Documentation Index
Fetch the complete documentation index at: https://docs.apinizer.com/llms.txt
Use this file to discover all available pages before exploring further.
Policy Type
policy-json-schema-validation
Endpoints
List Policies
GET /apiops/projects/{projectName}/apiProxies/{apiProxyName}/policies/
Add Policy
POST /apiops/projects/{projectName}/apiProxies/{apiProxyName}/policies/{policyName}/
Update Policy
PUT /apiops/projects/{projectName}/apiProxies/{apiProxyName}/policies/{policyName}/
Delete Policy
DELETE /apiops/projects/{projectName}/apiProxies/{apiProxyName}/policies/{policyName}/
List Policies
Endpoint
GET /apiops/projects/{projectName}/apiProxies/{apiProxyName}/policies/
Request
| Header | Value |
|---|
| Authorization | Bearer {token} |
Path Parameters
| Parameter | Type | Required | Description |
|---|
| projectName | string | Yes | Project name |
| apiProxyName | string | Yes | API Proxy name |
Response
Success Response (200 OK)
{
"success": true,
"resultList": [
{
"apiProxy": {
"name": "MyAPI",
"requestPolicyList": [
{
"type": "policy-json-schema-validation",
"name": "json-validation-policy",
"description": "Validate JSON request body",
"active": true,
"pathForBody": "$",
"schemaDefinitionList": [
{
"schemaNo": 0,
"schemaBody": "{\n \"$schema\": \"http://json-schema.org/draft-07/schema#\",\n \"type\": \"object\",\n \"properties\": {\n \"name\": {\n \"type\": \"string\"\n },\n \"age\": {\n \"type\": \"integer\",\n \"minimum\": 0\n }\n },\n \"required\": [\"name\", \"age\"]\n}",
"systemId": null,
"targetNamespace": null,
"rootSchema": true
}
]
}
],
"responsePolicyList": [],
"errorPolicyList": []
}
}
],
"resultCount": 1
}
cURL Example
curl -X GET \
"https://demo.apinizer.com/apiops/projects/MyProject/apiProxies/MyAPI/policies/" \
-H "Authorization: Bearer YOUR_TOKEN"
Add Policy
Endpoint
POST /apiops/projects/{projectName}/apiProxies/{apiProxyName}/policies/{policyName}/
Request
| Header | Value |
|---|
| Authorization | Bearer {token} |
| Content-Type | application/json |
Path Parameters
| Parameter | Type | Required | Description |
|---|
| projectName | string | Yes | Project name |
| apiProxyName | string | Yes | API Proxy name |
| policyName | string | Yes | Policy name |
Request Body
Full JSON Body Example
{
"operationMetadata": {
"targetScope": "ALL",
"targetPipeline": "REQUEST",
"deploy": true,
"deployTargetEnvironmentNameList": ["production"],
"order": 1
},
"policy": {
"type": "policy-json-schema-validation",
"description": "Validate JSON request body against schema",
"active": true,
"pathForBody": "$",
"showFirstErrorOnly": true,
"validateAgainstSpec": false,
"schemaDefinitionList": [
{
"schemaNo": 0,
"schemaBody": "{\n \"$schema\": \"http://json-schema.org/draft-07/schema#\",\n \"type\": \"object\",\n \"properties\": {\n \"name\": {\n \"type\": \"string\",\n \"minLength\": 1,\n \"maxLength\": 100\n },\n \"email\": {\n \"type\": \"string\",\n \"format\": \"email\"\n },\n \"age\": {\n \"type\": \"integer\",\n \"minimum\": 0,\n \"maximum\": 150\n },\n \"active\": {\n \"type\": \"boolean\"\n }\n },\n \"required\": [\"name\", \"email\"],\n \"additionalProperties\": false\n}",
"systemId": null,
"targetNamespace": null,
"rootSchema": true
}
]
}
}
Full JSON Body Example - Validate Against OpenAPI Spec
{
"operationMetadata": {
"targetScope": "ALL",
"targetPipeline": "REQUEST",
"deploy": true,
"deployTargetEnvironmentNameList": ["production"],
"order": 1
},
"policy": {
"type": "policy-json-schema-validation",
"description": "Validate against OpenAPI specification",
"active": true,
"showFirstErrorOnly": false,
"validateAgainstSpec": true,
"openApiValidationMode": "METHOD_BASED"
}
}
Request Body Fields
operationMetadata
| Field | Type | Required | Default | Description |
|---|
| targetScope | string | Yes | - | Policy scope: ALL or ENDPOINT |
| targetEndpoint | string | No* | - | Endpoint path (required if targetScope=ENDPOINT) |
| targetEndpointHTTPMethod | string | No* | - | HTTP method (required if targetScope=ENDPOINT) |
| targetPipeline | string | Yes | - | Pipeline: REQUEST, RESPONSE, or ERROR |
| deploy | boolean | No | true | Whether to deploy after adding policy |
| deployTargetEnvironmentNameList | array | No | [] | List of environment names to deploy to |
| order | integer | No | null | Policy execution order (starts from 1) |
ALL - Policy applies to all endpointsENDPOINT - Policy applies only to specified endpoint
