Section – OpenAPI
ON/OFF radio buttons:
- To enable OpenAPI spec enforcement for a mapping, set the radio button to ON. By default, OpenAPI is OFF (disabled).
UI | Description |
|---|---|
Entry path | A pattern matching the full request path. Default value: Example: If the entry path of the mapping is a directory, variables like Note: The rules are evaluated sequentially until a matching rule is found. Only the matching rule is then executed. If no rule matches, nothing is validated. |
API | Either choose an OpenAPI specification uploaded via Submenu – API Security or set to No validation if the requests matching this Entry path must not be validated. |
Path Matching | Default value: Client view The Gateway mapping can be configured to rewrite the incoming URL to a different back-end URL (asymmetric mappings). Due to this rewriting, the incoming URL path (Client view) will be different from the back-end URL path (Back-end view). Select either Client view or Back-end view to match the URL path according to the path in your API specifications. |
Log only | If enabled potential attack requests are only logged but not blocked. |
Check responses | Default value: Off Choose how API responses should be validated:
|
Offer API specification file publicly | Allow the API specification files to be downloaded by external clients. The download path of the API specification is composed as follows:
Example |
Publish path prefix | Affects the URL under which the API specification files are available for download externally. Note that the entry path will be added in front of it. Example: |
Further information and links
Internal links:
- Submenu – License
- Submenu - API Security
- For API policy cookies, see: API policy cookies