Home / Kong Plugin Hub
Edit
Report

OAS Validation

Overview Examples Configuration reference Changelog

Configuration

configobjectrequired
Hide Child Parameters
allowed_header_parametersstring

List of header parameters in the request that will be ignored when performing HTTP header validation. These are additional headers added to an API request beyond those defined in the API specification. For example, you might include the HTTP header User-Agent, which lets servers and network peers identify the application, operating system, vendor, and/or version of the requesting user agent.

Default:Host,Content-Type,User-Agent,Accept,Content-Length

api_specstringrequired

The API specification defined using either Swagger or the OpenAPI. This can be either a JSON or YAML based file. If using a YAML file, the spec needs to be URI-Encoded to preserve the YAML format.

api_spec_encodedboolean

Indicates whether the api_spec is URI-Encoded.

Default:true

custom_base_pathstring

The base path to be used for path match evaluation. This value is ignored if include_base_path is set to false.

header_parameter_checkboolean

If set to true, checks if HTTP header parameters in the request exist in the API specification.

Default:false

include_base_pathboolean

Indicates whether to include the base path when performing path match evaluation.

Default:false

notify_only_request_validation_failureboolean

If set to true, notifications via event hooks are enabled, but request based validation failures don’t affect the request flow.

Default:false

notify_only_response_body_validation_failureboolean

If set to true, notifications via event hooks are enabled, but response validation failures don’t affect the response flow.

Default:false

query_parameter_checkboolean

If set to true, checks if query parameters in the request exist in the API specification.

Default:false

validate_request_bodyboolean

If set to true, validates the request body content against the API specification.

Default:true

validate_request_header_paramsboolean

If set to true, validates HTTP header parameters against the API specification.

Default:true

validate_request_query_paramsboolean

If set to true, validates query parameters against the API specification.

Default:true

validate_request_uri_paramsboolean

If set to true, validates URI parameters in the request against the API specification.

Default:true

validate_response_bodyboolean

If set to true, validates the response from the upstream services against the API specification. If validation fails, it results in an HTTP 406 Not Acceptable status code.

Default:false

verbose_responseboolean

If set to true, returns a detailed error message for invalid requests & responses. This is useful while testing.

Default:false

consumerobject

If set, the plugin will activate only for requests where the specified has been authenticated. (Note that some plugins can not be restricted to consumers this way.). Leave unset for the plugin to activate regardless of the authenticated Consumer.

* Additional properties are NOT allowed.
Hide Child Parameters
idstring
protocolsarray[string]

A set of strings representing HTTP protocols.

Allowed values:grpcgrpcshttphttps

Default:grpc, grpcs, http, https

routeobject

If set, the plugin will only activate when receiving requests via the specified route. Leave unset for the plugin to activate regardless of the route being used.

* Additional properties are NOT allowed.
Hide Child Parameters
idstring
serviceobject

If set, the plugin will only activate when receiving requests via one of the routes belonging to the specified Service. Leave unset for the plugin to activate regardless of the Service being matched.

* Additional properties are NOT allowed.
Hide Child Parameters
idstring

Did this doc help?

Something wrong?
Report an Issue | Edit this Page

Help us make these docs great!

Kong Developer docs are open source. If you find these useful and want to make them better, contribute today!
Contribute

Still need help

Ask in our Forum
Contact Support