prism proxy: Contract-Validate a Live API
prism proxy sits in front of a real backend and validates every request and response against the OpenAPI contract.
Where prism mock replaces the backend, prism proxy keeps it and checks that live traffic conforms to the spec, catching contract drift between docs and implementation.
What it does
prism proxy takes the spec plus an upstream base URL, forwards each request to the upstream, and compares both the request and the returned response against the OpenAPI document. With --errors it turns violations into error responses instead of warnings.
Common usage
prism proxy openapi.yaml https://api.internal.example.com
# enforce contract violations as errors in CI
prism proxy --errors openapi.yaml http://localhost:3000Options
| Flag | What it does |
|---|---|
| <spec> <upstream> | OpenAPI file then the upstream base URL |
| -p, --port <n> | Local port for the proxy (default 4010) |
| -h, --host <addr> | Interface to bind |
| --errors | Fail requests that violate the contract |
| --upstream-proxy <url> | Route upstream calls through an HTTP proxy |
In CI
Point your integration test suite at the Prism proxy instead of the backend directly, with --errors so any response that deviates from the spec surfaces as a failing request. This turns your existing tests into contract tests without new assertions.
Common errors in CI
A response that does not match the schema yields a violation such as Violation: response.body should have required property 'id', and with --errors the proxy returns a 500/violations payload the test then fails on. ECONNREFUSED means the upstream URL is wrong or the backend is not up yet; wait for it before starting the proxy.