What happens when we pass extra field in request body(JSON) in a OpenAPI POST endpoint

Question

I was working on Swagger generated OpenAPI specification and I noticed that if we pass some extra fields in PUT/POST API endpoint, then the server doesn't throw any error, even though it process all valid/necessary field. So my doubt is that

1. Should the server throw error in this case?
2. Is it the OpenAPI standard to allow unknown fields and then ignore them?

Answer 1

In Swagger specification 2.0 there is no option to reject the extra fields passed in the request body. Server will only accept those fields that are allowed in the request definition and other fields will be ignored. If you want to disallow extra fields then you can handle these in the backend manually.