API Connect

 View Only
  • 1.  Do User Defined Policy need to validate against the OpenAPI spec for either 2.0 or 3.0?

    InnerCircle
    Posted 17 days ago
    Good day,
    I have a very simple question regarding validation for UDPs.

    We have a full API Connect v10 cluster. The Gateways are container based running on v10.0.5.1 in non-production and v10.0.1.7-eus in Production.

    The question I have is with regards to User Defined Policies.
    Do UDPs need to validate against the OpenAPI v2.0 or v3.0 spec just like a normal API would need to?

    I ask this question as I have seen the Gateway come to a complete standstill in scenarios where an invalid API is published.

    We have written a UDP which is Catalog scoped (as we have Spaces enabled).
    The UDP has been running on the non-prod Gateway for several months without an issue. 
    However, it does not validate against the OpenAPI spec.

    Is this something to worry about?

    The next question I have, how do I publish this UDP as Org scoped as we have Spaces enabled?

    Thanks in advance.

    ------------------------------
    Rosh
    ------------------------------


  • 2.  RE: Do User Defined Policy need to validate against the OpenAPI spec for either 2.0 or 3.0?

    InnerCircle
    Posted 17 days ago
    Hi, 
    For clarity, the UDP we've built is a basic and is catalog scoped.

    We followed instruction from https://github.com/prichelle/apicv10-UDP

    We would like to know if there is a method to validate a UDP? Does it need to validate against the v2.0 or v3.0 OpenAPI spec or not?

    Thanks

    ------------------------------
    Rosh
    ------------------------------



  • 3.  RE: Do User Defined Policy need to validate against the OpenAPI spec for either 2.0 or 3.0?
    Best Answer

    Posted 15 days ago
    Hello Rosh,

    In the latest FP for Datapower, we have improved how we handle invalid API's.  Prior this could cause the entire collection not to compile, but now we just disable the invalid API object and put the error message in the summary.  This will allow the rest of the collection to keep working. 

    For UDP validation, it does not have to validate against the openAPI spec.  It is validated to ensure it has the expected structure and properties needed to call the UDP.  There is not an Org scoped policy, only global or catalog.  You would need to open an RFE for that.  Currently, the simplest way to share policies between catalogs that are not global scoped is to make a unique Assembly Functions for each catalog and let them call a shared assembly object.

    ------------------------------
    CHARLES COBLE
    ------------------------------



  • 4.  RE: Do User Defined Policy need to validate against the OpenAPI spec for either 2.0 or 3.0?

    InnerCircle
    Posted 15 days ago
    Thanks Charles

    ------------------------------
    Rosh
    ------------------------------