Enum: targetPipeline
REQUEST - Executes in request pipeline (validates request body)RESPONSE - Executes in response pipeline (validates response body)ERROR - Executes in error pipeline
Enum: targetEndpointHTTPMethod
GET, POST, PUT, DELETE, PATCH, OPTIONS, HEAD
policy
| Field | Type | Required | Default | Description |
|---|
| type | string | Yes | - | Policy type: policy-json-schema-validation |
| description | string | No | - | Policy description |
| active | boolean | No | true | Whether policy is active |
| pathForBody | string | No | - | JSONPath expression to locate JSON body to validate |
| showFirstErrorOnly | boolean | No | true | When true, only the first validation error is returned. When false, all validation errors are returned. |
| validateAgainstSpec | boolean | No | false | When true, validates against the API Proxy’s OpenAPI specification instead of manual schema definitions. schemaDefinitionList is not required when this is enabled. |
| openApiValidationMode | string | No* | - | OpenAPI validation mode (required if validateAgainstSpec=true): METHOD_BASED or ALL_SCHEMAS |
| schemaDefinitionList | array | No* | - | List of JSON schema definitions (required if validateAgainstSpec=false) |
JSONPath Examples
$ - Root of JSON document$.data - Data property at root$.users[0] - First element in users array$.request.body - Nested path
EnumOpenApiValidationMode
METHOD_BASED - Validates against the schema matching the request’s HTTP method and path. Each endpoint/method combination is validated against its own schema definition from the OpenAPI spec.ALL_SCHEMAS - Validates against all schema definitions in the OpenAPI spec. The request body must conform to at least one of the defined schemas.
Note
- Either
schemaDefinitionList (manual schemas) or validateAgainstSpec: true (OpenAPI spec) must be provided.
- If
validateAgainstSpec: true, openApiValidationMode is required and schemaDefinitionList is ignored.
- If
validateAgainstSpec: false or not set, schemaDefinitionList must contain at least one schema definition.
pathForBody is optional. When set, it specifies which part of the JSON body to validate.
schemaDefinitionList
Each schema definition is an object with the following fields:
| Field | Type | Required | Default | Description |
|---|
| schemaNo | integer | No | 0 | Schema number (for ordering multiple schemas) |
| schemaBody | string | Yes | - | JSON Schema definition (JSON string) |
| systemId | string | No | null | System ID for schema reference |
| targetNamespace | string | No | null | Target namespace (for XML compatibility) |
| rootSchema | boolean | No | false | Whether this is the root schema |
schemaBody must be a valid JSON Schema (draft-07 or compatible). Example:
{
"$schema": "http://json-schema.org/draft-07/schema#",
"type": "object",
"properties": {
"name": {
"type": "string",
"minLength": 1
},
"age": {
"type": "integer",
"minimum": 0
}
},
"required": ["name"]
}
Response
Success Response (200 OK)
{
"success": true,
"deploymentResult": {
"success": true,
"deploymentResults": [
{
"environmentName": "production",
"success": true,
"message": "Deployment successful"
}
]
}
}
cURL Example
curl -X POST \
"https://demo.apinizer.com/apiops/projects/MyProject/apiProxies/MyAPI/policies/json-validation-policy/" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"operationMetadata": {
"targetScope": "ALL",
"targetPipeline": "REQUEST",
"deploy": true,
"deployTargetEnvironmentNameList": ["production"],
"order": 1
},
"policy": {
"type": "policy-json-schema-validation",
"description": "Validate JSON request body",
"active": true,
"pathForBody": "$",
"schemaDefinitionList": [
{
"schemaNo": 0,
"schemaBody": "{\"$schema\":\"http://json-schema.org/draft-07/schema#\",\"type\":\"object\",\"properties\":{\"name\":{\"type\":\"string\"}},\"required\":[\"name\"]}",
"rootSchema": true
}
]
}
}'
Update Policy
Endpoint
PUT /apiops/projects/{projectName}/apiProxies/{apiProxyName}/policies/{policyName}/
Request
| Header | Value |
|---|
| Authorization | Bearer {token} |
| Content-Type | application/json |
Path Parameters
| Parameter | Type | Required | Description |
|---|
| projectName | string | Yes | Project name |
| apiProxyName | string | Yes | API Proxy name |
| policyName | string | Yes | Policy name |
Request Body
Full JSON Body Example
{
"operationMetadata": {
"targetScope": "ALL",
"targetPipeline": "REQUEST",
