Validate XML and SOAP using MessageValidation

Was this helpful?

Using validation, the system can reject messages that do not conform to the request message schema definitions. That means developers building apps to consume your API are immediately notified if they are submitting non-conformant requests. Some examples are missing end tags in an XML document, and getting valid responses from malformed request messages.

Validation can save you a call to tech support, and can help developers avoid time in the forums trying to find troubleshooting help. If developers are notified that they are submitting invalid requests, they can refer to the XML schema for the API to understand how to fix the error. Thus, the XML schema is an important component of your API documentation to help your developers understand how to interact with your API.

Apigee allows you to configure your API with a Message Validation policy that validates messages with the XML payload.

The policy also validates that an XML or JSON message is well-formed, and the SOAP format is correct according to the relevant XSD or WSDL file,  ensuring that tags are balanced. If the XML code is incomplete, the policy returns a message validation error. Note that the policy must be written as follows for any well formedness validation:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<MessageValidation name="MessageValidation">
</MessageValidation>
Back to top

Configuring the MessageValidation policy

Configure MessageValidation using the following elements.

Field Name Description
Source (Optional)
Source message to be validated.
  • If the source is missing, it is treated as a simple message. For example, <Source>message</Source>
  • If the source variable cannot be resolved, or resolves to a non-message type, the policy fails to respond.
ResourceURL (Optional)
XSD or WSDL file used in the schema validation against the source message. The message validation fails if the WSDL file does not have schemas or if the maximum import depth exceeds 10.
If ResourceURL is not specified, the message is checked for:
  • Well-formed XML if the content-type is application/xml
  • Well-formed JSON if the content-type is application/json
SOAPMessage (Optional)
Verifies that the message corresponds to the SOAP format of the specified version(s).
If the version attribute is not specified, the message could correspond to either SOAP 1.1 or 1.2 format (example below).
Element (Optional) Specifies the valid root elements.
Back to top

Policy schema

Each policy must conform to a policy schema. All policy constructs such as elements and attributes mentioned above are defined in a schema. To download the schema, click here.

Example - Message Validation policy

<MessageValidation name="myPolicy">
    <Source>mymessage</Source>
    <ResourceURL>xsd://sample</ResourceURL>
    <SOAPMessage version="1.1/1.2"/>
    <Element namespace="http://finance.com/1999"> PurchaseOrder</Element>
    <Element namespace="http://finance.com/2000">PurchaseOrder</Element>
</MessageValidation>

Back to top