![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 35%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPV%3C/text%3E%3C/svg%3E)
Azure API Management
An Azure service that provides a hybrid, multi-cloud management platform for APIs.
2,111 questions
Hi @Periasamy, Vijay Sundar (COGNIZANT) Greetings! Welcome to Microsoft Q&A forum. Thank you for posting this question here.
Regarding Schema Validation
I am not sure if I follow the question correctly. The schema validation will be performed based on the schema definition of the API and I don't think there is any consolidated policy we can refer that comprises of all the validations for different data formats. Please refer the article Common usage of validate-content policy in APIM which provides some use cases on how validation can be applied to data.
regarding Server end validation against a specific APIM Service
I could not find any SDK available by the platform to get the functionality supported by the Azure portal for validating the Schema. However, inspecting the network calls made by the platform, I see that the error messages are a result of calling the end point https://management.azure.com/subscriptions/<subscriptionID>/resourceGroups/<resourcegroup>providers/Microsoft.ApiManagement/service/<apimserviceName>/apis/<apiId>/policies/policy?api-version=2022-09-01-preview through a Put request
The request accepts the policy template in the format of a raw XML. Below is the sample request I captured from the network call
{"properties":{"format":"rawxml","value":"<!--\n - Policies are applied in the order they appear.\n - Position <base/> inside a section to inherit policies from the outer scope.\n - Comments within policies are not preserved.\n-->\n<!-- Add policies as children to the <inbound>, <outbound>, <backend>, and <on-error> elements -->\n<policies>\n <!-- Throttle, authorize, validate, cache, or transform the requests -->\n <inbound>\n <base />\n </inbound>\n <!-- Control if and how the requests are forwarded to services -->\n <backend>\n <base />\n </backend>\n <!-- Customize the responses -->\n <outbound>\n <base />\n </outbound>\n <!-- Handle exceptions and customize error responses -->\n <on-error>\n <base />\n </on-error>\n <set-variable name=\"IsMobile\" value=\"@(context.Request.Headers.GetValueOrDefault(\"User-Agent\",\"\").Contains(\"iPad\") || context.Request.Headers.GetValueOrDefault(\"User-Agent\",\"\").Contains(\"iPhone\"))\" />\n</policies>"}}
The response of this request contains the error code message and details if the policy is not accurate, which are then presented on the portal. Here is a response generated from the above request
{
"error": {
"code": "ValidationError",
"message": "One or more fields contain incorrect values:",
"details": [
{
"code": "ValidationError",
"target": "set-variable",
"message": "Error in element 'set-variable' on line 24, column 6: Policy section is not allowed in the specified scope"
}
]
}
}
Please refer the end point documentation Api Policy - Create Or Update for more details on the endpoint.
You can create a Service principal role and assign Contributor access to the APIM instance to access the end point programmatically. The document Azure REST API - Create a bearer token contains the steps needed on how to create a bearer token required by the API end point.
Hope this helps! Please let us know if you have any additional questions.
If the response helped, please do click Accept Answer and Yes for the answer provided. Doing so would help other community members with similar issue identify the solution. I highly appreciate your contribution to the community.