schema field.
  • Paste the updated version into the New Schema field and select the appropriate schema type.
  • Enable the impact analysis option to generate a detailed breakdown of the changes.
  • The tool compares the two schemas and outputs a structured JSON report highlighting breaking changes, release risks, and impacted areas.

Use Cases

Preventing mobile app crashes by detecting removed response fields in REST APIs before deployment.
Alerting frontend teams when a new required field is added to a GraphQL input object.
Generating automated, structured change logs for API documentation updates between version releases.

Examples

1. Catching a removed response field

Backend Developer
Background
A developer is refactoring a user profile endpoint and accidentally removes the email field from the response payload.
Problem
Need to ensure the updated OpenAPI spec doesn't break existing clients relying on the email field.
How to Use
Paste the old OpenAPI YAML and the new YAML into the respective fields, select 'OpenAPI / Swagger', and enable Impact Analysis.
Example Config
{
  "schemaType": "openapi",
  "includeImpactAnalysis": true
}
Outcome
The tool flags a 'high' release risk and identifies that 'response 200.email' was removed, allowing the developer to fix the regression before merging.

2. Reviewing a GraphQL input contract change

API Architect
Background
The team is adding a new 'category' requirement to the 'createPost' mutation to support a new feature.
Problem
Determine if adding this required field will break current frontend implementations.
How to Use
Input the old and new GraphQL SDL schemas, set the schema type to 'GraphQL', and run the comparison.
Example Config
{
  "schemaType": "graphql",
  "includeImpactAnalysis": true
}
Outcome
The report highlights a breaking change where a required input field was added, warning that existing mutations will fail unless updated to include the new category field.

Try with Samples

development
OpenAPI/Swagger Samples
Comprehensive API documentation examples using OpenAPI 3.0 and Swagger specifications for RESTful services
title token openapi
sample
OpenAPI/Swagger Samples
OpenAPI/Swagger specification examples for REST API documentation and contract definition
title token openapi
sample
Mock Service Worker Samples
Comprehensive MSW (Mock Service Worker) examples for API mocking, GraphQL, WebSocket mocking, and advanced request handling patterns
keywords graphql,api
sample
Apache Pulsar Samples
Apache Pulsar examples including pub/sub, readers, consumers with different subscription types, schema management, and tiered storage for enterprise messaging
keywords diff,schema
sample

Related Hubs

Json Generate Tools
Explore 33 json tools for generate workflows and compare closely related utilities quickly.
Design Generate Tools
Explore 19 design tools for generate workflows and compare closely related utilities quickly.
Pdf Generate Tools
Explore 10 pdf tools for generate workflows and compare closely related utilities quickly.
Audio Generate Tools
Explore 8 audio tools for generate workflows and compare closely related utilities quickly.

FAQ

What schema formats does this tool support?

It supports OpenAPI (Swagger) in YAML or JSON format, as well as GraphQL Schema Definition Language (SDL).

What is considered a breaking change?

Breaking changes include removing an existing endpoint, deleting a response field, changing a field's data type, or adding a new required input parameter that existing clients do not send.

Can the tool automatically detect my schema type?

Yes, you can set the Schema Type to 'Auto detect,' and the tool will infer whether you are comparing OpenAPI or GraphQL definitions based on the input syntax.

What does the impact analysis include?

The impact analysis evaluates the severity of changes, categorizing them as breaking, dangerous, or non-breaking, and assigns an overall release risk level to help teams prioritize fixes.

How do I view the comparison results?

The tool outputs a structured JSON report detailing the total changes, specific paths affected, and a summary of the impact for each modification.

API Documentation

Request Endpoint

POST /en/api/tools/openapi-diff-breach-detector

Request Parameters

Parameter Name Type Required Description
oldSchema textarea Yes -
newSchema textarea Yes -
schemaType select No -
inputFormat text No -
includeImpactAnalysis checkbox No -

Response Format

{
  "key": {...},
  "metadata": {
    "key": "value"
  },
  "error": "Error message (optional)",
  "message": "Notification message (optional)"
}
JSON Data: JSON Data

AI MCP Documentation

Add this tool to your MCP server configuration: 

{
  "mcpServers": {
    "elysiatools-openapi-diff-breach-detector": {
      "name": "openapi-diff-breach-detector",
      "description": "Compare OpenAPI or GraphQL schemas, flag breaking changes, and generate an impact-oriented change report for API teams",
      "baseUrl": "https://elysiatools.com/mcp/sse?toolId=openapi-diff-breach-detector",
      "command": "",
      "args": [],
      "env": {},
      "isActive": true,
      "type": "sse"
    }
  }
}

You can chain multiple tools, e.g.: `https://elysiatools.com/mcp/sse?toolId=png-to-webp,jpg-to-webp,gif-to-webp`, max 20 tools.

If you encounter any issues, please contact us at [email protected]