Suggest Open API specification validation rule.

POST

/api/config/namespaces/{namespace}/api_sec/rule_suggestion/oas_validation

const url = 'https://example-corp.console.ves.volterra.io/api/v1/api/production/us-east-1/namespaces/default/api/config/namespaces/example/api_sec/rule_suggestion/oas_validation';
const options = {
  method: 'POST',
  headers: {Authorization: '<Authorization>', 'Content-Type': 'application/json'},
  body: '{"api_groups":["example"],"method":"ANY","namespace":"example","path":"example","virtual_host_name":"example"}'
};

try {
  const response = await fetch(url, options);
  const data = await response.json();
  console.log(data);
} catch (error) {
  console.error(error);
}

curl --request POST \
  --url https://example-corp.console.ves.volterra.io/api/v1/api/production/us-east-1/namespaces/default/api/config/namespaces/example/api_sec/rule_suggestion/oas_validation \
  --header 'Authorization: <Authorization>' \
  --header 'Content-Type: application/json' \
  --data '{ "api_groups": [ "example" ], "method": "ANY", "namespace": "example", "path": "example", "virtual_host_name": "example" }'

Suggest Open API specification validation rule for a given path.

Examples of this operation.

Authorizations

ApiToken

Parameters

Path Parameters

namespace

required

string

Namespace x-required Namespace of the App type for current request.

Request Body^required

application/json

GetSuggestedOasValidationRuleReq

GET suggested Open API specification validation for a given path.

object

api_groups

API Groups membership

List of API Groups the API Endpoint is a member of.

Array<string>

method

string

default: ANY

Allowed values: ANY GET HEAD POST PUT DELETE CONNECT OPTIONS TRACE PATCH COPY

namespace

Namespace

Namespace of the App type for current request Required: YES.

string

>= 6 characters <= 1024 characters

path

Path

Path to apply the Open API specification validation to Required: YES.

string

<= 1024 characters

virtual_host_name

Name

Virtual Host for which this Open API specification validation rule applied Required: YES.

string

<= 1024 characters

Responses

200

A successful response.

application/json

GetSuggestedOasValidationRuleRsp

GET suggested Open API specification validation for a given path.

object

all_endpoints_oas_validation

object

fall_through_mode

object

fall_through_mode_allow

object

fall_through_mode_custom

object

open_api_validation_rules

Custom Fall Through Rule List

Required: YES.

Array<object>

<= 15 items

Fall Through Rule

Fall Through Rule for a specific endpoint, base-path, or API group.

object

action_block

object

action_report

object

action_skip

object

api_endpoint

object

methods

Methods

Methods to be matched.

Array<string>

<= 16 items

Allowed values: ANY GET HEAD POST PUT DELETE CONNECT OPTIONS TRACE PATCH COPY

path

Path

Path to be matched Required: YES.

string

<= 1024 characters

api_group

api_group

Exclusive with [api_endpoint base_path] The API group which this validation applies to.

string

<= 128 characters

base_path

base path

Exclusive with [api_endpoint api_group] The base path which this validation applies to.

string

<= 128 characters

metadata

object

description

description

Human readable description.

string

>= 21 characters <= 256 characters

name

name

This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.

string

>= 1 characters <= 1024 characters

disable

disable

X-displayName: “Disable” A value of true will administratively disable the object that corresponds to the containing message.

boolean format: boolean

settings

object

oversized_body_fail_validation

object

oversized_body_skip_validation

object

property_validation_settings_custom

object

queryParameters

object

allow_additional_parameters

object

disallow_additional_parameters

object

property_validation_settings_default

object

validation_mode

object

response_validation_mode_active

object

enforcement_block

object

enforcement_report

object

response_validation_properties

Response Validation Properties

List of properties of the response to validate according to the OpenAPI specification file (a.k.a. Swagger)

Required: YES.

Array<string>

>= 1 items

Allowed values: PROPERTY_QUERY_PARAMETERS PROPERTY_PATH_PARAMETERS PROPERTY_CONTENT_TYPE PROPERTY_COOKIE_PARAMETERS PROPERTY_HTTP_HEADERS PROPERTY_HTTP_BODY PROPERTY_SECURITY_SCHEMA PROPERTY_RESPONSE_CODE

skip_response_validation

object

skip_validation

object

validation_mode_active

object

enforcement_block

object

enforcement_report

object

request_validation_properties

Request Validation Properties

List of properties of the request to validate according to the OpenAPI specification file (a.k.a. Swagger)

Required: YES.

