diff --git a/pom.xml b/pom.xml
index e6934b5a0..2c6b7d06a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -112,6 +112,7 @@
         <lib.protobuf-java.version>3.25.3</lib.protobuf-java.version>
         <lib.testcontainers.version>1.20.0</lib.testcontainers.version>
         <lib.resilience4j.version>2.2.0</lib.resilience4j.version>
+        <lib.swagger-parser.version>2.1.22</lib.swagger-parser.version>
         <lib.system-rules.version>1.19.0</lib.system-rules.version>
         <lib.versatile.version>0.7.0</lib.versatile.version>
         <lib.woodstox.version>6.6.2</lib.woodstox.version>
@@ -298,9 +299,10 @@
             <version>${lib.swagger.version}</version>
         </dependency>
         <dependency>
-            <groupId>io.swagger.core.v3</groupId>
-            <artifactId>swagger-jaxrs2-servlet-initializer-v2</artifactId>
-            <version>${lib.swagger.version}</version>
+            <groupId>io.swagger.parser.v3</groupId>
+            <artifactId>swagger-parser</artifactId>
+            <version>${lib.swagger-parser.version}</version>
+            <scope>test</scope>
         </dependency>
 
         <dependency>
@@ -550,6 +552,7 @@
                 <filtering>true</filtering>
                 <includes>
                     <include>application.version</include>
+                    <include>openapi-configuration.yaml</include>
                 </includes>
             </resource>
         </resources>
diff --git a/src/main/java/org/dependencytrack/resources/v1/AccessControlResource.java b/src/main/java/org/dependencytrack/resources/v1/AccessControlResource.java
index 653e70a9a..822f03bf5 100644
--- a/src/main/java/org/dependencytrack/resources/v1/AccessControlResource.java
+++ b/src/main/java/org/dependencytrack/resources/v1/AccessControlResource.java
@@ -81,6 +81,7 @@ public class AccessControlResource extends AlpineResource {
     @ApiResponses(value = {
             @ApiResponse(
                     responseCode = "200",
+                    description = "Projects assigned to the specified team",
                     headers = @Header(name = TOTAL_COUNT_HEADER, description = "The total number of projects", schema = @Schema(format = "integer")),
                     content = @Content(array = @ArraySchema(schema = @Schema(implementation = Project.class)))
             ),
@@ -113,7 +114,7 @@ public Response retrieveProjects(@Parameter(description = "The UUID of the team
             description = "<p>Requires permission <strong>ACCESS_MANAGEMENT</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = AclMappingRequest.class))),
+            @ApiResponse(responseCode = "200", description = "Mapping created successfully", content = @Content(schema = @Schema(implementation = AclMappingRequest.class))),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The UUID of the team or project could not be found"),
             @ApiResponse(responseCode = "409", description = "A mapping with the same team and project already exists")
@@ -151,6 +152,7 @@ public Response addMapping(AclMappingRequest request) {
             description = "<p>Requires permission <strong>ACCESS_MANAGEMENT</strong> or <strong>ACCESS_MANAGEMENT_DELETE</strong></p>"
     )
     @ApiResponses(value = {
+            @ApiResponse(responseCode = "200", description = "Mapping removed successfully"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The UUID of the team or project could not be found"),
     })
diff --git a/src/main/java/org/dependencytrack/resources/v1/AnalysisResource.java b/src/main/java/org/dependencytrack/resources/v1/AnalysisResource.java
index 12b7e5a48..7e295c10c 100644
--- a/src/main/java/org/dependencytrack/resources/v1/AnalysisResource.java
+++ b/src/main/java/org/dependencytrack/resources/v1/AnalysisResource.java
@@ -81,6 +81,11 @@ public class AnalysisResource extends AlpineResource {
             description = "<p>Requires permission <strong>VIEW_VULNERABILITY</strong></p>"
     )
     @ApiResponses(value = {
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "An analysis trail",
+                    content = @Content(schema = @Schema(implementation = Analysis.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The project, component, or vulnerability could not be found")
     })
@@ -128,7 +133,11 @@ public Response retrieveAnalysis(@Parameter(description = "The UUID of the proje
             description = "<p>Requires permission <strong>VULNERABILITY_ANALYSIS</strong></strong> or <strong>VULNERABILITY_ANALYSIS_UPDATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = Analysis.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The created analysis",
+                    content = @Content(schema = @Schema(implementation = Analysis.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The project, component, or vulnerability could not be found")
     })
diff --git a/src/main/java/org/dependencytrack/resources/v1/BadgeResource.java b/src/main/java/org/dependencytrack/resources/v1/BadgeResource.java
index ab3002e68..41e8db3aa 100644
--- a/src/main/java/org/dependencytrack/resources/v1/BadgeResource.java
+++ b/src/main/java/org/dependencytrack/resources/v1/BadgeResource.java
@@ -67,7 +67,11 @@ private boolean isBadgeSupportEnabled(final QueryManager qm) {
             summary = "Returns current metrics for a specific project"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(type = "string", implementation = ProjectMetrics.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "A badge displaying current vulnerability metrics for a project in SVG format",
+                    content = @Content(schema = @Schema(type = "string"))
+            ),
             @ApiResponse(responseCode = "204", description = "Badge support is disabled. No content will be returned."),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The project could not be found")
@@ -99,7 +103,11 @@ public Response getProjectVulnerabilitiesBadge(
             summary = "Returns current metrics for a specific project"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(type = "string", implementation = ProjectMetrics.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "A badge displaying current vulnerability metrics for a project in SVG format",
+                    content = @Content(schema = @Schema(type = "string"))
+            ),
             @ApiResponse(responseCode = "204", description = "Badge support is disabled. No content will be returned."),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The project could not be found")
@@ -133,7 +141,11 @@ public Response getProjectVulnerabilitiesBadge(
             summary = "Returns a policy violations badge for a specific project"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(type = "string"))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "A badge displaying current policy violation metrics of a project in SVG format",
+                    content = @Content(schema = @Schema(type = "string"))
+            ),
             @ApiResponse(responseCode = "204", description = "Badge support is disabled. No content will be returned."),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The project could not be found")
@@ -165,7 +177,11 @@ public Response getProjectPolicyViolationsBadge(
             summary = "Returns a policy violations badge for a specific project"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(type = "string"))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "A badge displaying current policy violation metrics of a project in SVG format",
+                    content = @Content(schema = @Schema(type = "string"))
+            ),
             @ApiResponse(responseCode = "204", description = "Badge support is disabled. No content will be returned."),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The project could not be found")
diff --git a/src/main/java/org/dependencytrack/resources/v1/BomResource.java b/src/main/java/org/dependencytrack/resources/v1/BomResource.java
index 0638de75e..3213b58c1 100644
--- a/src/main/java/org/dependencytrack/resources/v1/BomResource.java
+++ b/src/main/java/org/dependencytrack/resources/v1/BomResource.java
@@ -109,8 +109,12 @@ public class BomResource extends AlpineResource {
             description = "<p>Requires permission <strong>VIEW_PORTFOLIO</strong></p>"
     )
     @ApiResponses(value = {
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "Dependency metadata for a project in CycloneDX format",
+                    content = @Content(schema = @Schema(type = "string"))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(type = "string"))),
             @ApiResponse(responseCode = "403", description = "Access to the specified project is forbidden"),
             @ApiResponse(responseCode = "404", description = "The project could not be found")
     })
@@ -179,7 +183,11 @@ public Response exportProjectAsCycloneDx(
             description = "<p>Requires permission <strong>VIEW_PORTFOLIO</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(type = "string"))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "Dependency metadata for a specific component in CycloneDX format",
+                    content = @Content(schema = @Schema(type = "string"))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "403", description = "Access to the specified component is forbidden"),
             @ApiResponse(responseCode = "404", description = "The component could not be found")
@@ -245,9 +253,19 @@ public Response exportComponentAsCycloneDx(
             operationId = "UploadBomBase64Encoded"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = BomUploadResponse.class))),
-            @ApiResponse(responseCode = "400", description = "Invalid BOM", content = @Content(schema = @Schema(implementation = InvalidBomProblemDetails.class),
-                    mediaType = ProblemDetails.MEDIA_TYPE_JSON)),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "Token to be used for checking BOM processing progress",
+                    content = @Content(schema = @Schema(implementation = BomUploadResponse.class))
+            ),
+            @ApiResponse(
+                    responseCode = "400",
+                    description = "Invalid BOM",
+                    content = @Content(
+                            schema = @Schema(implementation = InvalidBomProblemDetails.class),
+                            mediaType = ProblemDetails.MEDIA_TYPE_JSON
+                    )
+            ),
             @ApiResponse(responseCode = "400", description = "The uploaded BOM is invalid"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "403", description = "Access to the specified project is forbidden"),
@@ -332,11 +350,18 @@ public Response uploadBom(@Parameter(required = true) BomSubmitRequest request)
             operationId = "UploadBom"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = BomUploadResponse.class))),
-            @ApiResponse(responseCode = "400", description = "Invalid BOM", content = @Content(
-                    schema = @Schema(implementation = InvalidBomProblemDetails.class),
-                    mediaType = ProblemDetails.MEDIA_TYPE_JSON
-            )
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "Token to be used for checking BOM processing progress",
+                    content = @Content(schema = @Schema(implementation = BomUploadResponse.class))
+            ),
+            @ApiResponse(
+                    responseCode = "400",
+                    description = "Invalid BOM",
+                    content = @Content(
+                            schema = @Schema(implementation = InvalidBomProblemDetails.class),
+                            mediaType = ProblemDetails.MEDIA_TYPE_JSON
+                    )
             ),
             @ApiResponse(responseCode = "400", description = "The uploaded BOM is invalid"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
@@ -419,7 +444,11 @@ determine if any tasks (such as vulnerability analysis) is being performed on th
                     <p>Requires permission <strong>BOM_UPLOAD</strong></p>
                     <p><strong>Deprecated</strong>. Use <code>/v1/event/token/{uuid}</code> instead.</p>""")
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = IsTokenBeingProcessedResponse.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The processing status of the provided token",
+                    content = @Content(schema = @Schema(implementation = IsTokenBeingProcessedResponse.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized")
     })
     @PermissionRequired(Permissions.Constants.BOM_UPLOAD)
@@ -435,7 +464,7 @@ public Response isTokenBeingProcessed(
         AtomicBoolean hasTerminalStatus = new AtomicBoolean(true);
         IsTokenBeingProcessedResponse response = new IsTokenBeingProcessedResponse();
         workflowStates.stream().forEach(workflowState -> hasTerminalStatus.set(hasTerminalStatus.get() && (workflowState.getStatus() != WorkflowStatus.PENDING
-                && workflowState.getStatus() != WorkflowStatus.TIMED_OUT)));
+                                                                                                           && workflowState.getStatus() != WorkflowStatus.TIMED_OUT)));
         response.setProcessing(!hasTerminalStatus.get());
         return Response.ok(response).build();
     }
diff --git a/src/main/java/org/dependencytrack/resources/v1/CalculatorResource.java b/src/main/java/org/dependencytrack/resources/v1/CalculatorResource.java
index f93bbcbb9..7e885c5f5 100644
--- a/src/main/java/org/dependencytrack/resources/v1/CalculatorResource.java
+++ b/src/main/java/org/dependencytrack/resources/v1/CalculatorResource.java
@@ -57,11 +57,13 @@ public class CalculatorResource extends AlpineResource {
     @GET
     @Path("/cvss")
     @Produces(MediaType.APPLICATION_JSON)
-    @Operation(
-            summary = "Returns the CVSS base score, impact sub-score and exploitability sub-score"
-    )
+    @Operation(summary = "Returns the CVSS base score, impact sub-score and exploitability sub-score")
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(type = "number"))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The calculated scores",
+                    content = @Content(schema = @Schema(implementation = Score.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized")
     })
     public Response getCvssScores(
@@ -80,11 +82,13 @@ public Response getCvssScores(
     @GET
     @Path("/owasp")
     @Produces(MediaType.APPLICATION_JSON)
-    @Operation(
-            summary = "Returns the OWASP Risk Rating likelihood score, technical impact score and business impact score"
-    )
+    @Operation(summary = "Returns the OWASP Risk Rating likelihood score, technical impact score and business impact score")
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(type = "number"))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The calculated scores",
+                    content = @Content(schema = @Schema(implementation = us.springett.owasp.riskrating.Score.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized")
     })
     public Response getOwaspRRScores(
diff --git a/src/main/java/org/dependencytrack/resources/v1/ComponentPropertyResource.java b/src/main/java/org/dependencytrack/resources/v1/ComponentPropertyResource.java
index 698fcf752..adde6482f 100644
--- a/src/main/java/org/dependencytrack/resources/v1/ComponentPropertyResource.java
+++ b/src/main/java/org/dependencytrack/resources/v1/ComponentPropertyResource.java
@@ -63,11 +63,15 @@ public class ComponentPropertyResource extends AbstractConfigPropertyResource {
     @GET
     @Produces(MediaType.APPLICATION_JSON)
     @Operation(
-            summary = "Returns a list of all ComponentProperties for the specified component",
+            summary = "Returns a list of all properties for the specified component",
             description = "<p>Requires permission <strong>VIEW_PORTFOLIO</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(array = @ArraySchema(schema = @Schema(implementation = ComponentProperty.class)))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "A list of all properties for the specified component",
+                    content = @Content(array = @ArraySchema(schema = @Schema(implementation = ComponentProperty.class)))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "403", description = "Access to the specified project is forbidden"),
             @ApiResponse(responseCode = "404", description = "The project could not be found")
@@ -109,7 +113,11 @@ public Response getProperties(
             description = "<p>Requires permission <strong>PORTFOLIO_MANAGEMENT</strong> or <strong>PORTFOLIO_MANAGEMENT_CREATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "201", content = @Content(schema = @Schema(implementation = ComponentProperty.class))),
+            @ApiResponse(
+                    responseCode = "201",
+                    description = "The created component",
+                    content = @Content(schema = @Schema(implementation = ComponentProperty.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "403", description = "Access to the specified component is forbidden"),
             @ApiResponse(responseCode = "404", description = "The component could not be found"),
@@ -167,7 +175,7 @@ public Response createProperty(
             description = "<p>Requires permission <strong>PORTFOLIO_MANAGEMENT</strong> or <strong>PORTFOLIO_MANAGEMENT_DELETE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "204"),
+            @ApiResponse(responseCode = "204", description = "Property removed successfully"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "403", description = "Access to the specified component is forbidden"),
             @ApiResponse(responseCode = "404", description = "The component or component property could not be found"),
diff --git a/src/main/java/org/dependencytrack/resources/v1/ComponentResource.java b/src/main/java/org/dependencytrack/resources/v1/ComponentResource.java
index 3c71c445d..f0d50c721 100644
--- a/src/main/java/org/dependencytrack/resources/v1/ComponentResource.java
+++ b/src/main/java/org/dependencytrack/resources/v1/ComponentResource.java
@@ -110,6 +110,7 @@ public class ComponentResource extends AlpineResource {
     @ApiResponses(value = {
             @ApiResponse(
                     responseCode = "200",
+                    description = "A list of all components for a given project",
                     headers = @Header(name = TOTAL_COUNT_HEADER, description = "The total number of components", schema = @Schema(format = "integer")),
                     content = @Content(array = @ArraySchema(schema = @Schema(implementation = Component.class)))
             ),
@@ -148,7 +149,11 @@ public Response getAllComponents(
