Skip to main content

2025-02-03

Stricter Schema Validation for Login::token API

We would like to inform you that the request schema for Login::token is being tightened. From now on, requests containing unnecessary parameters other than grant_token will be rejected.

Changes

Before the change:

Requests containing unnecessary parameters did not trigger an error.
However, the returned access_token was invalid.

Request Body

{
  "unexpected_field": ""
}

Response

{
  "access_token": {
    "value": "5c57e4985c70a850eca3d63d4d1e01b993f52d4d0cc66e9ba08feeb51497f3ba",
    "expiresAt": 1738208098
  }
}

After the change:

Requests containing unnecessary parameters will now return an error.

Request Body

{
  "unexpected_field": ""
}

Response

{
  "errors": [
    {
      "code": "invalid",
      "message": "Additional properties not allowed: unexpected_field"
    }
  ],
  "x-rcms-request-id": "59d64f95-9f89-4a29-9788-83af774fad69"
}

Planned Date for Endpoint Addition

Stable: April 21, 2025

The specific date and time for the official version cannot be chosen by the user.
By switching to the RC version, you can verify the functionality at any desired timing.

Contact

If you have any further questions regarding this matter, please feel free to contact Kuroco Support.

Support

If you have any other questions, please contact us or check out Our Slack Community.

Contact form
Join Kuroco Slack community