JSON Schema Validation Policy
General Information
Policy Type
policy-json-schema-validation
UI Documentation
📖 For detailed information: [UI Documentation Link - Link will be added here]
Description
JSON Schema Validation policy validates JSON request/response bodies against JSON Schema definitions. It ensures that JSON data conforms to the specified schema structure, types, and constraints before processing or forwarding.
Endpoints
List Policies
GET /apiops/projects/{projectName}/apiProxies/{apiProxyName}/policies/
Add Policy
POST /apiops/projects/{projectName}/apiProxies/{apiProxyName}/policies/{policyName}/
Update Policy
PUT /apiops/projects/{projectName}/apiProxies/{apiProxyName}/policies/{policyName}/
Delete Policy
DELETE /apiops/projects/{projectName}/apiProxies/{apiProxyName}/policies/{policyName}/
List Policies
Endpoint
GET /apiops/projects/{projectName}/apiProxies/{apiProxyName}/policies/
Request
Headers
| Header | Value |
|---|---|
| Authorization | Bearer {token} |
Path Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| projectName | string | Yes | Project name |
| apiProxyName | string | Yes | API Proxy name |
Response
Success Response (200 OK)
{
"success": true,
"resultList": [
{
"apiProxy": {
"name": "MyAPI",
"requestPolicyList": [
{
"type": "policy-json-schema-validation",
"name": "json-validation-policy",
"description": "Validate JSON request body",
"active": true,
"pathForBody": "$",
"schemaDefinitionList": [
{
"schemaNo": 0,
"schemaBody": "{\n \"$schema\": \"http://json-schema.org/draft-07/schema#\",\n \"type\": \"object\",\n \"properties\": {\n \"name\": {\n \"type\": \"string\"\n },\n \"age\": {\n \"type\": \"integer\",\n \"minimum\": 0\n }\n },\n \"required\": [\"name\", \"age\"]\n}",
"systemId": null,
"targetNamespace": null,
"rootSchema": true
}
]
}
],
"responsePolicyList": [],
"errorPolicyList": []
}
}
],
"resultCount": 1
}
cURL Example
curl -X GET \
"https://demo.apinizer.com/apiops/projects/MyProject/apiProxies/MyAPI/policies/" \
-H "Authorization: Bearer YOUR_TOKEN"
Add Policy
Endpoint
POST /apiops/projects/{projectName}/apiProxies/{apiProxyName}/policies/{policyName}/
Request
Headers
| Header | Value |
|---|---|
| Authorization | Bearer {token} |
| Content-Type | application/json |
Path Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| projectName | string | Yes | Project name |
| apiProxyName | string | Yes | API Proxy name |
| policyName | string | Yes | Policy name |
Request Body
Full JSON Body Example
{
"operationMetadata": {
"targetScope": "ALL",
"targetPipeline": "REQUEST",
"deploy": true,
"deployTargetEnvironmentNameList": ["production"],
"order": 1
},
"policy": {
"type": "policy-json-schema-validation",
"description": "Validate JSON request body against schema",
"active": true,
"pathForBody": "$",
"schemaDefinitionList": [
{
"schemaNo": 0,
"schemaBody": "{\n \"$schema\": \"http://json-schema.org/draft-07/schema#\",\n \"type\": \"object\",\n \"properties\": {\n \"name\": {\n \"type\": \"string\",\n \"minLength\": 1,\n \"maxLength\": 100\n },\n \"email\": {\n \"type\": \"string\",\n \"format\": \"email\"\n },\n \"age\": {\n \"type\": \"integer\",\n \"minimum\": 0,\n \"maximum\": 150\n },\n \"active\": {\n \"type\": \"boolean\"\n }\n },\n \"required\": [\"name\", \"email\"],\n \"additionalProperties\": false\n}",
"systemId": null,
"targetNamespace": null,
"rootSchema": true
}
]
}
}
Request Body Fields
operationMetadata
| Field | Type | Required | Default | Description |
|---|---|---|---|---|
| targetScope | string | Yes | - | Policy scope: ALL or ENDPOINT |
| targetEndpoint | string | No* | - | Endpoint path (required if targetScope=ENDPOINT) |
| targetEndpointHTTPMethod | string | No* | - | HTTP method (required if targetScope=ENDPOINT) |
| targetPipeline | string | Yes | - | Pipeline: REQUEST, RESPONSE, or ERROR |
| deploy | boolean | No | true | Whether to deploy after adding policy |
| deployTargetEnvironmentNameList | array | No | [] | List of environment names to deploy to |
| order | integer | No | null | Policy execution order (starts from 1) |