             description = "<p>Requires permission <strong>VIEW_PORTFOLIO</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = Component.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "A component",
+                    content = @Content(schema = @Schema(implementation = Component.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "403", description = "Access to the specified component is forbidden"),
             @ApiResponse(responseCode = "404", description = "The component could not be found")
@@ -198,7 +203,11 @@ public Response getComponentByUuid(
             description = "<p>Requires permission <strong>VIEW_PORTFOLIO</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = IntegrityMetaComponent.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "Integrity metadata of the component",
+                    content = @Content(schema = @Schema(implementation = IntegrityMetaComponent.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The integrity meta information for the specified component cannot be found"),
             @ApiResponse(responseCode = "400", description = "The package url being queried for is invalid")
@@ -237,7 +246,11 @@ public Response getIntegrityMetaComponent(
             description = "<p>Requires permission <strong>VIEW_PORTFOLIO</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = IntegrityAnalysis.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "Integrity metadata of the component",
+                    content = @Content(schema = @Schema(implementation = IntegrityAnalysis.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The integrity analysis information for the specified component cannot be found"),
     })
@@ -265,8 +278,12 @@ public Response getIntegrityStatus(
     )
     @PaginatedApi
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", headers = @Header(name = TOTAL_COUNT_HEADER, description = "The total number of components", schema = @Schema(format = "integer")),
-                    content = @Content(array = @ArraySchema(schema = @Schema(implementation = Component.class)))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "A list of components that have the specified component identity",
+                    headers = @Header(name = TOTAL_COUNT_HEADER, description = "The total number of components", schema = @Schema(format = "integer")),
+                    content = @Content(array = @ArraySchema(schema = @Schema(implementation = Component.class)))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized")
     })
     @PermissionRequired(Permissions.Constants.VIEW_PORTFOLIO)
@@ -325,9 +342,12 @@ public Response getComponentByIdentity(@Parameter(description = "The group of th
     )
     @PaginatedApi
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(array = @ArraySchema(schema = @Schema(implementation = Component.class))),
-                    headers = @Header(description = "The total number of components", name = TOTAL_COUNT_HEADER, schema = @Schema(format = "integer")
-                    )),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "A list of components that have the specified hash value",
+                    content = @Content(array = @ArraySchema(schema = @Schema(implementation = Component.class))),
+                    headers = @Header(description = "The total number of components", name = TOTAL_COUNT_HEADER, schema = @Schema(format = "integer"))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized")
     })
     @PermissionRequired(Permissions.Constants.VIEW_PORTFOLIO)
@@ -349,8 +369,11 @@ public Response getComponentByHash(
             description = "<p>Requires permission <strong>PORTFOLIO_MANAGEMENT</strong> or <strong>PORTFOLIO_MANAGEMENT_UPDATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(content = @Content(schema = @Schema(implementation = Component.class)),
-                    responseCode = "201"),
+            @ApiResponse(
+                    responseCode = "201",
+                    description = "The created component",
+                    content = @Content(schema = @Schema(implementation = Component.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "403", description = "Access to the specified project is forbidden"),
             @ApiResponse(responseCode = "404", description = "The project could not be found")
@@ -470,7 +493,11 @@ public Response createComponent(@Parameter(description = "The UUID of the projec
             description = "<p>Requires permission <strong>PORTFOLIO_MANAGEMENT</strong> or <strong>PORTFOLIO_MANAGEMENT_UPDATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "201", content = @Content(schema = @Schema(implementation = Component.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The updated component",
+                    content = @Content(schema = @Schema(implementation = Component.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "403", description = "Access to the specified component is forbidden"),
             @ApiResponse(responseCode = "404", description = "The UUID of the component could not be found"),
@@ -590,7 +617,7 @@ public Response updateComponent(Component jsonComponent) {
             description = "<p>Requires permission <strong>PORTFOLIO_MANAGEMENT</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "204"),
+            @ApiResponse(responseCode = "204", description = "Component removed successfully"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "403", description = "Access to the specified component is forbidden"),
             @ApiResponse(responseCode = "404", description = "The UUID of the component could not be found")
@@ -621,7 +648,7 @@ public Response deleteComponent(
             description = "<p>Requires permission <strong>SYSTEM_CONFIGURATION</strong> or <strong>SYSTEM_CONFIGURATION_READ</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "204"),
+            @ApiResponse(responseCode = "204", description = "Identification requested successfully"),
             @ApiResponse(responseCode = "401", description = "Unauthorized")
     })
     @PermissionRequired({Permissions.Constants.SYSTEM_CONFIGURATION, Permissions.Constants.SYSTEM_CONFIGURATION_READ})
@@ -638,8 +665,11 @@ public Response identifyInternalComponents() {
             description = "<p>Requires permission <strong>VIEW_PORTFOLIO</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200",
-                    content = @Content(schema = @Schema(type = "object"))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The expanded dependency graph to every occurrence of a component",
+                    content = @Content(schema = @Schema(type = "object"))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "403", description = "Access to the specified project is forbidden"),
             @ApiResponse(responseCode = "404", description = "- The UUID of the project could not be found\n- The UUID of the component could not be found")
diff --git a/src/main/java/org/dependencytrack/resources/v1/ConfigPropertyResource.java b/src/main/java/org/dependencytrack/resources/v1/ConfigPropertyResource.java
index 74969c369..ffa940a2c 100644
--- a/src/main/java/org/dependencytrack/resources/v1/ConfigPropertyResource.java
+++ b/src/main/java/org/dependencytrack/resources/v1/ConfigPropertyResource.java
@@ -64,7 +64,11 @@ public class ConfigPropertyResource extends AbstractConfigPropertyResource {
             description = "<p>Requires permission <strong>SYSTEM_CONFIGURATION</strong> or <strong>SYSTEM_CONFIGURATION_READ</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(array = @ArraySchema(schema = @Schema(implementation = ConfigProperty.class)))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "A list of all ConfigProperties for the specified groupName",
+                    content = @Content(array = @ArraySchema(schema = @Schema(implementation = ConfigProperty.class)))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized")
     })
     @PermissionRequired({Permissions.Constants.SYSTEM_CONFIGURATION, Permissions.Constants.SYSTEM_CONFIGURATION_READ})
@@ -92,7 +96,11 @@ public Response getConfigProperties() {
             description = "<p>Requires permission <strong>SYSTEM_CONFIGURATION</strong> or <strong>SYSTEM_CONFIGURATION_UPDATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = ConfigProperty.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The updated config property",
+                    content = @Content(schema = @Schema(implementation = ConfigProperty.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The config property could not be found"),
     })
@@ -114,11 +122,16 @@ public Response updateConfigProperty(ConfigProperty json) {
     @Path("aggregate")
     @Consumes(MediaType.APPLICATION_JSON)
     @Produces(MediaType.APPLICATION_JSON)
-    @Operation(summary = "Updates an array of config properties",
+    @Operation(
+            summary = "Updates an array of config properties",
             description = "<p>Requires permission <strong>SYSTEM_CONFIGURATION</strong> or <strong>SYSTEM_CONFIGURATION_UPDATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(array = @ArraySchema(schema = @Schema(implementation = ConfigProperty.class)))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The updated config properties",
+                    content = @Content(array = @ArraySchema(schema = @Schema(implementation = ConfigProperty.class)))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "One or more config properties could not be found"),
     })
diff --git a/src/main/java/org/dependencytrack/resources/v1/CweResource.java b/src/main/java/org/dependencytrack/resources/v1/CweResource.java
index 1586d8685..a5a9a0739 100644
--- a/src/main/java/org/dependencytrack/resources/v1/CweResource.java
+++ b/src/main/java/org/dependencytrack/resources/v1/CweResource.java
@@ -62,6 +62,7 @@ public class CweResource extends AlpineResource {
     @ApiResponses(value = {
             @ApiResponse(
                     responseCode = "200",
+                    description = "A list of all CWEs",
                     headers = @Header(name = TOTAL_COUNT_HEADER, description = "The total number of CWEs", schema = @Schema(format = "integer")),
                     content = @Content(array = @ArraySchema(schema = @Schema(implementation = Cwe.class)))
             ),
@@ -79,7 +80,11 @@ public Response getCwes() {
             summary = "Returns a specific CWE"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = Cwe.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "A CWE matching the provided ID",
+                    content = @Content(schema = @Schema(implementation = Cwe.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The CWE could not be found")
     })
diff --git a/src/main/java/org/dependencytrack/resources/v1/DependencyGraphResource.java b/src/main/java/org/dependencytrack/resources/v1/DependencyGraphResource.java
index c61d40287..e62ac02c6 100644
--- a/src/main/java/org/dependencytrack/resources/v1/DependencyGraphResource.java
+++ b/src/main/java/org/dependencytrack/resources/v1/DependencyGraphResource.java
@@ -81,7 +81,11 @@ public class DependencyGraphResource extends AlpineResource {
             description = "<p>Requires permission <strong>VIEW_PORTFOLIO</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(array = @ArraySchema(schema = @Schema(implementation = DependencyGraphResponse.class)))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "A list of specific components and services from project UUID",
+                    content = @Content(array = @ArraySchema(schema = @Schema(implementation = DependencyGraphResponse.class)))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "403", description = "Access to a specified component is forbidden"),
             @ApiResponse(responseCode = "404", description = "Any component can be found"),
@@ -119,7 +123,11 @@ public Response getComponentsAndServicesByProjectUuid(@Parameter(description = "
             description = "<p>Requires permission <strong>VIEW_PORTFOLIO</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(array = @ArraySchema(schema = @Schema(implementation = DependencyGraphResponse.class)))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "A list of specific components and services from component UUID",
+                    content = @Content(array = @ArraySchema(schema = @Schema(implementation = DependencyGraphResponse.class)))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "403", description = "Access to a specified component is forbidden"),
             @ApiResponse(responseCode = "404", description = "Any component can be found"),
diff --git a/src/main/java/org/dependencytrack/resources/v1/EventResource.java b/src/main/java/org/dependencytrack/resources/v1/EventResource.java
index 5dd155c16..df75bf50e 100644
--- a/src/main/java/org/dependencytrack/resources/v1/EventResource.java
+++ b/src/main/java/org/dependencytrack/resources/v1/EventResource.java
@@ -72,7 +72,11 @@ public class EventResource extends AlpineResource {
                     </p>"""
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = IsTokenBeingProcessedResponse.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The processing status of the provided token",
+                    content = @Content(schema = @Schema(implementation = IsTokenBeingProcessedResponse.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized")
     })
     public Response isTokenBeingProcessed(
diff --git a/src/main/java/org/dependencytrack/resources/v1/FindingResource.java b/src/main/java/org/dependencytrack/resources/v1/FindingResource.java
index 2de146f60..64edd2f18 100644
--- a/src/main/java/org/dependencytrack/resources/v1/FindingResource.java
+++ b/src/main/java/org/dependencytrack/resources/v1/FindingResource.java
@@ -97,8 +97,12 @@ public class FindingResource extends AlpineResource {
     @ApiResponses(value = {
             @ApiResponse(
                     responseCode = "200",
+                    description = "A list of all findings for a specific project, or a SARIF file",
                     headers = @Header(name = TOTAL_COUNT_HEADER, description = "The total number of findings", schema = @Schema(format = "integer")),
-                    content = @Content(array = @ArraySchema(schema = @Schema(implementation = Finding.class)))
+                    content = {
+                            @Content(array = @ArraySchema(schema = @Schema(implementation = Finding.class)), mediaType = MediaType.APPLICATION_JSON),
+                            @Content(schema = @Schema(type = "string"), mediaType = MEDIA_TYPE_SARIF_JSON)
+                    }
             ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "403", description = "Access to the specified project is forbidden"),
@@ -150,7 +154,11 @@ public Response getFindingsByProject(@Parameter(description = "The UUID of the p
             description = "<p>Requires permission <strong>VIEW_VULNERABILITY</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(type = "string"))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The findings for the specified project as FPF",
+                    content = @Content(schema = @Schema(type = "string"))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "403", description = "Access to the specified project is forbidden"),
             @ApiResponse(responseCode = "404", description = "The project could not be found")
@@ -183,6 +191,7 @@ public Response exportFindingsByProject(@Parameter(description = "The UUID of th
             description = "<p>Requires permission <strong>SYSTEM_CONFIGURATION</strong> or <strong>SYSTEM_CONFIGURATION_CREATE</strong></p>"
     )
     @ApiResponses(value = {
+            @ApiResponse(responseCode = "200", description = "Analysis triggered successfully"),
             @ApiResponse(responseCode = "304", description = "Analysis is already in progress"),
             @ApiResponse(responseCode = "401", description = "Unauthorized")
     })
@@ -206,7 +215,11 @@ public Response analyzePortfolio() {
             description = "<p>Requires permission <strong>VIEW_VULNERABILITY</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = BomUploadResponse.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "Token to be used for checking analysis progress",
+                    content = @Content(schema = @Schema(implementation = BomUploadResponse.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "403", description = "Access to the specified project is forbidden"),
             @ApiResponse(responseCode = "404", description = "The project could not be found")
@@ -246,6 +259,7 @@ public Response analyzeProject(
     @ApiResponses(value = {
             @ApiResponse(
                     responseCode = "200",
+                    description = "A list of all findings",
                     headers = @Header(name = TOTAL_COUNT_HEADER, description = "The total number of findings", schema = @Schema(format = "integer")),
                     content = @Content(array = @ArraySchema(schema = @Schema(implementation = Finding.class)))
             ),
@@ -312,6 +326,7 @@ public Response getAllFindings(@Parameter(description = "Show inactive projects"
     @ApiResponses(value = {
             @ApiResponse(
                     responseCode = "200",
+                    description = "A list of all findings grouped by vulnerability",
                     headers = @Header(name = TOTAL_COUNT_HEADER, description = "The total number of findings", schema = @Schema(format = "integer")),
                     content = @Content(array = @ArraySchema(schema = @Schema(implementation = Finding.class)))
             ),
diff --git a/src/main/java/org/dependencytrack/resources/v1/IntegrationResource.java b/src/main/java/org/dependencytrack/resources/v1/IntegrationResource.java
index d85ac6666..cf6aa8a7b 100644
--- a/src/main/java/org/dependencytrack/resources/v1/IntegrationResource.java
+++ b/src/main/java/org/dependencytrack/resources/v1/IntegrationResource.java
@@ -58,6 +58,7 @@ public class IntegrationResource extends AlpineResource {
     @ApiResponses(value = {
             @ApiResponse(
                     responseCode = "200",
+                    description = "A list of all ecosystems in OSV",
                     content = @Content(array = @ArraySchema(schema = @Schema(type = "string")))
             ),
             @ApiResponse(responseCode = "401", description = "Unauthorized")
@@ -79,6 +80,7 @@ public Response getAllEcosystems() {
     @ApiResponses(value = {
             @ApiResponse(
                     responseCode = "200",
+                    description = "A list of available inactive ecosystems in OSV to be selected by user",
                     content = @Content(array = @ArraySchema(schema = @Schema(type = "string")))
             ),
