get-operation-cannot-have-request-body
Overview
This rule belongs to the openapi-v3-standards-validation
ruleset and states that:
HTTP methods like GET, DELETE, HEAD are not allowed to have a request body since a payload for these methods do not have any defined semantics. If request body is defined for non-body HTTP verbs, it will get ignored automatically during import/transformations in APIMatic. Therefore, in OpenAPI as well, the GET Operation Object must not set the requestBody
property.
Property | Value |
---|---|
Enabled | Yes |
Maximum Severity | Warning |
Message | Operation Object for GET HTTP method cannot have a request body. |
Code | OPENAPI3STANDARDS_V053 |
Type | Validation |
Rule System | Semantic |
Broad Category | Operations |
Products Impacted | API Transformer, Code Generation, Developer Experience Portal |
Tags | openapi3 openapi standards semantic validation get request body body parameter operation |
Suggested Fixes
- Remove the
requestBody
property from the GET Operation Object. - Change the HTTP method to POST or any other method that supports request body.
For More Information
- https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.3.md#operation-object
- https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.3.md#operationRequestBody
- https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.3.md#request-body-object
- https://datatracker.ietf.org/doc/html/rfc7231#section-4.3.1
- https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.3.md#openapi-specification
- https://docs.apimatic.io/rulesets/overview/