Enum: targetScope
ALL- Policy applies to all endpointsENDPOINT- Policy applies only to specified endpoint
Enum: targetPipeline
REQUEST- Executes in request pipeline (validates request body)RESPONSE- Executes in response pipeline (validates response body)ERROR- Executes in error pipeline
Enum: targetEndpointHTTPMethod
GET,POST,PUT,DELETE,PATCH,OPTIONS,HEAD
policy
| Field | Type | Required | Default | Description |
|---|---|---|---|---|
| type | string | Yes | - | Policy type: policy-json-schema-validation |
| description | string | No | - | Policy description |
| active | boolean | No | true | Whether policy is active |
| pathForBody | string | Yes | - | JSONPath expression to locate JSON body to validate |
| schemaDefinitionList | array | Yes | - | List of JSON schema definitions (at least one required) |
JSONPath Examples
$- Root of JSON document$.data- Data property at root$.users[0]- First element in users array$.request.body- Nested path
Note
pathForBodymust be a valid JSONPath expression.schemaDefinitionListmust contain at least one schema definition.
schemaDefinitionList
Each schema definition is an object with the following fields:
| Field | Type | Required | Default | Description |
|---|---|---|---|---|
| schemaNo | integer | No | 0 | Schema number (for ordering multiple schemas) |
| schemaBody | string | Yes | - | JSON Schema definition (JSON string) |
| systemId | string | No | null | System ID for schema reference |
| targetNamespace | string | No | null | Target namespace (for XML compatibility) |
| rootSchema | boolean | No | false | Whether this is the root schema |
JSON Schema Format
The schemaBody must be a valid JSON Schema (draft-07 or compatible). Example:
{
"$schema": "http://json-schema.org/draft-07/schema#",
"type": "object",
"properties": {
"name": {
"type": "string",
"minLength": 1
},
"age": {
"type": "integer",
"minimum": 0
}
},
"required": ["name"]
}
Response
Success Response (200 OK)
{
"success": true,
"deploymentResult": {
"success": true,
"deploymentResults": [
{
"environmentName": "production",
"success": true,
"message": "Deployment successful"
}
]
}
}
cURL Example
curl -X POST \
"https://demo.apinizer.com/apiops/projects/MyProject/apiProxies/MyAPI/policies/json-validation-policy/" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"operationMetadata": {
"targetScope": "ALL",
"targetPipeline": "REQUEST",
"deploy": true,
"deployTargetEnvironmentNameList": ["production"],
"order": 1
},
"policy": {
"type": "policy-json-schema-validation",
"description": "Validate JSON request body",
"active": true,
"pathForBody": "$",
"schemaDefinitionList": [
{
"schemaNo": 0,
"schemaBody": "{\"$schema\":\"http://json-schema.org/draft-07/schema#\",\"type\":\"object\",\"properties\":{\"name\":{\"type\":\"string\"}},\"required\":[\"name\"]}",
"rootSchema": true
}
]
}
}'
Update Policy
Endpoint
PUT /apiops/projects/{projectName}/apiProxies/{apiProxyName}/policies/{policyName}/
Request
Headers
| Header | Value |
|---|---|
| Authorization | Bearer {token} |
| Content-Type | application/json |
Path Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| projectName | string | Yes | Project name |
| apiProxyName | string | Yes | API Proxy name |
| policyName | string | Yes | Policy name |
Request Body
Full JSON Body Example
{
"operationMetadata": {
"targetScope": "ALL",
"targetPipeline": "REQUEST",
"deploy": true,
"deployTargetEnvironmentNameList": ["production"],
"order": 1
},
"policy": {
"type": "policy-json-schema-validation",
"description": "Updated JSON schema validation",
"active": true,
"pathForBody": "$.data",
"schemaDefinitionList": [
{
"schemaNo": 0,
"schemaBody": "{\n \"$schema\": \"http://json-schema.org/draft-07/schema#\",\n \"type\": \"object\",\n \"properties\": {\n \"id\": {\n \"type\": \"integer\"\n },\n \"name\": {\n \"type\": \"string\",\n \"minLength\": 1\n }\n },\n \"required\": [\"id\", \"name\"]\n}",
"systemId": "user-schema",
"rootSchema": true
}
]
}
}
Note: Request body structure is the same as Add Policy. All fields should be provided for update.