             @ApiResponse(responseCode = "401", description = "Unauthorized")
diff --git a/src/main/java/org/dependencytrack/resources/v1/LdapResource.java b/src/main/java/org/dependencytrack/resources/v1/LdapResource.java
index 94a023b07..3e96e9035 100644
--- a/src/main/java/org/dependencytrack/resources/v1/LdapResource.java
+++ b/src/main/java/org/dependencytrack/resources/v1/LdapResource.java
@@ -88,6 +88,7 @@ public class LdapResource extends AlpineResource {
     @ApiResponses(value = {
             @ApiResponse(
                     responseCode = "200",
+                    description = "DNs of all accessible groups within the directory",
                     headers = @Header(name = TOTAL_COUNT_HEADER, description = "The total number of ldap groups that match the specified search criteria", schema = @Schema(format = "integer")),
                     content = @Content(array = @ArraySchema(schema = @Schema(type = "string")))
             ),
@@ -134,7 +135,11 @@ public Response retrieveLdapGroups() {
             description = "<p>Requires permission <strong>ACCESS_MANAGEMENT</strong> or <strong>ACCESS_MANAGEMENT_READ</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(array = @ArraySchema(schema = @Schema(implementation = MappedLdapGroup.class)))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "DNs of all groups mapped to the specified team",
+                    content = @Content(array = @ArraySchema(schema = @Schema(implementation = MappedLdapGroup.class)))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The UUID of the team could not be found"),
     })
@@ -160,7 +165,11 @@ public Response retrieveLdapGroups(@Parameter(description = "The UUID of the tea
             description = "<p>Requires permission <strong>ACCESS_MANAGEMENT</strong> or <strong>ACCESS_MANAGEMENT_CREATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = MappedLdapGroup.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The created mapping",
+                    content = @Content(schema = @Schema(implementation = MappedLdapGroup.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The UUID of the team could not be found"),
             @ApiResponse(responseCode = "409", description = "A mapping with the same team and dn already exists")
@@ -195,7 +204,7 @@ public Response addMapping(MappedLdapGroupRequest request) {
             description = "<p>Requires permission <strong>ACCESS_MANAGEMENT</strong> or <strong>ACCESS_MANAGEMENT_DELETE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "204"),
+            @ApiResponse(responseCode = "204", description = "Mapping removed successfully"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The UUID of the mapping could not be found"),
     })
diff --git a/src/main/java/org/dependencytrack/resources/v1/LicenseGroupResource.java b/src/main/java/org/dependencytrack/resources/v1/LicenseGroupResource.java
index f3d64559f..88b6dcf14 100644
--- a/src/main/java/org/dependencytrack/resources/v1/LicenseGroupResource.java
+++ b/src/main/java/org/dependencytrack/resources/v1/LicenseGroupResource.java
@@ -77,6 +77,7 @@ public class LicenseGroupResource extends AlpineResource {
     @ApiResponses(value = {
             @ApiResponse(
                     responseCode = "200",
+                    description = "A list of all license groups",
                     headers = @Header(name = TOTAL_COUNT_HEADER, description = "The total number of license groups", schema = @Schema(format = "integer")),
                     content = @Content(array = @ArraySchema(schema = @Schema(implementation = LicenseGroup.class)))
             ),
@@ -98,6 +99,11 @@ public Response getLicenseGroups() {
             description = "<p>Requires permission <strong>POLICY_MANAGEMENT</strong> or <strong>POLICY_MANAGEMENT_READ</strong></p>"
     )
     @ApiResponses(value = {
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "A specific license group",
+                    content = @Content(schema = @Schema(implementation = LicenseGroup.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The license group could not be found")
     })
@@ -123,7 +129,11 @@ public Response getLicenseGroup(
             description = "<p>Requires permission <strong>POLICY_MANAGEMENT</strong> or <strong>POLICY_MANAGEMENT_CREATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "201", content = @Content(schema = @Schema(implementation = LicenseGroup.class))),
+            @ApiResponse(
+                    responseCode = "201",
+                    description = "The created license group",
+                    content = @Content(schema = @Schema(implementation = LicenseGroup.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "409", description = "A license group with the specified name already exists")
     })
@@ -153,7 +163,11 @@ public Response createLicenseGroup(LicenseGroup jsonLicenseGroup) {
             description = "<p>Requires permission <strong>POLICY_MANAGEMENT</strong> or <strong>POLICY_MANAGEMENT_UPDATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = LicenseGroup.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The updated license group",
+                    content = @Content(schema = @Schema(implementation = LicenseGroup.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The license group could not be found")
     })
@@ -184,7 +198,7 @@ public Response updateLicenseGroup(LicenseGroup jsonLicenseGroup) {
             description = "<p>Requires permission <strong>POLICY_MANAGEMENT</strong> or <strong>POLICY_MANAGEMENT_DELETE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "204"),
+            @ApiResponse(responseCode = "204", description = "License group removed successfully"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The UUID of the license group could not be found")
     })
@@ -212,7 +226,11 @@ public Response deleteLicenseGroup(
             description = "<p>Requires permission <strong>POLICY_MANAGEMENT</strong> or <strong>POLICY_MANAGEMENT_UPDATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = LicenseGroup.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The updated license group",
+                    content = @Content(schema = @Schema(implementation = LicenseGroup.class))
+            ),
             @ApiResponse(responseCode = "304", description = "The license group already has the specified license assigned"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The license group or license could not be found")
@@ -252,7 +270,11 @@ public Response addLicenseToLicenseGroup(
             description = "<p>Requires permission <strong>POLICY_MANAGEMENT</strong> or <strong>POLICY_MANAGEMENT_UPDATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = LicenseGroup.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The updated license group",
+                    content = @Content(schema = @Schema(implementation = LicenseGroup.class))
+            ),
             @ApiResponse(responseCode = "304", description = "The license is not a member with the license group"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The license group or license could not be found")
diff --git a/src/main/java/org/dependencytrack/resources/v1/LicenseResource.java b/src/main/java/org/dependencytrack/resources/v1/LicenseResource.java
index 0b1bf42e1..b661bd3bd 100644
--- a/src/main/java/org/dependencytrack/resources/v1/LicenseResource.java
+++ b/src/main/java/org/dependencytrack/resources/v1/LicenseResource.java
@@ -72,7 +72,9 @@ public class LicenseResource extends AlpineResource {
     )
     @PaginatedApi
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200",
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "A list of all licenses with complete metadata for each license",
                     headers = @Header(name = TOTAL_COUNT_HEADER, description = "The total number of licenses", schema = @Schema(format = "integeger")),
                     content = @Content(array = @ArraySchema(schema = @Schema(implementation = License.class)))
             ),
@@ -92,9 +94,12 @@ public Response getLicenses() {
             summary = "Returns a concise listing of all licenses"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200",
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "A concise listing of all licenses",
                     headers = @Header(name = TOTAL_COUNT_HEADER, description = "The total number of licenses", schema = @Schema(format = "integer")),
-                    content = @Content(array = @ArraySchema(schema = @Schema(implementation = License.class)))),
+                    content = @Content(array = @ArraySchema(schema = @Schema(implementation = License.class)))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized")
     })
     public Response getLicenseListing() {
@@ -111,7 +116,11 @@ public Response getLicenseListing() {
             summary = "Returns a specific license"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = License.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "A specific license",
+                    content = @Content(schema = @Schema(implementation = License.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The license could not be found")
     })
@@ -135,7 +144,11 @@ public Response getLicense(
             description = "<p>Requires permission <strong>SYSTEM_CONFIGURATION</strong> or <strong>SYSTEM_CONFIGURATION_CREATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "201", content = @Content(schema = @Schema(implementation = License.class))),
+            @ApiResponse(
+                    responseCode = "201",
+                    description = "The created license",
+                    content = @Content(schema = @Schema(implementation = License.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "409", description = "A license with the specified ID already exists.")
     })
@@ -166,7 +179,7 @@ public Response createLicense(License jsonLicense) {
             description = "<p>Requires permission <strong>SYSTEM_CONFIGURATION</strong> or <strong>SYSTEM_CONFIGURATION_DELETE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "204"),
+            @ApiResponse(responseCode = "204", description = "License removed successfully"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The license could not be found"),
             @ApiResponse(responseCode = "409", description = "Only custom licenses can be deleted.")
diff --git a/src/main/java/org/dependencytrack/resources/v1/MetricsResource.java b/src/main/java/org/dependencytrack/resources/v1/MetricsResource.java
index 073ccc325..f0af0b8cb 100644
--- a/src/main/java/org/dependencytrack/resources/v1/MetricsResource.java
+++ b/src/main/java/org/dependencytrack/resources/v1/MetricsResource.java
@@ -77,7 +77,11 @@ public class MetricsResource extends AlpineResource {
             description = "<p>Requires permission <strong>VIEW_PORTFOLIO</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(array = @ArraySchema(schema = @Schema(implementation = VulnerabilityMetrics.class)))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The sum of all vulnerabilities in the database by year and month",
+                    content = @Content(array = @ArraySchema(schema = @Schema(implementation = VulnerabilityMetrics.class)))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized")
     })
     @PermissionRequired(Permissions.Constants.VIEW_PORTFOLIO)
@@ -96,7 +100,11 @@ public Response getVulnerabilityMetrics() {
             description = "<p>Requires permission <strong>VIEW_PORTFOLIO</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = PortfolioMetrics.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "Current metrics for the entire portfolio",
+                    content = @Content(schema = @Schema(implementation = PortfolioMetrics.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized")
     })
     @PermissionRequired(Permissions.Constants.VIEW_PORTFOLIO)
@@ -116,7 +124,11 @@ public Response getPortfolioCurrentMetrics() {
                     <p>Date format must be <code>YYYYMMDD</code></p>
                     <p>Requires permission <strong>VIEW_PORTFOLIO</strong></p>""")
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(array = @ArraySchema(schema = @Schema(implementation = PortfolioMetrics.class)))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "Historical metrics for the entire portfolio from a specific date",
+                    content = @Content(array = @ArraySchema(schema = @Schema(implementation = PortfolioMetrics.class)))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized")
     })
     @PermissionRequired(Permissions.Constants.VIEW_PORTFOLIO)
@@ -142,7 +154,11 @@ public Response getPortfolioMetricsSince(
             description = "<p>Requires permission <strong>VIEW_PORTFOLIO</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(array = @ArraySchema(schema = @Schema(implementation = PortfolioMetrics.class)))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "X days of historical metrics for the entire portfolio",
+                    content = @Content(array = @ArraySchema(schema = @Schema(implementation = PortfolioMetrics.class)))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized")
     })
     @PermissionRequired(Permissions.Constants.VIEW_PORTFOLIO)
@@ -165,7 +181,7 @@ public Response getPortfolioMetricsXDays(
             description = "<p>Requires permission <strong>PORTFOLIO_MANAGEMENT</strong> or <strong>PORTFOLIO_MANAGEMENT_READ</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = PortfolioMetrics.class))),
+            @ApiResponse(responseCode = "200", description = "Refresh requested successfully"),
             @ApiResponse(responseCode = "401", description = "Unauthorized")
     })
     @PermissionRequired({Permissions.Constants.PORTFOLIO_MANAGEMENT, Permissions.Constants.PORTFOLIO_MANAGEMENT_READ})
@@ -182,7 +198,11 @@ public Response RefreshPortfolioMetrics() {
             description = "<p>Requires permission <strong>VIEW_PORTFOLIO</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = ProjectMetrics.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "Current metrics for a specific project",
+                    content = @Content(schema = @Schema(implementation = ProjectMetrics.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "403", description = "Access to the specified project is forbidden"),
             @ApiResponse(responseCode = "404", description = "The project could not be found")
@@ -216,7 +236,11 @@ public Response getProjectCurrentMetrics(
                     <p>Requires permission <strong>VIEW_PORTFOLIO</strong></p>"""
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(array = @ArraySchema(schema = @Schema(implementation = ProjectMetrics.class)))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "Historical metrics for a specific project from a specific date",
+                    content = @Content(array = @ArraySchema(schema = @Schema(implementation = ProjectMetrics.class)))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "403", description = "Access to the specified project is forbidden"),
             @ApiResponse(responseCode = "404", description = "The project could not be found")
@@ -240,8 +264,12 @@ public Response getProjectMetricsSince(
             description = "<p>Requires permission <strong>VIEW_PORTFOLIO</strong></p>"
     )
     @ApiResponses(value = {
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "X days of historical metrics for a specific project",
+                    content = @Content(array = @ArraySchema(schema = @Schema(implementation = ProjectMetrics.class)))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
-            @ApiResponse(responseCode = "200", content = @Content(array = @ArraySchema(schema = @Schema(implementation = ProjectMetrics.class)))),
             @ApiResponse(responseCode = "403", description = "Access to the specified project is forbidden"),
             @ApiResponse(responseCode = "404", description = "The project could not be found")
     })
@@ -264,6 +292,7 @@ public Response getProjectMetricsXDays(
             description = "<p>Requires permission <strong>PORTFOLIO_MANAGEMENT</strong> or <strong>PORTFOLIO_MANAGEMENT_READ</strong></p>"
     )
     @ApiResponses(value = {
+            @ApiResponse(responseCode = "200", description = "Refresh requested successfully"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "403", description = "Access to the specified project is forbidden"),
             @ApiResponse(responseCode = "404", description = "The project could not be found")
@@ -295,7 +324,11 @@ public Response RefreshProjectMetrics(
             description = "<p>Requires permission <strong>VIEW_PORTFOLIO</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = DependencyMetrics.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "Current metrics for a specific component",
+                    content = @Content(schema = @Schema(implementation = DependencyMetrics.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "403", description = "Access to the specified component is forbidden"),
             @ApiResponse(responseCode = "404", description = "The component could not be found")
@@ -329,7 +362,11 @@ public Response getComponentCurrentMetrics(
                     <p>Requires permission <strong>VIEW_PORTFOLIO</strong></p>"""
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(array = @ArraySchema(schema = @Schema(implementation = DependencyMetrics.class)))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "Historical metrics for a specific component from a specific date",
+                    content = @Content(array = @ArraySchema(schema = @Schema(implementation = DependencyMetrics.class)))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "403", description = "Access to the specified component is forbidden"),
             @ApiResponse(responseCode = "404", description = "The component could not be found")
@@ -356,7 +393,11 @@ public Response getComponentMetricsSince(
             description = "<p>Requires permission <strong>VIEW_PORTFOLIO</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(array = @ArraySchema(schema = @Schema(implementation = DependencyMetrics.class)))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "X days of historical metrics for a specific component",
+                    content = @Content(array = @ArraySchema(schema = @Schema(implementation = DependencyMetrics.class)))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "403", description = "Access to the specified component is forbidden"),
             @ApiResponse(responseCode = "404", description = "The component could not be found")
@@ -380,6 +421,7 @@ public Response getComponentMetricsXDays(
             description = "<p>Requires permission <strong>PORTFOLIO_MANAGEMENT</strong> or <strong>PORTFOLIO_MANAGEMENT_READ</strong></p>"
