DELETE operation has no parameter to store the ID of the object to be modified

Description

The DELETE operation has no parameter where to store the ID of the object to be modified.

All DELETE operations should normally have a parameter that indicates which object the operation modifies. However, sometimes a DELETE operation does not need to store the ID of the object to be modified, and the parameter is not needed. To make sure that your API works as you have intended, you should be careful not to omit the parameter in operations where it is actually needed.

Remediation

Make sure that all DELETE operations that need to store the ID of the object to be modified have a parameter for it.


Get API Security news directly in your Inbox.

By clicking Subscribe you agree to our Data Policy