Validation of inter-parameter dependencies in API gateways

Web APIs usually include inter-parameter dependencies that constrain how input parameters can be combined to form valid calls to the services. API calls often violate these dependencies, resulting in unnecessary message exchanges, wasted time, and quota usage. Additionally, services may fail to adeq...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Computer standards and interfaces Jg. 94; S. 104010
Hauptverfasser: Barakat, Saman, Segura, Sergio
Format: Journal Article
Sprache:Englisch
Veröffentlicht: Elsevier B.V 01.08.2025
Schlagworte:
Gateways
OpenAPI specification
REST
Web API
Web API
REST
OpenAPI specification
Gateways
ISSN:0920-5489
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Web APIs usually include inter-parameter dependencies that constrain how input parameters can be combined to form valid calls to the services. API calls often violate these dependencies, resulting in unnecessary message exchanges, wasted time, and quota usage. Additionally, services may fail to adequately validate whether input requests meet these dependencies, causing critical failures or generating uninformative error messages. In this article, we propose extending API gateways to detect and explain inter-parameter dependency violations. We leverage the Inter-parameter Dependency Language (IDL) for specifying dependencies between input parameters in web APIs, and IDLReasoner, a constraint-based IDL analysis engine. We implemented our approach into a prototype tool, IDLFilter, on top of Spring Cloud Gateway. Evaluation results with 12 industrial API operations and about 30K automatically and manually generated API calls show that our approach effectively blocks invalid calls due to dependency violations, providing informative error messages and minimizing potential input validation failures. IDLFilter introduces a small 7% overhead when processing valid API calls, while reducing the response time of requests violating dependencies by 59%. [Display omitted] •Dependencies among input parameters are extremely common in Web APIs.•API gateways do not support the validation of inter-parameter dependencies in API requests.•We present a novel approach for detecting and explaining inter-parameter dependency violations in API gateways.•A prototype tool, IDLFilter, integrated into Spring Cloud Gateway, makes our approach readily applicable.•Experimental results show a reduction in response time of 59% for API calls violating inter-parameter dependencies.
ISSN:0920-5489
DOI:10.1016/j.csi.2025.104010