Array<string>

>= 1 items

custom_oas_validation

object

any_domain

object

api_endpoint

object

methods

Methods

Methods to be matched.

Array<string>

<= 16 items

Allowed values: ANY GET HEAD POST PUT DELETE CONNECT OPTIONS TRACE PATCH COPY

path

Path

Path to be matched Required: YES.

string

<= 1024 characters

api_group

api_group

Exclusive with [api_endpoint base_path] The API group which this validation applies to.

string

<= 128 characters

base_path

base path

Exclusive with [api_endpoint api_group] The base path which this validation applies to.

string

<= 128 characters

metadata

object

description

description

Human readable description.

string

>= 21 characters <= 256 characters

name

name

This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.

string

>= 1 characters <= 1024 characters

disable

disable

X-displayName: “Disable” A value of true will administratively disable the object that corresponds to the containing message.

boolean format: boolean

specific_domain

domain

Exclusive with [any_domain] The rule will apply for a specific domain.

string

<= 128 characters

validation_mode

object

response_validation_mode_active

object

enforcement_block

object

enforcement_report

object

response_validation_properties

Response Validation Properties

List of properties of the response to validate according to the OpenAPI specification file (a.k.a. Swagger)

Required: YES.

Array<string>

>= 1 items

skip_response_validation

object

skip_validation

object

validation_mode_active

object

enforcement_block

object

enforcement_report

object

request_validation_properties

Request Validation Properties

List of properties of the request to validate according to the OpenAPI specification file (a.k.a. Swagger)

Required: YES.

Array<string>

>= 1 items

found_existing_rule

object

loadbalancer_type

string

default: VIRTUAL_SERVICE

Allowed values: VIRTUAL_SERVICE HTTP_LOAD_BALANCER API_GATEWAY TCP_LOAD_BALANCER PROXY CDN_LOAD_BALANCER NGINX_SERVER UDP_LOAD_BALANCER

Example

{
  "all_endpoints_oas_validation": {
    "fall_through_mode": {
      "fall_through_mode_custom": {
        "open_api_validation_rules": [
          {
            "api_endpoint": {
              "methods": [
                "ANY"
              ]
            }
          }
        ]
      }
    },
    "validation_mode": {
      "response_validation_mode_active": {
        "response_validation_properties": [
          "PROPERTY_QUERY_PARAMETERS"
        ]
      },
      "validation_mode_active": {
        "request_validation_properties": [
          "PROPERTY_QUERY_PARAMETERS"
        ]
      }
    }
  },
  "custom_oas_validation": {
    "api_endpoint": {
      "methods": [
        "ANY"
      ]
    },
    "validation_mode": {
      "response_validation_mode_active": {
        "response_validation_properties": [
          "PROPERTY_QUERY_PARAMETERS"
        ]
      },
      "validation_mode_active": {
        "request_validation_properties": [
          "PROPERTY_QUERY_PARAMETERS"
        ]
      }
    }
  },
  "loadbalancer_type": "VIRTUAL_SERVICE"
}

401

Returned when operation is not authorized.

application/json

string format: string

Example^generated

example

403

Returned when there is no permission to access resource.

application/json

string format: string

Example^generated

example

404

Returned when resource is not found.

application/json

string format: string

Example^generated

example

409

Returned when operation on resource is conflicting with current value.

application/json

string format: string

Example^generated

example

429

Returned when operation has been rejected as it is happening too frequently.

application/json

string format: string

Example^generated

example

500

Returned when server encountered an error in processing API.

application/json

string format: string

Example^generated

example

503

Returned when service is unavailable temporarily.

application/json

string format: string

Example^generated

example

504

Returned when server timed out processing request.

application/json

string format: string

Example^generated

example

Suggest Open API specification validation rule.

Authorizations

Parameters

Path Parameters

Request Bodyrequired

Responses

200

Example

401

Examplegenerated

403

Examplegenerated

404

Examplegenerated

409

Examplegenerated

429

Examplegenerated

500

Examplegenerated

503

Examplegenerated

504

Examplegenerated

Request Body^required

Example^generated

Example^generated

Example^generated

Example^generated

Example^generated

Example^generated

Example^generated

Example^generated