JSON Schema for API Validation
An API response can be valid JSON and still be wrong. It may parse successfully while missing a required field, returning a string where a number is expected, or changing a nested object in a way that breaks clients.
JSON Schema helps close that gap. It describes what a JSON document should look like, not just whether the syntax is correct.
Syntax Validation vs Schema Validation
Syntax validation answers one question: can this text be parsed as JSON?
Schema validation asks more useful questions:
- Is
idrequired? - Should
pricebe a number? - Can
statusonly bedraft,active, orarchived? - Does every item in an array have the same required fields?
- Are unknown fields allowed?
Use the JSON Formatter & Validator to confirm the JSON parses. Then use the JSON Schema Validator to check whether it matches the expected contract.
A Simple API Schema
Here is a small schema for a product payload:
{
"type": "object",
"required": ["id", "name", "price", "status"],
"properties": {
"id": { "type": "string" },
"name": { "type": "string" },
"price": { "type": "number", "minimum": 0 },
"status": {
"type": "string",
"enum": ["draft", "active", "archived"]
}
}
}This schema does not just say the JSON should be an object. It says which fields are required, which types are expected, and which status values are allowed.
Why APIs Need Schema Checks
APIs change over time. A field may be renamed, an optional value may become required, a number may start arriving as a string, or a nested object may become an array. These changes can break frontend components, integrations, tests, and reporting jobs.
Schema validation catches those changes near the boundary. Instead of discovering the problem after a screen fails or an import produces bad data, you can detect the mismatch when the payload is received or tested.
What to Validate First
Do not try to model every field on day one. Start with the parts of the payload that your application depends on.
For a product API, the first schema rules may cover:
- stable identifiers such as
idorsku - display fields such as
nameandslug - numeric fields such as
price,stock, andrating - state fields such as
status - array fields such as
categoriesorimages
Fields used only for logging, experimentation, or display hints can often stay optional. A schema should protect the contract, not freeze every harmless implementation detail.
This approach also makes errors easier to discuss with API providers. “The response changed from price: number to price: string” is clearer than “the page broke.”
Validating Arrays
Many APIs return lists. JSON Schema can describe each item in an array:
{
"type": "array",
"items": {
"type": "object",
"required": ["id", "email"],
"properties": {
"id": { "type": "string" },
"email": { "type": "string", "format": "email" }
}
}
}This is useful for search results, customer lists, transactions, log entries, and exported records.
Required Does Not Mean Non-Empty
One important detail: required means the property must exist. It does not always mean the value is useful.
For example, this object has a required name property:
{ "name": "" }If an empty string is not allowed, add a rule such as minLength. Similar details matter for arrays, numbers, and nullable values.
Handling Optional and Nullable Fields
Real APIs often have optional fields. A user may not have a phone number. An order may not have a discount. A profile may not have a company name.
Be explicit about what optional means. Is the field missing, or present with null? Those two patterns can have different meanings in client code.
Depending on the schema version you use, nullable values may be represented with a type array such as:
{ "type": ["string", "null"] }The important part is consistency. Clients should not have to guess whether a missing value, empty string, and null are equivalent.
Versioning and Breaking Changes
Schema validation is especially useful when APIs evolve. A change is usually breaking when existing clients can no longer read the response safely.
Common breaking changes include:
- removing a field that clients require
- renaming a property without a fallback
- changing a type, such as number to string
- changing an object into an array
- introducing a new enum value that old clients do not understand
Non-breaking changes are usually additive. For example, adding a new optional field should not break clients if schemas allow additional properties. That is why additionalProperties: false should be used carefully. It is helpful for strict import files and internal configuration, but it can make public API clients fragile if the API adds harmless metadata.
For public or partner APIs, keep older schemas for older API versions. For internal APIs, keep schema examples near integration tests so changes are reviewed with code changes.
Schema Examples Make Reviews Easier
A schema is easier to maintain when it sits next to realistic examples. Keep at least one valid payload and one intentionally invalid payload for each important API shape.
The invalid example should fail for a clear reason: missing id, wrong status, negative price, or an unexpected array shape. These examples help reviewers understand whether a schema change is tightening validation, loosening validation, or documenting behavior that already exists.
They also help non-backend teammates. Product managers, QA engineers, and frontend developers can read a small example faster than a long schema file.
Practical API Validation Workflow
Start with a real sample response. Format and validate the JSON syntax. Then write a schema for the fields your application actually depends on. Test good samples and intentionally broken samples.
For APIs that change often, keep schemas close to tests or documentation. When a breaking change happens, update the schema deliberately rather than letting clients discover it by accident.
Related QuickToolFlow Tools
- JSON Schema Validator for testing JSON data against a schema.
- JSON Formatter & Validator for cleaning payloads before schema checks.
- JSON Path Tester for inspecting nested fields in API responses.
Keep going