API Connect

Good day,
I have a very simple question regarding validation for UDPs.

We have a full API Connect v10 cluster. The Gateways are container based running on v10.0.5.1 in non-production and v10.0.1.7-eus in Production.

The question I have is with regards to User Defined Policies.
Do UDPs need to validate against the OpenAPI v2.0 or v3.0 spec just like a normal API would need to?

I ask this question as I have seen the Gateway come to a complete standstill in scenarios where an invalid API is published.

We have written a UDP which is Catalog scoped (as we have Spaces enabled).
The UDP has been running on the non-prod Gateway for several months without an issue. 
However, it does not validate against the OpenAPI spec.

Is this something to worry about?

The next question I have, how do I publish this UDP as Org scoped as we have Spaces enabled?

Thanks in advance.

------------------------------
Rosh
------------------------------

Hi, 
For clarity, the UDP we've built is a basic and is catalog scoped.

We followed instruction from https://github.com/prichelle/apicv10-UDP

We would like to know if there is a method to validate a UDP? Does it need to validate against the v2.0 or v3.0 OpenAPI spec or not?

Thanks

------------------------------
Rosh
------------------------------

Original Message:
Sent: Mon November 21, 2022 09:07 AM
From: Rosh
Subject: Do User Defined Policy need to validate against the OpenAPI spec for either 2.0 or 3.0?

Good day,
I have a very simple question regarding validation for UDPs.

We have a full API Connect v10 cluster. The Gateways are container based running on v10.0.5.1 in non-production and v10.0.1.7-eus in Production.

The question I have is with regards to User Defined Policies.
Do UDPs need to validate against the OpenAPI v2.0 or v3.0 spec just like a normal API would need to?

I ask this question as I have seen the Gateway come to a complete standstill in scenarios where an invalid API is published.

We have written a UDP which is Catalog scoped (as we have Spaces enabled).
The UDP has been running on the non-prod Gateway for several months without an issue. 
However, it does not validate against the OpenAPI spec.

Is this something to worry about?

The next question I have, how do I publish this UDP as Org scoped as we have Spaces enabled?

Thanks in advance.

------------------------------
Rosh
------------------------------

Hello Rosh,

In the latest FP for Datapower, we have improved how we handle invalid API's.  Prior this could cause the entire collection not to compile, but now we just disable the invalid API object and put the error message in the summary.  This will allow the rest of the collection to keep working. 

For UDP validation, it does not have to validate against the openAPI spec.  It is validated to ensure it has the expected structure and properties needed to call the UDP.  There is not an Org scoped policy, only global or catalog.  You would need to open an RFE for that.  Currently, the simplest way to share policies between catalogs that are not global scoped is to make a unique Assembly Functions for each catalog and let them call a shared assembly object.

------------------------------
CHARLES COBLE
------------------------------

Original Message:
Sent: Mon November 21, 2022 09:07 AM
From: Rosh
Subject: Do User Defined Policy need to validate against the OpenAPI spec for either 2.0 or 3.0?

Good day,
I have a very simple question regarding validation for UDPs.

We have a full API Connect v10 cluster. The Gateways are container based running on v10.0.5.1 in non-production and v10.0.1.7-eus in Production.

The question I have is with regards to User Defined Policies.
Do UDPs need to validate against the OpenAPI v2.0 or v3.0 spec just like a normal API would need to?

I ask this question as I have seen the Gateway come to a complete standstill in scenarios where an invalid API is published.

We have written a UDP which is Catalog scoped (as we have Spaces enabled).
The UDP has been running on the non-prod Gateway for several months without an issue. 
However, it does not validate against the OpenAPI spec.

Is this something to worry about?

The next question I have, how do I publish this UDP as Org scoped as we have Spaces enabled?

Thanks in advance.

------------------------------
Rosh
------------------------------

Thanks Charles

------------------------------
Rosh
------------------------------

Original Message:
Sent: Wed November 23, 2022 08:39 AM
From: CHARLES COBLE
Subject: Do User Defined Policy need to validate against the OpenAPI spec for either 2.0 or 3.0?

Hello Rosh,

In the latest FP for Datapower, we have improved how we handle invalid API's.  Prior this could cause the entire collection not to compile, but now we just disable the invalid API object and put the error message in the summary.  This will allow the rest of the collection to keep working. 

For UDP validation, it does not have to validate against the openAPI spec.  It is validated to ensure it has the expected structure and properties needed to call the UDP.  There is not an Org scoped policy, only global or catalog.  You would need to open an RFE for that.  Currently, the simplest way to share policies between catalogs that are not global scoped is to make a unique Assembly Functions for each catalog and let them call a shared assembly object.

------------------------------
CHARLES COBLE

Original Message:
Sent: Mon November 21, 2022 09:07 AM
From: Rosh
Subject: Do User Defined Policy need to validate against the OpenAPI spec for either 2.0 or 3.0?

Good day,
I have a very simple question regarding validation for UDPs.

We have a full API Connect v10 cluster. The Gateways are container based running on v10.0.5.1 in non-production and v10.0.1.7-eus in Production.

The question I have is with regards to User Defined Policies.
Do UDPs need to validate against the OpenAPI v2.0 or v3.0 spec just like a normal API would need to?

I ask this question as I have seen the Gateway come to a complete standstill in scenarios where an invalid API is published.

We have written a UDP which is Catalog scoped (as we have Spaces enabled).
The UDP has been running on the non-prod Gateway for several months without an issue. 
However, it does not validate against the OpenAPI spec.

Is this something to worry about?

The next question I have, how do I publish this UDP as Org scoped as we have Spaces enabled?

Thanks in advance.

------------------------------
Rosh
------------------------------