How to add validation for required field and empty string forbidden in APIM config ?

Amy Zhang 25 Reputation points
2023-09-22T08:14:44.5066667+00:00

Hi, we hope APIM could validate if a "query parameter (CurrentOwnerEmail) " is required and should be with value (empty string is forbidden) .

After trying the following approach, there's no luck.
User's image

Test Case 1 : CurrentOwnerEmail is not provided in the query parameter
Result 1 : return 404 Resource not found ( It's good no data returned, but the message is confusing)

Test Case 2 : CurrentOwnerEmail is provided in the query parameter, with empty string
Result 2 : return ALL data ( No good, we hope APIM could block such query )

Test Case 3 : CurrentOwnerEmail is provided in the query parameter, with email info
Result 3 : return record ( Good, it's expected )

Not sure how to meet Test Case 2 .
If the error message of Test result 1 can be improved , it'll be fine as well.

Need your help

Thank you

Azure API Management
Azure API Management
An Azure service that provides a hybrid, multi-cloud management platform for APIs.
2,131 questions
{count} votes

Accepted answer
  1. MuthuKumaranMurugaachari-MSFT 22,331 Reputation points
    2023-09-22T15:48:05.1166667+00:00

    Amy Zhang Thanks for posting your question in Microsoft Q&A.

    #1 When you import OpenAPI spec in APIM, query parameters with required fields are converted as template parameters. So, if you can call API without that parameter (i.e. CurrentOwnerEmail), you will get 404 error as per design. If you like to change the behavior, follow the instructions in API Management during OpenAPI import doc (Change to query parameters instead of template parameters).

    #2 For the second scenario, APIM will not validate the empty string by default. You would need to use validate-parameters policy to validate and block such requests. Check out Validate parameters doc to know about the policy and examples for reference.

    I hope this helps and feel free to reach out if you have any questions.


    If you found the answer to your question helpful, please take a moment to mark it as "Yes" for others to benefit from your experience. Or simply add a comment tagging me and would be happy to answer your questions.


0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.