payload-verification-algorithm-required

Overview

This rule belongs to the apimatic-codegen-validation ruleset and states that:

When payloadVerification exists in webhook or callback configuration, the algorithm field MUST be specified with a valid value.

Property	Value
Enabled	Yes
Maximum Severity	Error
Message	PayloadVerification section is missing required algorithm field.
Code	APIMATICCODEGEN_V526
Type	Validation
Rule System	Semantic
Broad Category	Webhooks
Products Impacted	Code Generation, Developer Experience Portal
Tags	apimatic code generation codegen sdks portal docs validation apimatic webhook callback payload verification algorithm required field

Suggested Fixes

• Add an algorithm field to the payloadVerification section.
• Valid algorithm values vary by type: HMAC-SHA256/HMAC-SHA512/Custom for webhooks, HMAC/Custom for callbacks.
• The algorithm field is required for proper signature verification.
• If using a custom algorithm, also provide the name field.

For More Information

• https://www.apimatic.io/continuous-code-generation
• https://docs.apimatic.io/rulesets/overview/