When using OAS Validation plugin to validate a request against a particular OAS specification, you can set additionalProperties to either true or false in the body schema definition.
Given the following JSON body in the request:
{
"value": "test",
"blah": "invalid"
}And this OAS schema for a JSON body:
schemas:
Echo:
type: object
required:
- value
properties:
value:
type: string
optionalValue:
type:
- "null"
- stringWhen additionalProperties is set to true or omitted entirely from the schema, the plugin allows any number of JSON keys in the request body, as long as there is a value key present.
This example request body will pass validation as this is a fail-open scenario.
When additionalProperties is set to false:
schemas:
Echo:
type: object
required:
- value
properties:
value:
type: string
optionalValue:
type:
- "null"
- string
additionalProperties: falseThe additional blah key in the request body is not explicitly defined in the example schema. Because additionalProperties is false, additional keys are not allowed, therefore the request fails validation.