Validate request parameters in Azure APIM

1
votes

I define a full-name API that takes in First Name and Last Name and combine them to return the Full Name:

https://my-org.azure-api.net/my-app/full-name?firstName=John&lastName=Smith
# Returns: John Smith

In Azure APIM, I set both firstName and lastName parameters as "Required" in the API Schema.

In the Inbound policy, I want to validate that both are present in the request. I found the validate-parameters policy which appears to do just that:

<inbound>
    <validate-parameters specified-parameter-action="prevent"
                         unspecified-parameter-action="detect"
                         errors-variable-name="validationErrors" />
</inbound>

To my surprise, this does absolution nothing! I have to run a manual check on each param (this code is so verbose):

<inbound>
    <choose>
        <when condition="@( context.Request.OriginalUrl.Query.GetValueOrDefault("firstName") == null )">
            <return-response>
                <set-status code="400" reason="Bad Request" />
                <set-header name="Context-Type" exists-action="override">
                    <value>text/plain</value>
                </set-header>
                <set-body>'firstName' is required</set-body>
            </return-response>
        </when>
        <when condition="@( context.Request.OriginalUrl.Query.GetValueOrDefault("lastName") == null )">
            <return-response>
                <set-status code="400" reason="Bad Request" />
                <set-header name="Context-Type" exists-action="override">
                    <value>text/plain</value>
                </set-header>
                <set-body>'lastName' is required</set-body>
            </return-response>
        </when>
        <otherwise>
        </otherwise>
    </choose>
</inbound>

Is there any more convenient way to validate the request against the API's schema in Azure APIM?

1
azure-api-management
same behavior - validation does not fire - even when creating API with api-version=2021-01-01-preview - I will ask the product groupKai Walter

1 Answers

0
votes

We can find the document shows us we need to use api-version which later than 2021-01-01-preview to create the api in APIM, then the policy can work.

enter image description here

So if your api in APIM was created in past, you need to create it again. I checked the create api operation on azure portal, it has been updated to using api-version=2021-01-01-preview shown as below screenshot.

enter image description here

You can also request the api to create it by yourself.