"deploy": true,
"deployTargetEnvironmentNameList": ["production"],
"order": 1
},
"policy": {
"type": "policy-json-schema-validation",
"description": "Updated JSON schema validation",
"active": true,
"pathForBody": "$.data",
"schemaDefinitionList": [
{
"schemaNo": 0,
"schemaBody": "{\n \"$schema\": \"http://json-schema.org/draft-07/schema#\",\n \"type\": \"object\",\n \"properties\": {\n \"id\": {\n \"type\": \"integer\"\n },\n \"name\": {\n \"type\": \"string\",\n \"minLength\": 1\n }\n },\n \"required\": [\"id\", \"name\"]\n}",
"systemId": "user-schema",
"rootSchema": true
}
]
}
}
Response
Success Response (200 OK)
{
"success": true,
"deploymentResult": {
"success": true,
"deploymentResults": [
{
"environmentName": "production",
"success": true,
"message": "Deployment successful"
}
]
}
}
cURL Example
curl -X PUT \
"https://demo.apinizer.com/apiops/projects/MyProject/apiProxies/MyAPI/policies/json-validation-policy/" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"operationMetadata": {
"targetScope": "ALL",
"targetPipeline": "REQUEST",
"deploy": true,
"deployTargetEnvironmentNameList": ["production"],
"order": 1
},
"policy": {
"type": "policy-json-schema-validation",
"description": "Updated JSON schema validation",
"active": true,
"pathForBody": "$",
"schemaDefinitionList": [
{
"schemaNo": 0,
"schemaBody": "{\"$schema\":\"http://json-schema.org/draft-07/schema#\",\"type\":\"object\",\"properties\":{\"name\":{\"type\":\"string\"}},\"required\":[\"name\"]}",
"rootSchema": true
}
]
}
}'
Delete Policy
Endpoint
DELETE /apiops/projects/{projectName}/apiProxies/{apiProxyName}/policies/{policyName}/
Request
| Header | Value |
|---|
| Authorization | Bearer {token} |
| Content-Type | application/json |
Path Parameters
| Parameter | Type | Required | Description |
|---|
| projectName | string | Yes | Project name |
| apiProxyName | string | Yes | API Proxy name |
| policyName | string | Yes | Policy name |
Request Body
Full JSON Body Example
{
"operationMetadata": {
"targetScope": "ALL",
"targetPipeline": "REQUEST",
"deploy": false
}
}
Request Body Fields
operationMetadata
| Field | Type | Required | Description | |
|---|
| targetScope | string | Yes | Policy scope: ALL or ENDPOINT | |
| targetPipeline | string | Yes | Pipeline: REQUEST, RESPONSE, or ERROR | |
| deploy | boolean | No | false | Whether to deploy after deletion |
Response
Success Response (200 OK)
{
"success": true,
"deploymentResult": {
"success": true,
"deploymentResults": []
}
}
cURL Example
curl -X DELETE \
"https://demo.apinizer.com/apiops/projects/MyProject/apiProxies/MyAPI/policies/json-validation-policy/" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"operationMetadata": {
"targetScope": "ALL",
"targetPipeline": "REQUEST",
"deploy": false
}
}'
Notes and Warnings
-
Validation Modes: Two validation approaches are available:
- Manual Schema: Provide your own JSON Schema definitions in
schemaDefinitionList (default)
- OpenAPI Spec: Set
validateAgainstSpec: true to validate against the API Proxy’s OpenAPI specification. Requires openApiValidationMode:
METHOD_BASED - Validates against the schema for the specific HTTP method and pathALL_SCHEMAS - Validates against all schemas in the spec
-
Error Reporting:
showFirstErrorOnly controls whether only the first error (default) or all validation errors are returned. Set to false for detailed error reports during development.
-
JSONPath:
pathForBody is optional. When set, it specifies which part of the JSON body to validate using a JSONPath expression.
-
Schema Definition: When not using OpenAPI spec validation,
schemaDefinitionList must contain at least one schema definition.
-
JSON Schema:
schemaBody must be a valid JSON Schema (draft-07 or compatible)
-
Schema Number:
schemaNo is used for ordering when multiple schemas are defined
-
Root Schema: Set
rootSchema: true for the primary schema
-
Validation Failure: When validation fails, the request/response is rejected with an error
-
Performance: Schema validation adds processing overhead. Use for critical validation only.
-
Pipeline:
REQUEST pipeline validates request body before processingRESPONSE pipeline validates response body before sending to client
-
Error Messages: Configure error messages in the policy to customize validation error responses
-
Deployment: Policy changes require deployment to take effect. Set
deploy: true or deploy manually.