Response
Success Response (200 OK)
{
"success": true,
"deploymentResult": {
"success": true,
"deploymentResults": [
{
"environmentName": "production",
"success": true,
"message": "Deployment successful"
}
]
}
}
cURL Example
curl -X PUT \
"https://demo.apinizer.com/apiops/projects/MyProject/apiProxies/MyAPI/policies/json-validation-policy/" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"operationMetadata": {
"targetScope": "ALL",
"targetPipeline": "REQUEST",
"deploy": true,
"deployTargetEnvironmentNameList": ["production"],
"order": 1
},
"policy": {
"type": "policy-json-schema-validation",
"description": "Updated JSON schema validation",
"active": true,
"pathForBody": "$",
"schemaDefinitionList": [
{
"schemaNo": 0,
"schemaBody": "{\"$schema\":\"http://json-schema.org/draft-07/schema#\",\"type\":\"object\",\"properties\":{\"name\":{\"type\":\"string\"}},\"required\":[\"name\"]}",
"rootSchema": true
}
]
}
}'
Delete Policy
Endpoint
DELETE /apiops/projects/{projectName}/apiProxies/{apiProxyName}/policies/{policyName}/
Request
Headers
| Header | Value |
|---|---|
| Authorization | Bearer {token} |
| Content-Type | application/json |
Path Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| projectName | string | Yes | Project name |
| apiProxyName | string | Yes | API Proxy name |
| policyName | string | Yes | Policy name |
Request Body
Full JSON Body Example
{
"operationMetadata": {
"targetScope": "ALL",
"targetPipeline": "REQUEST",
"deploy": false
}
}
Request Body Fields
operationMetadata
| Field | Type | Required | Description | |
|---|---|---|---|---|
| targetScope | string | Yes | Policy scope: ALL or ENDPOINT |
|
| targetPipeline | string | Yes | Pipeline: REQUEST, RESPONSE, or ERROR |
|
| deploy | boolean | No | false | Whether to deploy after deletion |
Response
Success Response (200 OK)
{
"success": true,
"deploymentResult": {
"success": true,
"deploymentResults": []
}
}
cURL Example
curl -X DELETE \
"https://demo.apinizer.com/apiops/projects/MyProject/apiProxies/MyAPI/policies/json-validation-policy/" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"operationMetadata": {
"targetScope": "ALL",
"targetPipeline": "REQUEST",
"deploy": false
}
}'
Notes and Warnings
- JSONPath:
pathForBodymust be a valid JSONPath expression pointing to the JSON to validate - Schema Definition:
schemaDefinitionListmust contain at least one schema definition - JSON Schema:
schemaBodymust be a valid JSON Schema (draft-07 or compatible) - Schema Number:
schemaNois used for ordering when multiple schemas are defined - Root Schema: Set
rootSchema: truefor the primary schema - Validation Failure: When validation fails, the request/response is rejected with an error
- Performance: Schema validation adds processing overhead. Use for critical validation only.
- Pipeline:
REQUESTpipeline validates request body before processingRESPONSEpipeline validates response body before sending to client
- Error Messages: Configure error messages in the policy to customize validation error responses
- Deployment: Policy changes require deployment to take effect. Set
deploy: trueor deploy manually.
Related Documentation
- List Policies - List all policies
- Add Policy - General policy addition guide
- Update Policy - General policy update guide
- Delete Policy - General policy deletion guide