     )
     @ApiResponses(value = {
+            @ApiResponse(responseCode = "200", description = "Refresh requested successfully"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "403", description = "Access to the specified component is forbidden"),
             @ApiResponse(responseCode = "404", description = "The component could not be found")
diff --git a/src/main/java/org/dependencytrack/resources/v1/NotificationPublisherResource.java b/src/main/java/org/dependencytrack/resources/v1/NotificationPublisherResource.java
index 3d41d6c1f..f9196cb94 100644
--- a/src/main/java/org/dependencytrack/resources/v1/NotificationPublisherResource.java
+++ b/src/main/java/org/dependencytrack/resources/v1/NotificationPublisherResource.java
@@ -77,7 +77,11 @@ public class NotificationPublisherResource extends AlpineResource {
             description = "<p>Requires permission <strong>SYSTEM_CONFIGURATION</strong> or <strong>SYSTEM_CONFIGURATION_READ</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(array = @ArraySchema(schema = @Schema(implementation = NotificationPublisher.class)))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "A list of all notification publishers",
+                    content = @Content(array = @ArraySchema(schema = @Schema(implementation = NotificationPublisher.class)))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized")
     })
     @PermissionRequired({Permissions.Constants.SYSTEM_CONFIGURATION, Permissions.Constants.SYSTEM_CONFIGURATION_READ})
@@ -96,7 +100,11 @@ public Response getAllNotificationPublishers() {
             description = "<p>Requires permission <strong>SYSTEM_CONFIGURATION</strong> or <strong>SYSTEM_CONFIGURATION_CREATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "201", content = @Content(schema = @Schema(implementation = NotificationPublisher.class))),
+            @ApiResponse(
+                    responseCode = "201",
+                    description = "The created notification publisher",
+                    content = @Content(schema = @Schema(implementation = NotificationPublisher.class))
+            ),
             @ApiResponse(responseCode = "400", description = "Invalid notification class or trying to modify a default publisher"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "409", description = "Conflict with an existing publisher's name")
@@ -143,7 +151,11 @@ public Response createNotificationPublisher(NotificationPublisher jsonNotificati
             description = "<p>Requires permission <strong>SYSTEM_CONFIGURATION</strong> or <strong>SYSTEM_CONFIGURATION_UPDATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = NotificationPublisher.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The updated notification publisher",
+                    content = @Content(schema = @Schema(implementation = NotificationPublisher.class))
+            ),
             @ApiResponse(responseCode = "400", description = "Invalid notification class or trying to modify a default publisher"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The notification publisher could not be found"),
@@ -203,7 +215,7 @@ public Response updateNotificationPublisher(NotificationPublisher jsonNotificati
             description = "<p>Requires permission <strong>SYSTEM_CONFIGURATION</strong> or <strong>SYSTEM_CONFIGURATION_DELETE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "204"),
+            @ApiResponse(responseCode = "204", description = "Notification publisher removed successfully"),
             @ApiResponse(responseCode = "400", description = "Deleting a default notification publisher is forbidden"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The UUID of the notification publisher could not be found")
@@ -236,7 +248,7 @@ public Response deleteNotificationPublisher(@Parameter(description = "The UUID o
             description = "<p>Requires permission <strong>SYSTEM_CONFIGURATION</strong> or <strong>SYSTEM_CONFIGURATION_CREATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200"),
+            @ApiResponse(responseCode = "200", description = "Default templates restored successfully"),
             @ApiResponse(responseCode = "401", description = "Unauthorized")
     })
     @PermissionRequired({Permissions.Constants.SYSTEM_CONFIGURATION, Permissions.Constants.SYSTEM_CONFIGURATION_CREATE})
diff --git a/src/main/java/org/dependencytrack/resources/v1/NotificationRuleResource.java b/src/main/java/org/dependencytrack/resources/v1/NotificationRuleResource.java
index fc3df4430..bde39188d 100644
--- a/src/main/java/org/dependencytrack/resources/v1/NotificationRuleResource.java
+++ b/src/main/java/org/dependencytrack/resources/v1/NotificationRuleResource.java
@@ -81,6 +81,7 @@ public class NotificationRuleResource extends AlpineResource {
     @ApiResponses(value = {
             @ApiResponse(
                     responseCode = "200",
+                    description = "A list of all notification rules",
                     headers = @Header(name = TOTAL_COUNT_HEADER, description = "The total number of notification rules", schema = @Schema(format = "integer")),
                     content = @Content(array = @ArraySchema(schema = @Schema(implementation = NotificationRule.class)))
             ),
@@ -101,7 +102,11 @@ public Response getAllNotificationRules() {
             description = "<p>Requires permission <strong>SYSTEM_CONFIGURATION</strong> or <strong>SYSTEM_CONFIGURATION_CREATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "201", content = @Content(schema = @Schema(implementation = NotificationRule.class))),
+            @ApiResponse(
+                    responseCode = "201",
+                    description = "The created notification rule",
+                    content = @Content(schema = @Schema(implementation = NotificationRule.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The UUID of the notification publisher could not be found")
     })
@@ -137,7 +142,11 @@ public Response createNotificationRule(NotificationRule jsonRule) {
             description = "<p>Requires permission <strong>SYSTEM_CONFIGURATION</strong> or <strong>SYSTEM_CONFIGURATION_UPDATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = NotificationRule.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The updated notification rule",
+                    content = @Content(schema = @Schema(implementation = NotificationRule.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The UUID of the notification rule could not be found")
     })
@@ -168,7 +177,7 @@ public Response updateNotificationRule(NotificationRule jsonRule) {
             description = "<p>Requires permission <strong>SYSTEM_CONFIGURATION</strong> or <strong>SYSTEM_CONFIGURATION_DELETE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "204"),
+            @ApiResponse(responseCode = "204", description = "Notification rule removed successfully"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The UUID of the notification rule could not be found")
     })
@@ -193,7 +202,11 @@ public Response deleteNotificationRule(NotificationRule jsonRule) {
             description = "<p>Requires permission <strong>SYSTEM_CONFIGURATION</strong> or <strong>SYSTEM_CONFIGURATION_UPDATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = NotificationRule.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The updated notification rule",
+                    content = @Content(schema = @Schema(implementation = NotificationRule.class))
+            ),
             @ApiResponse(responseCode = "304", description = "The rule already has the specified project assigned"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The notification rule or project could not be found")
@@ -234,7 +247,11 @@ public Response addProjectToRule(
             description = "<p>Requires permission <strong>SYSTEM_CONFIGURATION</strong> or <strong>SYSTEM_CONFIGURATION_DELETE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = NotificationRule.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The updated notification rule",
+                    content = @Content(schema = @Schema(implementation = NotificationRule.class))
+            ),
             @ApiResponse(responseCode = "304", description = "The rule does not have the specified project assigned"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The notification rule or project could not be found")
@@ -275,7 +292,11 @@ public Response removeProjectFromRule(
             description = "<p>Requires permission <strong>SYSTEM_CONFIGURATION</strong> or <strong>SYSTEM_CONFIGURATION_UPDATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = NotificationRule.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The updated notification rule",
+                    content = @Content(schema = @Schema(implementation = NotificationRule.class))
+            ),
             @ApiResponse(responseCode = "304", description = "The rule already has the specified team assigned"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The notification rule or team could not be found")
@@ -316,7 +337,11 @@ public Response addTeamToRule(
             description = "<p>Requires permission <strong>SYSTEM_CONFIGURATION</strong> or <strong>SYSTEM_CONFIGURATION_DELETE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = NotificationRule.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The updated notification rule",
+                    content = @Content(schema = @Schema(implementation = NotificationRule.class))
+            ),
             @ApiResponse(responseCode = "304", description = "The rule does not have the specified team assigned"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The notification rule or team could not be found")
diff --git a/src/main/java/org/dependencytrack/resources/v1/OidcResource.java b/src/main/java/org/dependencytrack/resources/v1/OidcResource.java
index 2ecc4ff80..735f89c97 100644
--- a/src/main/java/org/dependencytrack/resources/v1/OidcResource.java
+++ b/src/main/java/org/dependencytrack/resources/v1/OidcResource.java
@@ -74,8 +74,11 @@ public class OidcResource extends AlpineResource {
     @GET
     @Path("/available")
     @Produces(MediaType.TEXT_PLAIN)
-    @Operation(
-            summary = "Indicates if OpenID Connect is available for this application"
+    @Operation(summary = "Indicates if OpenID Connect is available for this application")
+    @ApiResponse(
+            responseCode = "200",
+            description = "Whether OpenID Connect is available",
+            content = @Content(schema = @Schema(type = "boolean"))
     )
     @AuthenticationNotRequired
     public Response isAvailable() {
@@ -90,7 +93,11 @@ public Response isAvailable() {
             description = "<p>Requires permission <strong>ACCESS_MANAGEMENT</strong> or <strong>ACCESS_MANAGEMENT_READ</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(array = @ArraySchema(schema = @Schema(implementation = OidcGroup.class)))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "A list of all groups",
+                    content = @Content(array = @ArraySchema(schema = @Schema(implementation = OidcGroup.class)))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized")
     })
     @PermissionRequired({Permissions.Constants.ACCESS_MANAGEMENT, Permissions.Constants.ACCESS_MANAGEMENT_READ})
@@ -110,7 +117,11 @@ public Response retrieveGroups() {
             description = "<p>Requires permission <strong>ACCESS_MANAGEMENT</strong> or <strong>ACCESS_MANAGEMENT_CREATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "201", content = @Content(schema = @Schema(implementation = OidcGroup.class))),
+            @ApiResponse(
+                    responseCode = "201",
+                    description = "The created group",
+                    content = @Content(schema = @Schema(implementation = OidcGroup.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized")
     })
     @PermissionRequired({Permissions.Constants.ACCESS_MANAGEMENT, Permissions.Constants.ACCESS_MANAGEMENT_CREATE})
@@ -140,7 +151,11 @@ public Response createGroup(final OidcGroup jsonGroup) {
             description = "<p>Requires permission <strong>ACCESS_MANAGEMENT</strong> or <strong>ACCESS_MANAGEMENT_UPDATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = OidcGroup.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The updated group",
+                    content = @Content(schema = @Schema(implementation = OidcGroup.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized")
     })
     @PermissionRequired({Permissions.Constants.ACCESS_MANAGEMENT, Permissions.Constants.ACCESS_MANAGEMENT_UPDATE})
@@ -172,7 +187,7 @@ public Response updateGroup(final OidcGroup jsonGroup) {
             description = "<p>Requires permission <strong>ACCESS_MANAGEMENT</strong> or <strong>ACCESS_MANAGEMENT_DELETE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "204"),
+            @ApiResponse(responseCode = "204", description = "Group removed successfully"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The group could not be found")
     })
@@ -200,7 +215,11 @@ public Response deleteGroup(@Parameter(description = "The UUID of the group to d
             description = "<p>Requires permission <strong>ACCESS_MANAGEMENT</strong> or <strong>ACCESS_MANAGEMENT_READ</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(array = @ArraySchema(schema = @Schema(implementation = Team.class)))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "A list of teams associated with the specified group",
+                    content = @Content(array = @ArraySchema(schema = @Schema(implementation = Team.class)))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The UUID of the mapping could not be found"),
     })
@@ -229,7 +248,11 @@ public Response retrieveTeamsMappedToGroup(@Parameter(description = "The UUID of
             description = "<p>Requires permission <strong>ACCESS_MANAGEMENT</strong> or <strong>ACCESS_MANAGEMENT_CREATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = MappedOidcGroup.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The created mapping",
+                    content = @Content(schema = @Schema(implementation = MappedOidcGroup.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The UUID of the team or group could not be found"),
             @ApiResponse(responseCode = "409", description = "A mapping with the same team and group name already exists")
@@ -271,7 +294,7 @@ public Response addMapping(final MappedOidcGroupRequest request) {
             description = "<p>Requires permission <strong>ACCESS_MANAGEMENT</strong> or <strong>ACCESS_MANAGEMENT_DELETE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "204"),
+            @ApiResponse(responseCode = "204", description = "Mapping removed successfully"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The UUID of the mapping could not be found"),
     })
@@ -298,7 +321,7 @@ public Response deleteMappingByUuid(@Parameter(description = "The UUID of the ma
             description = "<p>Requires permission <strong>ACCESS_MANAGEMENT</strong> or <strong>ACCESS_MANAGEMENT_DELETE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "204"),
+            @ApiResponse(responseCode = "204", description = "Mapping removed successfully"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The UUID of the mapping could not be found"),
     })
diff --git a/src/main/java/org/dependencytrack/resources/v1/PermissionResource.java b/src/main/java/org/dependencytrack/resources/v1/PermissionResource.java
index fc4875b9d..19d305a1d 100644
--- a/src/main/java/org/dependencytrack/resources/v1/PermissionResource.java
+++ b/src/main/java/org/dependencytrack/resources/v1/PermissionResource.java
@@ -72,7 +72,11 @@ public class PermissionResource extends AlpineResource {
             description = "<p>Requires permission <strong>ACCESS_MANAGEMENT</strong> or <strong>ACCESS_MANAGEMENT_READ</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = Permissions.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "A list of all permissions",
+                    content = @Content(schema = @Schema(implementation = Permissions.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized")
     })
     @PermissionRequired({Permissions.Constants.ACCESS_MANAGEMENT, Permissions.Constants.ACCESS_MANAGEMENT_READ})
@@ -92,7 +96,11 @@ public Response getAllPermissions() {
             description = "<p>Requires permission <strong>ACCESS_MANAGEMENT</strong> or <strong>ACCESS_MANAGEMENT_UPDATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = UserPrincipal.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The updated user",
+                    content = @Content(schema = @Schema(implementation = UserPrincipal.class))
+            ),
             @ApiResponse(responseCode = "304", description = "The user already has the specified permission assigned"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The user could not be found")
@@ -133,7 +141,11 @@ public Response addPermissionToUser(
             description = "<p>Requires permission <strong>ACCESS_MANAGEMENT</strong> or <strong>ACCESS_MANAGEMENT_DELETE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = UserPrincipal.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The updated user",
+                    content = @Content(schema = @Schema(implementation = UserPrincipal.class))
+            ),
             @ApiResponse(responseCode = "304", description = "The user already has the specified permission assigned"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The user could not be found")
@@ -173,7 +185,11 @@ public Response removePermissionFromUser(
             description = "<p>Requires permission <strong>ACCESS_MANAGEMENT</strong> or <strong>ACCESS_MANAGEMENT_UPDATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = Team.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The updated team",
+                    content = @Content(schema = @Schema(implementation = Team.class))
+            ),
             @ApiResponse(responseCode = "304", description = "The team already has the specified permission assigned"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The team could not be found")
@@ -213,7 +229,11 @@ public Response addPermissionToTeam(
             description = "<p>Requires permission <strong>ACCESS_MANAGEMENT</strong> or <strong>ACCESS_MANAGEMENT_DELETE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "204", content = @Content(schema = @Schema(implementation = Team.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The updated team",
+                    content = @Content(schema = @Schema(implementation = Team.class))
+            ),
             @ApiResponse(responseCode = "304", description = "The team already has the specified permission assigned"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The team could not be found")
diff --git a/src/main/java/org/dependencytrack/resources/v1/PolicyConditionResource.java b/src/main/java/org/dependencytrack/resources/v1/PolicyConditionResource.java
index 20f9b644e..28f941859 100644
--- a/src/main/java/org/dependencytrack/resources/v1/PolicyConditionResource.java
+++ b/src/main/java/org/dependencytrack/resources/v1/PolicyConditionResource.java
@@ -81,7 +81,11 @@ public class PolicyConditionResource extends AlpineResource {
             description = "<p>Requires permission <strong>POLICY_MANAGEMENT</strong> or <strong>POLICY_MANAGEMENT_UPDATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "201", content = @Content(schema = @Schema(implementation = PolicyCondition.class))),
+            @ApiResponse(
+                    responseCode = "201",
+                    description = "The created policy condition",
+                    content = @Content(schema = @Schema(implementation = PolicyCondition.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The UUID of the policy could not be found")
     })
@@ -117,8 +121,11 @@ public Response createPolicyCondition(
             description = "<p>Requires permission <strong>POLICY_MANAGEMENT</strong> or <strong>POLICY_MANAGEMENT_UPDATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = PolicyCondition.class))),
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = PolicyCondition.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The updated policy condition",
+                    content = @Content(schema = @Schema(implementation = PolicyCondition.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The UUID of the policy condition could not be found")
     })
@@ -149,7 +156,7 @@ public Response updatePolicyCondition(PolicyCondition jsonPolicyCondition) {
             description = "<p>Requires permission <strong>POLICY_MANAGEMENT</strong> or <strong>POLICY_MANAGEMENT_UPDATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "204"),
+            @ApiResponse(responseCode = "204", description = "Policy condition removed successfully"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The UUID of the policy condition could not be found")
     })
diff --git a/src/main/java/org/dependencytrack/resources/v1/PolicyResource.java b/src/main/java/org/dependencytrack/resources/v1/PolicyResource.java
index 9a4aef9f0..e0dd12bad 100644
--- a/src/main/java/org/dependencytrack/resources/v1/PolicyResource.java
+++ b/src/main/java/org/dependencytrack/resources/v1/PolicyResource.java
@@ -77,6 +77,7 @@ public class PolicyResource extends AlpineResource {
     @ApiResponses(value = {
             @ApiResponse(
                     responseCode = "200",
+                    description = "A list of all policies",
                     headers = @Header(name = TOTAL_COUNT_HEADER, description = "The total number of policies", schema = @Schema(format = "integer")),
                     content = @Content(array = @ArraySchema(schema = @Schema(implementation = Policy.class)))
             ),
@@ -98,7 +99,11 @@ public Response getPolicies() {
             , description = "<p>Requires permission <strong>POLICY_MANAGEMENT</strong> or <strong>POLICY_MANAGEMENT_READ</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = Policy.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "A specific policy",
+                    content = @Content(schema = @Schema(implementation = Policy.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The policy could not be found")
     })
@@ -124,7 +129,11 @@ public Response getPolicy(
             description = "<p>Requires permission <strong>POLICY_MANAGEMENT</strong> or <strong>POLICY_MANAGEMENT_CREATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "201", content = @Content(schema = @Schema(implementation = Policy.class))),
+            @ApiResponse(
+                    responseCode = "201",
+                    description = "The created policy",
+                    content = @Content(schema = @Schema(implementation = Policy.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "409", description = "A policy with the specified name already exists")
     })
@@ -164,7 +173,11 @@ public Response createPolicy(Policy jsonPolicy) {
             description = "<p>Requires permission <strong>POLICY_MANAGEMENT</strong> or <strong>POLICY_MANAGEMENT_UPDATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = Policy.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The updated policy",
+                    content = @Content(schema = @Schema(implementation = Policy.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The policy could not be found")
     })
@@ -198,7 +211,7 @@ public Response updatePolicy(Policy jsonPolicy) {
             , description = "<p>Requires permission <strong>POLICY_MANAGEMENT</strong> or <strong>POLICY_MANAGEMENT_DELETE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "204"),
+            @ApiResponse(responseCode = "204", description = "Policy removed successfully"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The UUID of the policy could not be found")
     })
@@ -226,7 +239,11 @@ public Response deletePolicy(
             description = "<p>Requires permission <strong>POLICY_MANAGEMENT</strong> or <strong>POLICY_MANAGEMENT_UPDATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = Policy.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The updated policy",
+                    content = @Content(schema = @Schema(implementation = Policy.class))
+            ),
             @ApiResponse(responseCode = "304", description = "The policy already has the specified project assigned"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The policy or project could not be found")
@@ -265,7 +282,11 @@ public Response addProjectToPolicy(
             description = "<p>Requires permission <strong>POLICY_MANAGEMENT</strong> or <strong>POLICY_MANAGEMENT_DELETE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "204", content = @Content(schema = @Schema(implementation = Policy.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The updated policy",
+                    content = @Content(schema = @Schema(implementation = Policy.class))
+            ),
             @ApiResponse(responseCode = "304", description = "The policy does not have the specified project assigned"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The policy or project could not be found")
@@ -304,7 +325,11 @@ public Response removeProjectFromPolicy(
             description = "<p>Requires permission <strong>POLICY_MANAGEMENT</strong> or <strong>POLICY_MANAGEMENT_UPDATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = Policy.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The updated policy",
+                    content = @Content(schema = @Schema(implementation = Policy.class))
+            ),
             @ApiResponse(responseCode = "304", description = "The policy already has the specified tag assigned"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The policy or tag could not be found")
@@ -344,7 +369,11 @@ public Response addTagToPolicy(
             description = "<p>Requires permission <strong>POLICY_MANAGEMENT</strong> or <strong>POLICY_MANAGEMENT_DELETE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "204", content = @Content(schema = @Schema(implementation = Policy.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The updated policy",
+                    content = @Content(schema = @Schema(implementation = Policy.class))
+            ),
             @ApiResponse(responseCode = "304", description = "The policy does not have the specified tag assigned"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The policy or tag could not be found")
diff --git a/src/main/java/org/dependencytrack/resources/v1/PolicyViolationResource.java b/src/main/java/org/dependencytrack/resources/v1/PolicyViolationResource.java
index daaf323d1..6de803382 100644
--- a/src/main/java/org/dependencytrack/resources/v1/PolicyViolationResource.java
+++ b/src/main/java/org/dependencytrack/resources/v1/PolicyViolationResource.java
@@ -75,6 +75,7 @@ public class PolicyViolationResource extends AlpineResource {
     @ApiResponses(value = {
             @ApiResponse(
                     responseCode = "200",
+                    description = "A list of all policy violations for the entire portfolio",
                     headers = @Header(name = TOTAL_COUNT_HEADER, description = "The total number of policy violations", schema = @Schema(format = "integer")),
                     content = @Content(array = @ArraySchema(schema = @Schema(implementation = PolicyViolation.class)))
             ),
@@ -102,6 +103,7 @@ public Response getViolations(@Parameter(description = "Optionally includes supp
     @ApiResponses(value = {
             @ApiResponse(
                     responseCode = "200",
+                    description = "A list of all policy violations for a specific project",
                     headers = @Header(name = TOTAL_COUNT_HEADER, description = "The total number of policy violations", schema = @Schema(format = "integer")),
                     content = @Content(array = @ArraySchema(schema = @Schema(implementation = PolicyViolation.class)))
             ),
@@ -142,6 +144,7 @@ public Response getViolationsByProject(@Parameter(description = "The UUID of the
     @ApiResponses(value = {
             @ApiResponse(
                     responseCode = "200",
+                    description = "A list of all policy violations for a specific component",
                     headers = @Header(name = TOTAL_COUNT_HEADER, description = "The total number of policy violations", schema = @Schema(format = "integer")),
                     content = @Content(array = @ArraySchema(schema = @Schema(implementation = PolicyViolation.class)))
             ),
diff --git a/src/main/java/org/dependencytrack/resources/v1/ProjectPropertyResource.java b/src/main/java/org/dependencytrack/resources/v1/ProjectPropertyResource.java
index 487d07ec2..8cec57331 100644
--- a/src/main/java/org/dependencytrack/resources/v1/ProjectPropertyResource.java
+++ b/src/main/java/org/dependencytrack/resources/v1/ProjectPropertyResource.java
@@ -70,7 +70,11 @@ public class ProjectPropertyResource extends AbstractConfigPropertyResource {
             description = "<p>Requires permission <strong>PORTFOLIO_MANAGEMENT</strong> or <strong>PORTFOLIO_MANAGEMENT_READ</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(array = @ArraySchema(schema = @Schema(implementation = ProjectProperty.class)))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "A list of all ProjectProperties for the specified project",
+                    content = @Content(array = @ArraySchema(schema = @Schema(implementation = ProjectProperty.class)))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "403", description = "Access to the specified project is forbidden"),
             @ApiResponse(responseCode = "404", description = "The project could not be found")
@@ -112,7 +116,11 @@ public Response getProperties(
             description = "<p>Requires permission <strong>PORTFOLIO_MANAGEMENT</strong> or <strong>PORTFOLIO_MANAGEMENT_UPDATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "201", content = @Content(schema = @Schema(implementation = ProjectProperty.class))),
+            @ApiResponse(
+                    responseCode = "201",
+                    description = "The created project property",
+                    content = @Content(schema = @Schema(implementation = ProjectProperty.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "403", description = "Access to the specified project is forbidden"),
             @ApiResponse(responseCode = "404", description = "The project could not be found"),
@@ -168,7 +176,11 @@ public Response createProperty(
             description = "<p>Requires permission <strong>PORTFOLIO_MANAGEMENT</strong> or <strong>PORTFOLIO_MANAGEMENT_UPDATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = ProjectProperty.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The updated project property",
+                    content = @Content(schema = @Schema(implementation = ProjectProperty.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "403", description = "Access to the specified project is forbidden"),
             @ApiResponse(responseCode = "404", description = "The project could not be found"),
@@ -211,7 +223,7 @@ public Response updateProperty(
             description = "<p>Requires permission <strong>PORTFOLIO_MANAGEMENT</strong> or <strong>PORTFOLIO_MANAGEMENT_DELETE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "204"),
+            @ApiResponse(responseCode = "204", description = "Project property removed successfully"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "403", description = "Access to the specified project is forbidden"),
             @ApiResponse(responseCode = "404", description = "The project or project property could not be found"),
diff --git a/src/main/java/org/dependencytrack/resources/v1/ProjectResource.java b/src/main/java/org/dependencytrack/resources/v1/ProjectResource.java
index b968e8b0a..8f69556bc 100644
--- a/src/main/java/org/dependencytrack/resources/v1/ProjectResource.java
+++ b/src/main/java/org/dependencytrack/resources/v1/ProjectResource.java
@@ -62,6 +62,7 @@
 import org.dependencytrack.persistence.jdbi.ProjectDao;
 import org.dependencytrack.persistence.jdbi.ProjectDao.ConciseProjectListRow;
 import org.dependencytrack.resources.v1.openapi.PaginatedApi;
+import org.dependencytrack.resources.v1.vo.BomUploadResponse;
 import org.dependencytrack.resources.v1.vo.CloneProjectRequest;
 import org.dependencytrack.resources.v1.vo.ConciseProject;
 
@@ -103,7 +104,9 @@ public class ProjectResource extends AlpineResource {
     )
     @PaginatedApi
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200",
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "A list of all projects",
                     headers = @Header(name = TOTAL_COUNT_HEADER, schema = @Schema(format = "integer"), description = "The total number of projects"),
                     content = @Content(array = @ArraySchema(schema = @Schema(implementation = Project.class)))
             ),
@@ -141,7 +144,9 @@ public Response getProjects(@Parameter(description = "The optional name of the p
     )
     @PaginatedApi
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200",
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "A list of all projects in concise representation",
                     headers = @Header(name = TOTAL_COUNT_HEADER, schema = @Schema(format = "integer"), description = "The total number of projects"),
                     content = @Content(array = @ArraySchema(schema = @Schema(implementation = ConciseProject.class)))
             ),
@@ -179,7 +184,10 @@ public Response getProjectsConcise(
     )
     @PaginatedApi
     @ApiResponses(value = {
-            @ApiResponse(headers = @Header(name = TOTAL_COUNT_HEADER, description = "The total number of child projects", schema = @Schema(format = "integer")),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "A list of all child projects in a concise representation",
+                    headers = @Header(name = TOTAL_COUNT_HEADER, description = "The total number of child projects", schema = @Schema(format = "integer")),
                     content = @Content(array = @ArraySchema(schema = @Schema(implementation = ConciseProject.class)))
             ),
             @ApiResponse(responseCode = "401", description = "Unauthorized")
@@ -215,7 +223,11 @@ public Response getProjectChildrenConcise(
             description = "<p>Requires permission <strong>VIEW_PORTFOLIO</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = Project.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "A specific project",
+                    content = @Content(schema = @Schema(implementation = Project.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "403", description = "Access to the specified project is forbidden"),
             @ApiResponse(responseCode = "404", description = "The project could not be found")
@@ -248,7 +260,11 @@ public Response getProject(
             description = "<p>Requires permission <strong>VIEW_PORTFOLIO</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = Project.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "A specific project by its name and version",
+                    content = @Content(schema = @Schema(implementation = Project.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "403", description = "Access to the specified project is forbidden"),
             @ApiResponse(responseCode = "404", description = "The project could not be found")
@@ -284,6 +300,7 @@ public Response getProject(
     @ApiResponses(value = {
             @ApiResponse(
                     responseCode = "200",
+                    description = "A list of all projects by tag",
                     headers = @Header(name = TOTAL_COUNT_HEADER, description = "The total number of projects", schema = @Schema(format = "integer")),
                     content = @Content(array = @ArraySchema(schema = @Schema(implementation = Project.class)))
             ),
@@ -315,6 +332,7 @@ public Response getProjectsByTag(
     @ApiResponses(value = {
             @ApiResponse(
                     responseCode = "200",
+                    description = "A list of all projects by classifier",
                     headers = @Header(name = TOTAL_COUNT_HEADER, description = "The total number of projects", schema = @Schema(format = "integer")),
                     content = @Content(array = @ArraySchema(schema = @Schema(implementation = Project.class)))
             ),
@@ -347,7 +365,11 @@ public Response getProjectsByClassifier(
                     <p>Requires permission <strong>PORTFOLIO_MANAGEMENT</strong> or <strong>PORTFOLIO_MANAGEMENT_CREATE</strong></p>"""
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "201", content = @Content(schema = @Schema(implementation = Project.class))),
+            @ApiResponse(
+                    responseCode = "201",
+                    description = "The created project",
+                    content = @Content(schema = @Schema(implementation = Project.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "409", description = """
                     <ul>
@@ -407,7 +429,11 @@ public Response createProject(Project jsonProject) {
             description = "<p>Requires permission <strong>PORTFOLIO_MANAGEMENT</strong> or <strong>PORTFOLIO_MANAGEMENT_UPDATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = Project.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The updated project",
+                    content = @Content(schema = @Schema(implementation = Project.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The UUID of the project could not be found"),
             @ApiResponse(responseCode = "409", description = """
@@ -477,7 +503,11 @@ public Response updateProject(Project jsonProject) {
             description = "<p>Requires permission <strong>PORTFOLIO_MANAGEMENT</strong> or <strong>PORTFOLIO_MANAGEMENT_UPDATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = Project.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The updated project",
+                    content = @Content(schema = @Schema(implementation = Project.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The UUID of the project could not be found"),
             @ApiResponse(responseCode = "409", description = """
@@ -613,7 +643,7 @@ private <T> boolean setIfDifferent(final Project source, final Project target, f
             description = "<p>Requires permission <strong>PORTFOLIO_MANAGEMENT</strong> or <strong>PORTFOLIO_MANAGEMENT_DELETE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "204"),
+            @ApiResponse(responseCode = "204", description = "Project removed successfully"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "403", description = "Access to the specified project is forbidden"),
             @ApiResponse(responseCode = "404", description = "The UUID of the project could not be found"),
@@ -650,7 +680,11 @@ public Response deleteProject(
             description = "<p>Requires permission <strong>PORTFOLIO_MANAGEMENT</strong> or <strong>PORTFOLIO_MANAGEMENT_CREATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = Project.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "Token to be used for checking cloning progress",
+                    content = @Content(schema = @Schema(implementation = BomUploadResponse.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The UUID of the project could not be found")
     })
@@ -715,6 +749,7 @@ public Response cloneProject(CloneProjectRequest jsonRequest) {
     @ApiResponses(value = {
             @ApiResponse(
                     responseCode = "200",
+                    description = "A list of all children for a project",
                     headers = @Header(name = TOTAL_COUNT_HEADER, description = "The total number of projects", schema = @Schema(format = "integer")),
                     content = @Content(array = @ArraySchema(schema = @Schema(implementation = Project.class)))
             ),
@@ -753,6 +788,7 @@ public Response getChildrenProjects(@Parameter(description = "The UUID of the pr
     @ApiResponses(value = {
             @ApiResponse(
                     responseCode = "200",
+                    description = "A list of all children for a project by classifier",
                     headers = @Header(name = TOTAL_COUNT_HEADER, description = "The total number of projects", schema = @Schema(format = "integer")),
                     content = @Content(array = @ArraySchema(schema = @Schema(implementation = Project.class)))
             ),
@@ -795,6 +831,7 @@ public Response getChildrenProjectsByClassifier(
     @ApiResponses(value = {
             @ApiResponse(
                     responseCode = "200",
+                    description = "A list of all children for a project by tag",
                     headers = @Header(name = TOTAL_COUNT_HEADER, description = "The total number of projects", schema = @Schema(format = "integer")),
                     content = @Content(array = @ArraySchema(schema = @Schema(implementation = Project.class)))
             ),
@@ -837,6 +874,7 @@ public Response getChildrenProjectsByTag(
     @ApiResponses(value = {
             @ApiResponse(
                     responseCode = "200",
+                    description = "A list of all projects without the descendants of the selected project",
                     headers = @Header(name = TOTAL_COUNT_HEADER, description = "The total number of projects", schema = @Schema(format = "integer")),
                     content = @Content(array = @ArraySchema(schema = @Schema(implementation = Project.class)))
             ),
diff --git a/src/main/java/org/dependencytrack/resources/v1/RepositoryResource.java b/src/main/java/org/dependencytrack/resources/v1/RepositoryResource.java
index 64d2c1d4d..7abcf926f 100644
--- a/src/main/java/org/dependencytrack/resources/v1/RepositoryResource.java
+++ b/src/main/java/org/dependencytrack/resources/v1/RepositoryResource.java
@@ -80,7 +80,9 @@ public class RepositoryResource extends AlpineResource {
     )
     @PaginatedApi
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200",
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "A list of all repositories",
                     headers = @Header(name = TOTAL_COUNT_HEADER, description = "The total number of repositories", schema = @Schema(type = "integer")),
                     content = @Content(array = @ArraySchema(schema = @Schema(implementation = Repository.class)))
             ),
@@ -104,9 +106,10 @@ public Response getRepositories() {
     @PaginatedApi
     @ApiResponses(value = {
             @ApiResponse(
+                    responseCode = "200",
+                    description = "A list of repositories that support the provided type",
                     headers = @Header(description = "The total number of repositories", name = TOTAL_COUNT_HEADER, schema = @Schema(format = "integer")),
                     content = @Content(array = @ArraySchema(schema = @Schema(implementation = Repository.class)))
-
             ),
             @ApiResponse(responseCode = "401", description = "Unauthorized")
     })
@@ -127,7 +130,11 @@ public Response getRepositoriesByType(
             summary = "Attempts to resolve the latest version of the component available in the configured repositories"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = RepositoryMetaComponent.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The latest version of the component available in the configured repositories",
+                    content = @Content(schema = @Schema(implementation = RepositoryMetaComponent.class))
+            ),
             @ApiResponse(responseCode = "204", description = "The request was successful, but no repositories are configured to support the specified Package URL"),
             @ApiResponse(responseCode = "400", description = "The specified Package URL is invalid and not in the correct format"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
@@ -165,7 +172,11 @@ public Response getRepositoryMetaComponent(
             description = "<p>Requires permission <strong>SYSTEM_CONFIGURATION</strong> or <strong>SYSTEM_CONFIGURATION_CREATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "201", content = @Content(schema = @Schema(implementation = Repository.class))),
+            @ApiResponse(
+                    responseCode = "201",
+                    description = "The created repository",
+                    content = @Content(schema = @Schema(implementation = Repository.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "409", description = "A repository with the specified identifier already exists")
     })
@@ -207,7 +218,11 @@ public Response createRepository(Repository jsonRepository) {
             description = "<p>Requires permission <strong>SYSTEM_CONFIGURATION</strong> or <strong>SYSTEM_CONFIGURATION_UPDATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = Repository.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The updated repository",
+                    content = @Content(schema = @Schema(implementation = Repository.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The UUID of the repository could not be found")
     })
@@ -252,7 +267,7 @@ public Response updateRepository(Repository jsonRepository) {
             description = "<p>Requires permission <strong>SYSTEM_CONFIGURATION</strong> or <strong>SYSTEM_CONFIGURATION_DELETE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "204"),
+            @ApiResponse(responseCode = "204", description = "Repository removed successfully"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The UUID of the repository could not be found")
     })
diff --git a/src/main/java/org/dependencytrack/resources/v1/ServiceResource.java b/src/main/java/org/dependencytrack/resources/v1/ServiceResource.java
index 32acf2b36..9a132b81e 100644
--- a/src/main/java/org/dependencytrack/resources/v1/ServiceResource.java
+++ b/src/main/java/org/dependencytrack/resources/v1/ServiceResource.java
@@ -77,6 +77,7 @@ class ServiceResource extends AlpineResource {
     @ApiResponses(value = {
             @ApiResponse(
                     responseCode = "200",
+                    description = "A list of all services for a given project",
                     headers = @Header(name = TOTAL_COUNT_HEADER, description = "The total number of services", schema = @Schema(format = "integer")),
                     content = @Content(array = @ArraySchema(schema = @Schema(implementation = ServiceComponent.class)))
             ),
@@ -110,8 +111,12 @@ public Response getAllServices(@Parameter(description = "The UUID of the project
             description = "<p>Requires permission <strong>VIEW_PORTFOLIO</strong></p>"
     )
     @ApiResponses(value = {
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "A specific service",
+                    content = @Content(schema = @Schema(implementation = ServiceComponent.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = ServiceComponent.class))),
             @ApiResponse(responseCode = "403", description = "Access to the specified service is forbidden"),
             @ApiResponse(responseCode = "404", description = "The service could not be found")
     })
@@ -144,7 +149,11 @@ public Response getServiceByUuid(
             description = "<p>Requires permission <strong>PORTFOLIO_MANAGEMENT</strong> or <strong>PORTFOLIO_MANAGEMENT_CREATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "201", content = @Content(schema = @Schema(implementation = ServiceComponent.class))),
+            @ApiResponse(
+                    responseCode = "201",
+                    description = "The created service",
+                    content = @Content(schema = @Schema(implementation = ServiceComponent.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "403", description = "Access to the specified project is forbidden"),
             @ApiResponse(responseCode = "404", description = "The project could not be found")
@@ -197,7 +206,11 @@ public Response createService(@Parameter(description = "The UUID of the project"
             description = "<p>Requires permission <strong>PORTFOLIO_MANAGEMENT</strong> or <strong>PORTFOLIO_MANAGEMENT_UPDATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = ServiceComponent.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The updated service",
+                    content = @Content(schema = @Schema(implementation = ServiceComponent.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "403", description = "Access to the specified service is forbidden"),
             @ApiResponse(responseCode = "404", description = "The UUID of the service could not be found"),
@@ -248,7 +261,7 @@ public Response updateService(ServiceComponent jsonService) {
             description = "<p>Requires permission <strong>PORTFOLIO_MANAGEMENT</strong> or <strong>PORTFOLIO_MANAGEMENT_DELETE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "204"),
+            @ApiResponse(responseCode = "204", description = "Service removed successfully"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "403", description = "Access to the specified service is forbidden"),
             @ApiResponse(responseCode = "404", description = "The UUID of the service could not be found")
diff --git a/src/main/java/org/dependencytrack/resources/v1/TagResource.java b/src/main/java/org/dependencytrack/resources/v1/TagResource.java
index 554624944..2b3d28cbf 100644
--- a/src/main/java/org/dependencytrack/resources/v1/TagResource.java
+++ b/src/main/java/org/dependencytrack/resources/v1/TagResource.java
@@ -171,6 +171,7 @@ public Response getTaggedPolicies(
     @ApiResponses(value = {
             @ApiResponse(
                     responseCode = "200",
+                    description = "A list of all tags associated with a given policy",
                     headers = @Header(name = TOTAL_COUNT_HEADER, description = "The total number of tags", schema = @Schema(format = "integer")),
                     content = @Content(array = @ArraySchema(schema = @Schema(implementation = Tag.class)))
             ),
diff --git a/src/main/java/org/dependencytrack/resources/v1/TeamResource.java b/src/main/java/org/dependencytrack/resources/v1/TeamResource.java
index 470b3ef9f..4356046a7 100644
--- a/src/main/java/org/dependencytrack/resources/v1/TeamResource.java
+++ b/src/main/java/org/dependencytrack/resources/v1/TeamResource.java
@@ -26,6 +26,8 @@
 import alpine.server.resources.AlpineResource;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.Parameter;
+import io.swagger.v3.oas.annotations.headers.Header;
+import io.swagger.v3.oas.annotations.media.ArraySchema;
 import io.swagger.v3.oas.annotations.media.Content;
 import io.swagger.v3.oas.annotations.media.Schema;
 import io.swagger.v3.oas.annotations.responses.ApiResponse;
@@ -77,6 +79,12 @@ public class TeamResource extends AlpineResource {
             description = "<p>Requires permission <strong>ACCESS_MANAGEMENT</strong> or <strong>ACCESS_MANAGEMENT_READ</strong></p>"
     )
     @ApiResponses(value = {
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "A list of all teams",
+                    headers = @Header(name = TOTAL_COUNT_HEADER, description = "The total number of teams", schema = @Schema(format = "integer")),
+                    content = @Content(array = @ArraySchema(schema = @Schema(implementation = Team.class)))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized")
     })
     @PermissionRequired({Permissions.Constants.ACCESS_MANAGEMENT, Permissions.Constants.ACCESS_MANAGEMENT_READ})
@@ -96,7 +104,11 @@ public Response getTeams() {
             description = "<p>Requires permission <strong>ACCESS_MANAGEMENT</strong> or <strong>ACCESS_MANAGEMENT_READ</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = Team.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "A specific team",
+                    content = @Content(schema = @Schema(implementation = Team.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The team could not be found")
     })
@@ -118,11 +130,15 @@ public Response getTeam(
     @Consumes(MediaType.APPLICATION_JSON)
     @Produces(MediaType.APPLICATION_JSON)
     @Operation(
-            summary = "Creates a new team along with an associated API key",
+            summary = "Creates a new team",
             description = "<p>Requires permission <strong>ACCESS_MANAGEMENT</strong> or <strong>ACCESS_MANAGEMENT_CREATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "201", content = @Content(schema = @Schema(implementation = Team.class))),
+            @ApiResponse(
+                    responseCode = "201",
+                    description = "The created team",
+                    content = @Content(schema = @Schema(implementation = Team.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized")
     })
     @PermissionRequired({Permissions.Constants.ACCESS_MANAGEMENT, Permissions.Constants.ACCESS_MANAGEMENT_CREATE})
@@ -145,11 +161,15 @@ public Response createTeam(Team jsonTeam) {
     @Consumes(MediaType.APPLICATION_JSON)
     @Produces(MediaType.APPLICATION_JSON)
     @Operation(
-            summary = "Updates a team's fields including",
+            summary = "Updates a team's fields",
             description = "<p>Requires permission <strong>ACCESS_MANAGEMENT</strong> or <strong>ACCESS_MANAGEMENT_UPDATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = Team.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The updated team",
+                    content = @Content(schema = @Schema(implementation = Team.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The team could not be found")
     })
@@ -181,7 +201,7 @@ public Response updateTeam(Team jsonTeam) {
             description = "<p>Requires permission <strong>ACCESS_MANAGEMENT</strong> or <strong>ACCESS_MANAGEMENT_DELETE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "204"),
+            @ApiResponse(responseCode = "204", description = "Team removed successfully"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The team could not be found")
     })
@@ -208,7 +228,11 @@ public Response deleteTeam(Team jsonTeam) {
             description = "<p>Requires permission <strong>ACCESS_MANAGEMENT</strong> or <strong>ACCESS_MANAGEMENT_CREATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "201", content = @Content(schema = @Schema(implementation = ApiKey.class))),
+            @ApiResponse(
+                    responseCode = "201",
+                    description = "The created API key",
+                    content = @Content(schema = @Schema(implementation = ApiKey.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The team could not be found")
     })
@@ -235,7 +259,11 @@ public Response generateApiKey(
             description = "<p>Requires permission <strong>ACCESS_MANAGEMENT</strong> or <strong>ACCESS_MANAGEMENT_CREATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = ApiKey.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The re-generated API key",
+                    content = @Content(schema = @Schema(implementation = ApiKey.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The API key could not be found")
     })
@@ -263,7 +291,11 @@ public Response regenerateApiKey(
             description = "<p>Requires permission <strong>ACCESS_MANAGEMENT</strong> or <strong>ACCESS_MANAGEMENT_UPDATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = ApiKey.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The updated API key",
+                    content = @Content(schema = @Schema(implementation = ApiKey.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The API key could not be found")
     })
@@ -294,7 +326,7 @@ public Response updateApiKeyComment(@PathParam("apikey") final String apikey,
             description = "<p>Requires permission <strong>ACCESS_MANAGEMENT</strong> or <strong>ACCESS_MANAGEMENT_DELETE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "204"),
+            @ApiResponse(responseCode = "204", description = "API key removed successfully"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The API key could not be found")
     })
@@ -320,7 +352,11 @@ public Response deleteApiKey(
             summary = "Returns information about the current team."
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = TeamSelfResponse.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "Information about the current team",
+                    content = @Content(schema = @Schema(implementation = TeamSelfResponse.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "400", description = "Invalid API key supplied"),
             @ApiResponse(responseCode = "404", description = "No Team for the given API key found")
diff --git a/src/main/java/org/dependencytrack/resources/v1/UserResource.java b/src/main/java/org/dependencytrack/resources/v1/UserResource.java
index 48898714c..3c8a02953 100644
--- a/src/main/java/org/dependencytrack/resources/v1/UserResource.java
+++ b/src/main/java/org/dependencytrack/resources/v1/UserResource.java
@@ -100,7 +100,11 @@ public class UserResource extends AlpineResource {
             summary = "Assert login credentials",
             description = "Upon a successful login, a JSON Web Token will be returned in the response body. This functionality requires authentication to be enabled.")
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(type = "string"))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "A bearer token to be used for authenticating with the REST API",
+                    content = @Content(schema = @Schema(type = "string"))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "403", description = "Forbidden")
     })
@@ -137,7 +141,11 @@ public Response validateCredentials(@FormParam("username") String username, @For
             summary = "Login with OpenID Connect",
             description = "Upon a successful login, a JSON Web Token will be returned in the response body. This functionality requires authentication to be enabled.")
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(type = "string"))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "A bearer token to be used for authenticating with the REST API",
+                    content = @Content(schema = @Schema(type = "string"))
+            ),
             @ApiResponse(responseCode = "204", description = "No Content"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "403", description = "Forbidden")
@@ -180,7 +188,7 @@ public Response validateOidcAccessToken(@Parameter(description = "An OAuth2 acce
             description = "Upon a successful login, a JSON Web Token will be returned in the response body. This functionality requires authentication to be enabled."
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200"),
+            @ApiResponse(responseCode = "200", description = "Password changed successfully"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "403", description = "Forbidden")
     })
@@ -241,6 +249,7 @@ public Response forceChangePassword(@FormParam("username") String username, @For
     @ApiResponses(value = {
             @ApiResponse(
                     responseCode = "200",
+                    description = "A list of all managed users",
                     headers = @Header(name = TOTAL_COUNT_HEADER, description = "The total number of managed users", schema = @Schema(format = "integer")),
                     content = @Content(array = @ArraySchema(schema = @Schema(implementation = ManagedUser.class)))
             ),
@@ -265,6 +274,7 @@ public Response getManagedUsers() {
     @ApiResponses(value = {
             @ApiResponse(
                     responseCode = "200",
+                    description = "A list of all LDAP users",
                     headers = @Header(name = TOTAL_COUNT_HEADER, description = "The total number of LDAP users", schema = @Schema(format = "integer")),
                     content = @Content(array = @ArraySchema(schema = @Schema(implementation = LdapUser.class)))
             ),
@@ -292,7 +302,9 @@ public Response getLdapUsers() {
     @ApiResponses(value = {
             @ApiResponse(
                     responseCode = "200",
-                    headers = @Header(name = TOTAL_COUNT_HEADER, description = "The total number of OIDC users", schema = @Schema(format = "integer"))),
+                    description = "A list of all OIDC users",
+                    headers = @Header(name = TOTAL_COUNT_HEADER, description = "The total number of OIDC users", schema = @Schema(format = "integer"))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized")
     })
     @PermissionRequired({Permissions.Constants.ACCESS_MANAGEMENT, Permissions.Constants.ACCESS_MANAGEMENT_READ})
@@ -311,7 +323,11 @@ public Response getOidcUsers() {
             summary = "Returns information about the current logged in user."
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = UserPrincipal.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "Information about the current logged in user",
+                    content = @Content(schema = @Schema(implementation = UserPrincipal.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized")
     })
     public Response getSelf() {
@@ -341,7 +357,11 @@ public Response getSelf() {
             summary = "Updates information about the current logged in user."
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = ManagedUser.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The updated user",
+                    content = @Content(schema = @Schema(implementation = ManagedUser.class))
+            ),
             @ApiResponse(responseCode = "400", description = "An invalid payload was submitted or the user is not a managed user."),
             @ApiResponse(responseCode = "401", description = "Unauthorized")
     })
@@ -391,7 +411,11 @@ public Response updateSelf(ManagedUser jsonUser) {
             description = "<p>Requires permission <strong>ACCESS_MANAGEMENT</strong> or <strong>ACCESS_MANAGEMENT_CREATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "201", content = @Content(schema = @Schema(implementation = LdapUser.class))),
+            @ApiResponse(
+                    responseCode = "201",
+                    description = "The created LDAP user",
+                    content = @Content(schema = @Schema(implementation = LdapUser.class))
+            ),
             @ApiResponse(responseCode = "400", description = "Username cannot be null or blank."),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "409", description = "A user with the same username already exists. Cannot create new user")
@@ -423,7 +447,7 @@ public Response createLdapUser(LdapUser jsonUser) {
             description = "<p>Requires permission <strong>ACCESS_MANAGEMENT</strong> or <strong>ACCESS_MANAGEMENT_DELETE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "204"),
+            @ApiResponse(responseCode = "204", description = "LDAP user removed successfully"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The user could not be found")
     })
@@ -452,7 +476,11 @@ public Response deleteLdapUser(LdapUser jsonUser) {
             description = "<p>Requires permission <strong>ACCESS_MANAGEMENT</strong> or <strong>ACCESS_MANAGEMENT_CREATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "201", content = @Content(schema = @Schema(implementation = ManagedUser.class))),
+            @ApiResponse(
+                    responseCode = "201",
+                    description = "The created user",
+                    content = @Content(schema = @Schema(implementation = ManagedUser.class))
+            ),
             @ApiResponse(responseCode = "400", description = "Missing required field"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "409", description = "A user with the same username already exists. Cannot create new user")
@@ -500,7 +528,11 @@ public Response createManagedUser(ManagedUser jsonUser) {
             description = "<p>Requires permission <strong>ACCESS_MANAGEMENT</strong> or <strong>ACCESS_MANAGEMENT_UPDATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = ManagedUser.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The updated user",
+                    content = @Content(schema = @Schema(implementation = ManagedUser.class))
+            ),
             @ApiResponse(responseCode = "400", description = "Missing required field"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The user could not be found")
@@ -543,7 +575,7 @@ public Response updateManagedUser(ManagedUser jsonUser) {
             description = "<p>Requires permission <strong>ACCESS_MANAGEMENT</strong> or <strong>ACCESS_MANAGEMENT_DELETE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "204"),
+            @ApiResponse(responseCode = "204", description = "User removed successfully"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The user could not be found")
     })
@@ -572,7 +604,11 @@ public Response deleteManagedUser(ManagedUser jsonUser) {
             description = "<p>Requires permission <strong>ACCESS_MANAGEMENT</strong> or <strong>ACCESS_MANAGEMENT_CREATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "201", content = @Content(schema = @Schema(implementation = OidcUser.class))),
+            @ApiResponse(
+                    responseCode = "201",
+                    description = "The created OIDC user",
+                    content = @Content(schema = @Schema(implementation = OidcUser.class))
+            ),
             @ApiResponse(responseCode = "400", description = "Username cannot be null or blank."),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "409", description = "A user with the same username already exists. Cannot create new user")
@@ -604,7 +640,7 @@ public Response createOidcUser(final OidcUser jsonUser) {
             description = "<p>Requires permission <strong>ACCESS_MANAGEMENT</strong> or <strong>ACCESS_MANAGEMENT_DELETE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "204"),
+            @ApiResponse(responseCode = "204", description = "OIDC user removed successfully"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The user could not be found")
     })
@@ -633,7 +669,11 @@ public Response deleteOidcUser(final OidcUser jsonUser) {
             description = "<p>Requires permission <strong>ACCESS_MANAGEMENT</strong> or <strong>ACCESS_MANAGEMENT_UPDATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = UserPrincipal.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The updated user",
+                    content = @Content(schema = @Schema(implementation = UserPrincipal.class))
+            ),
             @ApiResponse(responseCode = "304", description = "The user is already a member of the specified team"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The user or team could not be found")
@@ -673,7 +713,11 @@ public Response addTeamToUser(
             description = "<p>Requires permission <strong>ACCESS_MANAGEMENT</strong> or <strong>ACCESS_MANAGEMENT_DELETE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = UserPrincipal.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The updated user",
+                    content = @Content(schema = @Schema(implementation = UserPrincipal.class))
+            ),
             @ApiResponse(responseCode = "304", description = "The user was not a member of the specified team"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The user or team could not be found")
diff --git a/src/main/java/org/dependencytrack/resources/v1/VexResource.java b/src/main/java/org/dependencytrack/resources/v1/VexResource.java
index cc9b3158c..07efa82dc 100644
--- a/src/main/java/org/dependencytrack/resources/v1/VexResource.java
+++ b/src/main/java/org/dependencytrack/resources/v1/VexResource.java
@@ -55,6 +55,7 @@
 import org.dependencytrack.persistence.QueryManager;
 import org.dependencytrack.resources.v1.problems.InvalidBomProblemDetails;
 import org.dependencytrack.resources.v1.problems.ProblemDetails;
+import org.dependencytrack.resources.v1.vo.BomUploadResponse;
 import org.dependencytrack.resources.v1.vo.VexSubmitRequest;
 import org.glassfish.jersey.media.multipart.BodyPartEntity;
 import org.glassfish.jersey.media.multipart.FormDataBodyPart;
@@ -90,7 +91,11 @@ public class VexResource extends AlpineResource {
             description = "<p>Requires permission <strong>VULNERABILITY_ANALYSIS</strong> or <strong>VULNERABILITY_ANALYSIS_READ</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(type = "string"))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "A VEX for a project in CycloneDX format",
+                    content = @Content(schema = @Schema(type = "string"))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "403", description = "Access to the specified project is forbidden"),
             @ApiResponse(responseCode = "404", description = "The project could not be found")
@@ -150,6 +155,11 @@ public Response exportProjectAsCycloneDx(
                     <p>Requires permission <strong>VULNERABILITY_ANALYSIS</strong> or <strong>VULNERABILITY_ANALYSIS_UPDATE</strong></p>"""
     )
     @ApiResponses(value = {
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "Token to be used for checking VEX processing progress",
+                    content = @Content(schema = @Schema(implementation = BomUploadResponse.class))
+            ),
             @ApiResponse(
                     responseCode = "400",
                     description = "Invalid VEX",
@@ -204,6 +214,11 @@ public Response uploadVex(VexSubmitRequest request) {
                     <p>Requires permission <strong>VULNERABILITY_ANALYSIS</strong> or <strong>VULNERABILITY_ANALYSIS_UPDATE</strong></p>"""
     )
     @ApiResponses(value = {
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "Token to be used for checking VEX processing progress",
+                    content = @Content(schema = @Schema(implementation = BomUploadResponse.class))
+            ),
             @ApiResponse(
                     responseCode = "400",
                     description = "Invalid VEX",
diff --git a/src/main/java/org/dependencytrack/resources/v1/ViolationAnalysisResource.java b/src/main/java/org/dependencytrack/resources/v1/ViolationAnalysisResource.java
index 86ad93476..f24364d8c 100644
--- a/src/main/java/org/dependencytrack/resources/v1/ViolationAnalysisResource.java
+++ b/src/main/java/org/dependencytrack/resources/v1/ViolationAnalysisResource.java
@@ -46,7 +46,6 @@
 import jakarta.ws.rs.core.Response;
 import org.apache.commons.lang3.StringUtils;
 import org.dependencytrack.auth.Permissions;
-import org.dependencytrack.model.Analysis;
 import org.dependencytrack.model.Component;
 import org.dependencytrack.model.PolicyViolation;
 import org.dependencytrack.model.ViolationAnalysis;
@@ -77,7 +76,11 @@ public class ViolationAnalysisResource extends AlpineResource {
             description = "<p>Requires permission <strong>VIEW_POLICY_VIOLATION</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = Analysis.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "A violation analysis trail",
+                    content = @Content(schema = @Schema(implementation = ViolationAnalysis.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The component or policy violation could not be found")
     })
@@ -112,8 +115,12 @@ public Response retrieveAnalysis(@Parameter(description = "The UUID of the compo
             description = "<p>Requires permission <strong>POLICY_VIOLATION_ANALYSIS</strong></p>"
     )
     @ApiResponses(value = {
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The created violation analysis",
+                    content = @Content(schema = @Schema(implementation = ViolationAnalysis.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = Analysis.class))),
             @ApiResponse(responseCode = "404", description = "The component or policy violation could not be found")
     })
     @PermissionRequired(Permissions.Constants.POLICY_VIOLATION_ANALYSIS)
diff --git a/src/main/java/org/dependencytrack/resources/v1/VulnerabilityPolicyBundleResource.java b/src/main/java/org/dependencytrack/resources/v1/VulnerabilityPolicyBundleResource.java
index 5bb644372..47bfa3a61 100644
--- a/src/main/java/org/dependencytrack/resources/v1/VulnerabilityPolicyBundleResource.java
+++ b/src/main/java/org/dependencytrack/resources/v1/VulnerabilityPolicyBundleResource.java
@@ -52,8 +52,11 @@ public class VulnerabilityPolicyBundleResource extends AlpineResource {
             description = "<p>Requires permission <strong>POLICY_MANAGEMENT</strong> or <strong>POLICY_MANAGEMENT_READ</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = VulnerabilityPolicyBundle.class
-            ))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "Information about the vulnerability policy bundle",
+                    content = @Content(schema = @Schema(implementation = VulnerabilityPolicyBundle.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized")
     })
     @PermissionRequired({Permissions.Constants.POLICY_MANAGEMENT, Permissions.Constants.POLICY_MANAGEMENT_READ})
diff --git a/src/main/java/org/dependencytrack/resources/v1/VulnerabilityPolicyResource.java b/src/main/java/org/dependencytrack/resources/v1/VulnerabilityPolicyResource.java
index 9edf73d93..56294ea94 100644
--- a/src/main/java/org/dependencytrack/resources/v1/VulnerabilityPolicyResource.java
+++ b/src/main/java/org/dependencytrack/resources/v1/VulnerabilityPolicyResource.java
@@ -52,6 +52,7 @@
 import org.dependencytrack.policy.vulnerability.VulnerabilityPolicyProvider;
 import org.dependencytrack.policy.vulnerability.VulnerabilityPolicyProviderFactory;
 import org.dependencytrack.resources.v1.openapi.PaginatedApi;
+import org.dependencytrack.resources.v1.vo.BomUploadResponse;
 import org.postgresql.util.PSQLException;
 import org.postgresql.util.PSQLState;
 
@@ -82,8 +83,12 @@ public class VulnerabilityPolicyResource extends AlpineResource {
     )
     @PaginatedApi
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", headers = @Header(name = TOTAL_COUNT_HEADER, schema = @Schema(format = "integer"), description = "The total number of vulnerability policies"),
