Public Ideas Portal
The current HTTP API documentation does not indicate the schema of the request/response bodies for different requests. We can't be sure from the examples what are valid values for different fields, what's required and what's optional, etc.
-> Request: It would be easier to use this API if Kong were able to provide an OpenAPI specification.
There seems to be a general problem with missing validation in the HTTP API that results in 500 errors for invalid inputs (eg policy names longer than 100 characters in universal mode, inline certificates which aren't base64 encoded, etc). Currently we are only able to work out the cause of the error by looking through the control plane logs, and even that takes a bit of luck as the logs aren't correlated with the request.
-> Request: It would be easier to use this API if requests were validated against the OpenAPI specification mentioned above and the validation errors reported to us as part of the HTTP response.
