Skip to content

Incorrect OpenAPI (Swagger) documentation for application/vnd.api+json #7146

New issue
New issue
Open
Open
Incorrect OpenAPI (Swagger) documentation for application/vnd.api+json#7146
@dmitrach

Description

@dmitrach
dmitrach
opened on May 14, 2025

Hello.

A project used Api Platform 2.x and have been updated to 3.x, but here I faced a problem with OpenAPI documentation - it does not correspond to the real responses.

API Platform version(s) affected: v3.3.15, v3.4.17
There is no problem on v3.2.26 (good - there is some extra duplicates, but their descriptions are correct), v3.1.29 (ideal - the documentation is the same as the previous version).

Description
The project uses two types of responses:

  • application/vnd.api+json
  • application/json

The app works correctly, but the documentation of the app is wrong. It contains fields that are not used in the app and should not be included in the response. No groups have been assigned to them anywhere. The problem only for application/vnd.api+json. The documentation includes information about all related entities (maybe not only), but they are not used in the responses.

Below are examples of pieces of documentation.

v3.3.15, v3.4.17 - there are absolutely different refs and their descriptions, but the real responses look like the ref in application/json although the request Accept application/vnd.api+json. It works in WebApp, but the documentation is wrong. The documentation contains ~9600 lines and Swagger UI works very slowly.
The description of application/vnd.api+json includes unused fields, like password, emails, and other confident information.
Just for fun I used v4.* and I've got wrong documentation and over 16000 lines in the documentation.

      responses:
        '200':
          description: 'Item collection'
          content:
            application/vnd.api+json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/Item.jsonapi'
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/Item-partner.item.read'

v3.2.26 - there are different refs and some duplicates, but their description are the same. The documentation contains ~2000 lines.

responses:
        200:
          description: 'Item collection'
          content:
            application/vnd.api+json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/Item.jsonapi-partner.item.read'
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/Item-partner.item.read'

v3.1.29 - the refs are the same. The documentation looks like it was in v2.7. The documentation contains ~1600 lines.

      responses:
        200:
          description: 'Item collection'
          content:
            application/vnd.api+json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/Item-partner.item.read'
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/Item-partner.item.read'

How to reproduce
I have a typical PHP entity code (Symfony) where a part of properties has groups (#[Groups(['employee:read'])]) and others have no groups.
Out API resource has normalizationContext: ['groups' => ['employee:read']]. Some properties are related objects, one of them has the group, but others have not.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions