Validate API Specification

Edit online

The Validate API Specification policy validates the incoming request and outgoing responses against the API's various specifications. These specifications such as schema, query parameters, path parameters, cookie parameters, content-types, and HTTP Headers are referenced in their corresponding formats. The request sent to the API by an application must conform with the structure or format specified. The incoming requests are validated against the API specifications in this policy to conform to the structure or format that the API expects.

In API Studio, the kind ValidateAPISpecification identifies the policy.

Sample code for the Validate API Specification policy.

kind: ValidateAPISpecification
apiVersion: api.webmethods.io/beta
metadata:
  name: validate_api_specification
  version: 1
  namespace: sample
spec:
  validate:
    - query
    - path
    - cookie
    - contentType
    - headers:
        condition: (${request.httpMethod} equals POST) or (${request.headers.name} notEquals ${request.payload.jsonPath[$.customer.name]})
 # other operators include Equals, Equals ignore case, Not equals, Not equals ignore case, Contains, Not Contains, Exists, Not Exists, IP Range, Greater Than, Lesser Than
    - schema:
        feature:
          - name: TOLERATE_DUPLICATES
            value: true
          - name: DISALLOW_DOCTYPE
            value: false

The structure in the code view and what it denotes is as follows.

Type Description
kind ValidateAPISpecification.

Denotes the asset type, Validate API Specification policy.
apiVersion Denotes the API version of the API on which this policy is enforced.
metadata Denotes the metadata or details of the asset type.
The policy covers the following metadata:
  • name. Name of the policy.
  • version. Version of the policy.
  • namespace. The namespace identifier for the policy.
  • tags. The tags associated with the policy.
spec The spec denotes the various policy properties that you can configure for the policy.

You can configure the following policy property:

Validate. Specifies the API Specifications to validate. You can specify one of the following validation parameters:
  • query. Validates the query parameters in the incoming request against the query parameters that are defined in the API Specification of the request.
  • path. Validates the path parameters in the incoming request against the path parameters that are defined in the API Specification of the request.
  • cookie. Validates the cookie parameters in the incoming request against the cookie parameters that are defined in the API Specification of the request.
  • contentType. Validates the content-types in the incoming request against the content types that are defined in the API Specification of the request.
  • headers. Validates the header parameters in the incoming request against the headers that are defined in the API Specification of the request. Provide the information in the format: {header key} operator {header value} condition {header key} operator {header value}

    You can use the following conditions:

    • and. Transforms the requests that comply with all the configured conditions.
    • or. Transforms the requests that comply with any one configured condition.

    You can use the following operators:

    • Equals
    • Not equals
    • Contains
    • Not Contains
    • Exists
    • Not Exists
    • Range
    • Greater Than
    • Lesser Than
  • schema. Validates the request payload against the appropriate schema. You can provide the following features for XML schema validation:
    • Feature name. Specifies the name of the feature for XML parsing during XML schema validation.
    • Feature value. Specifies whether the feature value is True or False.