Thanks for the answer .
Original Message:
Sent: Tue July 16, 2024 01:46 PM
From: Steve Linn
Subject: Return error message in global error policy
Hi Celian and Arnon,
I don't believe the OAI API version is significant. I used the sample order api attachment provided in Arnon's post, and that OAI3 API also provided a similar response, with the error in the logs
Required API parameter X-ARNON-TEST in location header is missing in the API request.
but the standard error response, which should be taken from the context.error, is
{"httpCode":"400","httpMessage":"Bad Request","moreInformation":"One or more required API parameters are missing in the API request."}
I've seen in many cases error detail is limited to not provide a hacker knowledge of transactional details, in this case the missing parameter name. I'd suspect this is the case here and having this information available would be considered a request for enhancement.
Best Regards,
Steve Linn
------------------------------
Steve Linn
Senior Consulting I/T Specialist
IBM
Original Message:
Sent: Tue July 16, 2024 11:12 AM
From: Arnon Giger
Subject: Return error message in global error policy
Hi ,
This can be a good source to learn about the differences :
https://blog.stoplight.io/difference-between-open-v2-v3-v31
I attached here the YAML file of the API that I use . You can import it to your API Connect and try to replicate the error.
------------------------------
Arnon Giger
Original Message:
Sent: Tue July 16, 2024 09:53 AM
From: Celian Toureille
Subject: Return error message in global error policy
Hi Arnon,
I created my test case without much thoughts, I think you are right on this one. I know most of my APIs are 2.0 because I inherited them from older developments.
What would be the differences between 2.0 and 3.0 ?
------------------------------
Celian Toureille
Original Message:
Sent: Tue July 16, 2024 09:41 AM
From: Arnon Giger
Subject: Return error message in global error policy
Hi Celian ,
It is weird.
One reason for this might be the version of Open API . I use 3.0 you might be using 2.0 ?
Also consider API Connect version differences. I use 10.0.7.0 (with IBM DataPower Gateway IDG.10.5.3.0) , you might use an older version ?
------------------------------
Arnon Giger
Original Message:
Sent: Mon July 15, 2024 03:58 AM
From: Celian Toureille
Subject: Return error message in global error policy
Hi Arnon,
I created a GET request with one non optional parameter and tried to call the API route. When the parameter is missing I get "server did not respond".
When the parameter have a value it works as intended.
I tried to make a default catch that handle any error. With a gateway script reading the context.get('error'). Again, when the parameter is not set the server doesn't respond back...
Weird.
------------------------------
Celian Toureille
Original Message:
Sent: Sun July 14, 2024 09:17 AM
From: Arnon Giger
Subject: Return error message in global error policy
Hi Steve ,
Thank you for your replay. I did try context.get('error') and got the same error info:
{"name":"APIRuleError","message":"One or more required API parameters are missing in the API request.","status":{"code":400,"reason":"Bad Request"},"policyTitle":null}
This error returns when you omit a mandatory header from a request , for example, this API have some required headers:
![](https://dw1.s81c.com//IMWUC/MessageImages/a62b5499685b49d483f29a72af440c9b.png)
If you call the API without one of the required headers you will get the error: "One or more required API parameters are missing in the API request." but without the name of the missing header.
In the datapower gateway the name of the missing header (X-Transaction-ID ) is shown in the log:
![](https://dw1.s81c.com//IMWUC/MessageImages/5338229d9176429b927794fc392fe8d0.png)
So I wonder if it is possible to propagate it to the API error output
------------------------------
Arnon Giger
Original Message:
Sent: Fri July 12, 2024 05:26 PM
From: Steve Linn
Subject: Return error message in global error policy
Hi Arnon,
I've not encountered your specific error, but you do have access to the error object in context via context.get('error')
to information about the error that was thrown. Would that have details you'd like to see?
Best Regards,
Steve Linn
------------------------------
Steve Linn
Senior Consulting I/T Specialist
IBM
Original Message:
Sent: Wed July 10, 2024 10:17 AM
From: Arnon Giger
Subject: Return error message in global error policy
When a mandatory header is missing from a request then the retuned message from the API is:
{
"httpCode": "400",
"httpMessage": "Bad Request",
"moreInformation": "One or more required API parameters are missing in the API request."
}
I would like to get a more detailed message that contain the name of the missing header. How this can be archived ?
I was not able to catch this error in the API policies catches, but was able to do it using global error policy:
global-policy: 1.0.0
info:
name: catch-error-policy
title: Error Policy to catch bad request errors and generate respose
version: 2.0.0
gateways:
- datapower-api-gateway
assembly:
catch:
- errors:
- APIRuleError
execute:
- gatewayscript:
version: 2.0.0
title: gatewayscript
source: ' context.message.body.write('how to get the missing header name ?')'
how do I configure the global error policy to return the missing header?
------------------------------
Arnon Giger
------------------------------