Can we validate json message against json schema in APIGEE?

Not applicable

I could see that Message Validation policy can validate that json message is well-formed ,and also xml or soap with xsd.But is there any way to validate json message against json schema?

I want to validate incoming json message against its length and data type.What is the way to do this in proxy?

Solved Solved
1 17 850
2 ACCEPTED SOLUTIONS

You can do this in two ways

1. Node.js

There are some node.js libraries to validate a JSON.

https://www.npmjs.com/package/jsonschema

You can run these node.js validator on edge in combination of proxy chaining and achieve the desired functionality.

2. Java Callout.

There are some java libraries that can do do JSON /SOAP/XSD validation. You can write a java callout policy to validate your JSON/XML .

View solution in original post

adas
Participant V

The policy validates the json is well formed and the various configurations in the policy allow you to check for Element count, Object count etc. but unfortunately it doesn't allow you to validate the json against a schema. You can do that using a java or javascript callout but I agree it would be a good feature to add. I might already have a feature request logged for it.

View solution in original post

17 REPLIES 17

You can do this in two ways

1. Node.js

There are some node.js libraries to validate a JSON.

https://www.npmjs.com/package/jsonschema

You can run these node.js validator on edge in combination of proxy chaining and achieve the desired functionality.

2. Java Callout.

There are some java libraries that can do do JSON /SOAP/XSD validation. You can write a java callout policy to validate your JSON/XML .

adas
Participant V

The policy validates the json is well formed and the various configurations in the policy allow you to check for Element count, Object count etc. but unfortunately it doesn't allow you to validate the json against a schema. You can do that using a java or javascript callout but I agree it would be a good feature to add. I might already have a feature request logged for it.

Thanks @rajeshmishra and @arghya das

In my usecase,we need to do a json schema validation for every incoming message.And instead of using java or nodejs,it would be really nice to have it included in validation policy.

@arghya das ,could you please let us know if this feature request has been considered and will be taken up in future releases?

Former Community Member
Not applicable

@RK4

You don't need node.js or Java. If you look at the package tv4, there is a browser version of it. That works with the JavaScript callout policy. It only takes 2-3 lines of code to validate an incoming message against a schema. I think I have a sample...

Thanks @Srinandan Sridhar.Is it so reliable that it can it be called from production proxy?could you please share the sample?

Former Community Member
Not applicable

I have used tv4 previously. I found it to be quite reliable and fast. Here are some code snippets to help you.

NOTE: I stored the schema as a variable in the file customerSchema.js. For ex:

var schema = {
  "$schema": "http://json-schema.org/draft-04/schema#",
  "id": "http://jsonschema.net",
  "type": "object",
  "properties": {
.
.
.
};

In the JavaScript Policy properties:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<Javascript async="false" continueOnError="false" enabled="true" timeLimit="200" name="Validate-Customer">
    <DisplayName>Validate Customer</DisplayName>
    <Properties/>
    <IncludeURL>jsc://tv4.min.js</IncludeURL>
    <IncludeURL>jsc://customerSchema.js</IncludeURL>
    <ResourceURL>jsc://validateCustomer.js</ResourceURL>
</Javascript>

In the JavaScript file:

//store the payload as JSON
var body = request.content.asJSON;
//validate the incoming message
var result = tv4.validateMultiple(body, schema);
//set the result in a variable
context.setVariable("valid", result.valid);

Former Community Member
Not applicable

@arghya das, Since I have included the schema as a dependency, is it loaded for every message or do we have some kind of "pre-loaded" mechanism?

@RK4 The feature request was logged a while back, but I don't think its getting addressed in the short term. For now you can go with the suggestions made by folks here. But also remember that doing this for every message would have performance implications, at least when you do this at a considerably high scale like 1000-2000 requests per second.

Former Community Member
Not applicable

Thankyou @Srinandan Sridhar

I see that tv4.min.js is not included in the resources.Does it mean APIGEE supports this js without even including it?

in my case APIGEE is not supporting. I've downloaded from https://github.com/geraintluff/tv4 which is not working as expected.

Former Community Member
Not applicable

@naga

Can you please explain "not working as expected"? What error/behaviour are you seeing vs expecting?

Former Community Member
Not applicable

@RK4

Apigee doesn't support or include tv4. You should download the latest file from: https://github.com/geraintluff/tv4

Not applicable

@Srinandan Sridhar

Could you please share the sample you mentioned?

Not applicable

Hi Srinandan Sridhar , Can you attach the latest 'tv4.min.js' that you have refered in your proxy ?

Thanks

@RK4, I posted and article on how to use the OpenAPI Spec to validate a JSON request, using a single Javascript policy and tv4, for all the endpoints in a proxy. Check it out here: https://community.apigee.com/articles/42993/using-the-openapi-spec-to-validate-json-requests.html