-                    content = @Content(array = @ArraySchema(schema = @Schema(implementation = VulnerabilityPolicy.class)))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "A list of all vulnerability policies",
+                    headers = @Header(name = TOTAL_COUNT_HEADER, schema = @Schema(format = "integer"), description = "The total number of vulnerability policies"),
+                    content = @Content(array = @ArraySchema(schema = @Schema(implementation = VulnerabilityPolicy.class)))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized")
     })
     @PermissionRequired({Permissions.Constants.POLICY_MANAGEMENT, Permissions.Constants.POLICY_MANAGEMENT_READ})
@@ -103,7 +108,11 @@ public Response getVulnerabilityPolicies() {
             description = "<p>Requires permission <strong>POLICY_MANAGEMENT</strong> or <strong>POLICY_MANAGEMENT_UPDATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content( schema = @Schema(type = "string"))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "Token to be used for checking synchronization progress",
+                    content = @Content(schema = @Schema(implementation = BomUploadResponse.class))
+            ),
             @ApiResponse(responseCode = "202", description = "Accepted"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "409", description = "Conflict")
@@ -153,7 +162,7 @@ public Response triggerVulnerabilityPolicyBundleSync() {
             return response;
         } catch (RuntimeException e) {
             if (ExceptionUtils.getRootCause(e) instanceof final PSQLException pe
-                    && pe.getSQLState().equals(PSQLState.UNIQUE_VIOLATION.getState())) {
+                && pe.getSQLState().equals(PSQLState.UNIQUE_VIOLATION.getState())) {
                 return Response
                         .status(Response.Status.CONFLICT)
                         .entity(Map.of("message", "Bundle synchronization is already in progress"))
diff --git a/src/main/java/org/dependencytrack/resources/v1/VulnerabilityResource.java b/src/main/java/org/dependencytrack/resources/v1/VulnerabilityResource.java
index 25b30716c..ab27476c1 100644
--- a/src/main/java/org/dependencytrack/resources/v1/VulnerabilityResource.java
+++ b/src/main/java/org/dependencytrack/resources/v1/VulnerabilityResource.java
@@ -93,6 +93,7 @@ public class VulnerabilityResource extends AlpineResource {
     @ApiResponses(value = {
             @ApiResponse(
                     responseCode = "200",
+                    description = "A list of all vulnerabilities for a specific component",
                     headers = @Header(name = TOTAL_COUNT_HEADER, description = "The total number of vulnerabilities", schema = @Schema(format = "integer")),
                     content = @Content(array = @ArraySchema(schema = @Schema(implementation = Vulnerability.class)))
             ),
@@ -130,6 +131,7 @@ public Response getVulnerabilitiesByComponent(@Parameter(description = "The UUID
     @ApiResponses(value = {
             @ApiResponse(
                     responseCode = "200",
+                    description = "A list of all vulnerabilities for a specific project",
                     headers = @Header(name = TOTAL_COUNT_HEADER, description = "The total number of vulnerabilities", schema = @Schema(format = "integer")),
                     content = @Content(array = @ArraySchema(schema = @Schema(implementation = Vulnerability.class)))
             ),
@@ -166,7 +168,11 @@ public Response getVulnerabilitiesByProject(@Parameter(description = "The UUID o
             description = "<p>Requires permission <strong>VULNERABILITY_MANAGEMENT</strong> or <strong>VULNERABILITY_MANAGEMENT_READ</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = Vulnerability.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "A specific vulnerability",
+                    content = @Content(schema = @Schema(implementation = Vulnerability.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The vulnerability could not be found")
     })
@@ -191,7 +197,11 @@ public Response getVulnerabilityByUuid(@Parameter(description = "The UUID of the
             description = "<p>Requires permission <strong>VIEW_PORTFOLIO</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = Vulnerability.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "A specific vulnerability",
+                    content = @Content(schema = @Schema(implementation = Vulnerability.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The vulnerability could not be found")
     })
@@ -226,6 +236,7 @@ public Response getVulnerabilityByVulnId(@PathParam("source") String source,
     @ApiResponses(value = {
             @ApiResponse(
                     responseCode = "200",
+                    description = "A list of all projects affected by a specific vulnerability",
                     headers = @Header(name = TOTAL_COUNT_HEADER, description = "The total number of projects", schema = @Schema(format = "integer")),
                     content = @Content(array = @ArraySchema(schema = @Schema(implementation = Project.class)))
             ),
@@ -264,6 +275,7 @@ public Response getAffectedProject(@PathParam("source") String source,
     @ApiResponses(value = {
             @ApiResponse(
                     responseCode = "200",
+                    description = "A list of all vulnerabilities",
                     headers = @Header(name = TOTAL_COUNT_HEADER, description = "The total number of vulnerabilities", schema = @Schema(format = "integer")),
                     content = @Content(array = @ArraySchema(schema = @Schema(implementation = Vulnerability.class)))
             ),
@@ -285,7 +297,11 @@ public Response getAllVulnerabilities() {
             description = "<p>Requires permission <strong>VULNERABILITY_MANAGEMENT</strong> or <strong>VULNERABILITY_MANAGEMENT_CREATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "201", content = @Content(schema = @Schema(implementation = Vulnerability.class))),
+            @ApiResponse(
+                    responseCode = "201",
+                    description = "The created vulnerability",
+                    content = @Content(schema = @Schema(implementation = Vulnerability.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "409", description = "A vulnerability with the specified vulnId already exists")
     })
@@ -356,8 +372,11 @@ public Response createVulnerability(Vulnerability jsonVulnerability) {
             description = "<p>Requires permission <strong>VULNERABILITY_MANAGEMENT</strong> or <strong>VULNERABILITY_MANAGEMENT_UPDATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = Vulnerability.class))),
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = Vulnerability.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The updated vulnerability",
+                    content = @Content(schema = @Schema(implementation = Vulnerability.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The vulnerability could not be found"),
             @ApiResponse(responseCode = "406", description = "The vulnId may not be changed")
@@ -437,7 +456,7 @@ public Response updateVulnerability(Vulnerability jsonVuln) {
             description = "<p>Requires permission <strong>VULNERABILITY_MANAGEMENT</strong> or <strong>VULNERABILITY_MANAGEMENT_DELETE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "204"),
+            @ApiResponse(responseCode = "204", description = "Vulnerability removed successfully"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "403", description = "Access to the specified vulnerability is forbidden"),
             @ApiResponse(responseCode = "404", description = "The UUID of the vulnerability could not be found"),
@@ -475,7 +494,11 @@ public Response deleteVulnerability(
             description = "<p>Requires permission <strong>PORTFOLIO_MANAGEMENT</strong> or <strong>PORTFOLIO_MANAGEMENT_CREATE</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(type = "string"))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "An internal vulnerability identifier",
+                    content = @Content(schema = @Schema(type = "string"))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized")
     })
     @PermissionRequired({Permissions.Constants.PORTFOLIO_MANAGEMENT, Permissions.Constants.PORTFOLIO_MANAGEMENT_CREATE})
@@ -533,6 +556,7 @@ public void recalculateScoresAndSeverityFromVectors(Vulnerability vuln) throws M
             description = "<p>Requires permission <strong>PORTFOLIO_MANAGEMENT</strong> or <strong>PORTFOLIO_MANAGEMENT_UPDATE</strong></p>"
     )
     @ApiResponses(value = {
+            @ApiResponse(responseCode = "200", description = "Assignment successful"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "403", description = "Access to the specified component is forbidden"),
             @ApiResponse(responseCode = "404", description = "The vulnerability or component could not be found")
@@ -572,6 +596,7 @@ public Response assignVulnerability(@Parameter(description = "The vulnerability
             description = "<p>Requires permission <strong>PORTFOLIO_MANAGEMENT</strong> or <strong>PORTFOLIO_MANAGEMENT_UPDATE</strong></p>"
     )
     @ApiResponses(value = {
+            @ApiResponse(responseCode = "200", description = "Assignment successful"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "403", description = "Access to the specified component is forbidden"),
             @ApiResponse(responseCode = "404", description = "The vulnerability or component could not be found")
@@ -609,6 +634,7 @@ public Response assignVulnerability(@Parameter(description = "The UUID of the vu
             description = "<p>Requires permission <strong>PORTFOLIO_MANAGEMENT</strong> or <strong>PORTFOLIO_MANAGEMENT_DELETE</strong></p>"
     )
     @ApiResponses(value = {
+            @ApiResponse(responseCode = "200", description = "Assignment removal successful"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "403", description = "Access to the specified component is forbidden"),
             @ApiResponse(responseCode = "404", description = "The vulnerability or component could not be found")
@@ -648,6 +674,7 @@ public Response unassignVulnerability(@Parameter(description = "The vulnerabilit
             description = "<p>Requires permission <strong>PORTFOLIO_MANAGEMENT</strong> or <strong>PORTFOLIO_MANAGEMENT_DELETE</strong></p>"
     )
     @ApiResponses(value = {
+            @ApiResponse(responseCode = "200", description = "Assignment removal successful"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "403", description = "Access to the specified component is forbidden"),
             @ApiResponse(responseCode = "404", description = "The vulnerability or component could not be found")
@@ -685,6 +712,11 @@ public Response unassignVulnerability(@Parameter(description = "The UUID of the
             description = "<p>Requires permission <strong>VULNERABILITY_MANAGEMENT</strong> or <strong>VULNERABILITY_MANAGEMENT_UPDATE</strong></p>"
     )
     @ApiResponses(value = {
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "The updated vulnerability",
+                    content = @Content(schema = @Schema(implementation = Vulnerability.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "The vulnerability could not be found")
     })
@@ -713,11 +745,12 @@ public Response updateVulnerabilityTags(List<String> tags,
             description = "<p>Requires permission <strong>VIEW_PORTFOLIO</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200",
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "A list of all tagged vulnerabilities",
                     headers = @Header(name = TOTAL_COUNT_HEADER, description = "The total number of vulnerabilities with the tag", schema = @Schema(format = "integer")),
                     content = @Content(array = @ArraySchema(schema = @Schema(implementation = Vulnerability.class)))
             ),
-
             @ApiResponse(responseCode = "401", description = "Unauthorized")
     })
     @PermissionRequired(Permissions.Constants.VIEW_PORTFOLIO)
diff --git a/src/main/java/org/dependencytrack/resources/v1/WorkflowResource.java b/src/main/java/org/dependencytrack/resources/v1/WorkflowResource.java
index c56b29e0d..fc05c8e08 100644
--- a/src/main/java/org/dependencytrack/resources/v1/WorkflowResource.java
+++ b/src/main/java/org/dependencytrack/resources/v1/WorkflowResource.java
@@ -61,7 +61,11 @@ public class WorkflowResource {
             description = "<p>Requires permission <strong>BOM_UPLOAD</strong></p>"
     )
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = WorkflowState.class))),
+            @ApiResponse(
+                    responseCode = "200",
+                    description = "A list of workflow states",
+                    content = @Content(schema = @Schema(implementation = WorkflowState.class))
+            ),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "404", description = "Workflow does not exist")
     })
diff --git a/src/main/resources/openapi-configuration.yaml b/src/main/resources/openapi-configuration.yaml
new file mode 100644
index 000000000..dfc491c49
--- /dev/null
+++ b/src/main/resources/openapi-configuration.yaml
@@ -0,0 +1,29 @@
+openAPI:
+  info:
+    version: "${project.version}"
+    title: OWASP Dependency-Track
+    description: REST API of OWASP Dependency-Track
+    contact:
+      name: The Dependency-Track Authors
+      url: https://github.com/DependencyTrack/dependency-track
+    license:
+      name: Apache-2.0
+      url: https://www.apache.org/licenses/LICENSE-2.0.html
+    externalDocs:
+      description: Project Documentation
+      url: https://docs.dependencytrack.org/
+  servers:
+  - url: /api
+  components:
+    securitySchemes:
+      ApiKeyAuth:
+        name: X-Api-Key
+        type: apiKey
+        in: header
+      BearerAuth:
+        type: http
+        scheme: Bearer
+prettyPrint: true
+resourcePackages:
+- alpine.server.resources
+- org.dependencytrack.resources
diff --git a/src/main/webapp/WEB-INF/openapi-configuration.yaml b/src/main/webapp/WEB-INF/openapi-configuration.yaml
deleted file mode 100644
index 63cd8900b..000000000
--- a/src/main/webapp/WEB-INF/openapi-configuration.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-openAPI:
-  info:
-    version: "4.12.0"
-    title: "Dependency-Track REST API"
-  components:
-    securitySchemes:
-      ApiKeyAuth:
-        name: X-Api-Key
-        type: apiKey
-        in: header
-      BearerAuth:
-        type: http
-        scheme: Bearer
-prettyPrint: true
-resourcePackages:
-  - alpine.server.resources
-  - org.dependencytrack.resources
diff --git a/src/test/java/org/dependencytrack/resources/OpenApiResourceTest.java b/src/test/java/org/dependencytrack/resources/OpenApiResourceTest.java
new file mode 100644
index 000000000..b4dd3d708
--- /dev/null
+++ b/src/test/java/org/dependencytrack/resources/OpenApiResourceTest.java
@@ -0,0 +1,81 @@
+/*
+ * This file is part of Dependency-Track.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ * Copyright (c) OWASP Foundation. All Rights Reserved.
+ */
+package org.dependencytrack.resources;
+
+import alpine.server.filters.ApiFilter;
+import io.swagger.parser.OpenAPIParser;
+import io.swagger.v3.parser.core.models.SwaggerParseResult;
+import jakarta.ws.rs.core.Response;
+import org.dependencytrack.JerseyTestRule;
+import org.dependencytrack.ResourceTest;
+import org.glassfish.jersey.client.ClientProperties;
+import org.glassfish.jersey.server.ResourceConfig;
+import org.junit.ClassRule;
+import org.junit.Test;
+
+import java.util.List;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+public class OpenApiResourceTest extends ResourceTest {
+
+    @ClassRule
+    public static JerseyTestRule jersey = new JerseyTestRule(
+            new ResourceConfig(OpenApiResource.class)
+                    .register(ApiFilter.class));
+
+    @Test
+    public void testOpenApiJson() {
+        final Response response = jersey.target("/openapi.json")
+                // NB: Initial generation of the OpenAPI spec can take a while in CI.
+                .property(ClientProperties.READ_TIMEOUT, "60000")
+                .request()
+                .get(Response.class);
+        assertThat(response.getStatus()).isEqualTo(200);
+        assertThat(response.getHeaderString("Content-Type")).isEqualTo("application/json");
+
+        final String openApiJson = getPlainTextBody(response);
+        final SwaggerParseResult parseResult = new OpenAPIParser().readContents(openApiJson, null, null);
+
+        final List<String> validationMessages = parseResult.getMessages();
+        // Version resource is defined in Alpine and outside our control.
+        validationMessages.removeIf("attribute paths.'/version'(get).responses.200.description is missing"::equals);
+        assertThat(validationMessages).isEmpty();
+    }
+
+    @Test
+    public void testOpenApiYaml() {
+        final Response response = jersey.target("/openapi.yaml")
+                // NB: Initial generation of the OpenAPI spec can take a while in CI.
+                .property(ClientProperties.READ_TIMEOUT, "60000")
+                .request()
+                .get(Response.class);
+        assertThat(response.getStatus()).isEqualTo(200);
+        assertThat(response.getHeaderString("Content-Type")).isEqualTo("application/yaml");
+
+        final String openApiYaml = getPlainTextBody(response);
+        final SwaggerParseResult parseResult = new OpenAPIParser().readContents(openApiYaml, null, null);
+
+        final List<String> validationMessages = parseResult.getMessages();
+        // Version resource is defined in Alpine and outside our control.
+        validationMessages.removeIf("attribute paths.'/version'(get).responses.200.description is missing"::equals);
+        assertThat(validationMessages).isEmpty();
+    }
+
+}
\ No newline at end of file