I have an API that specifies a query parameter like this:
- in: query
name: location_id
description: Optional parameter to limit results to a given org or ou location
example: org:91522ce0-e52f-47d8-b034-5f3664f740e4
schema:
oneOf:
- $ref: "#/components/schemas/org_id"
- $ref: "#/components/schemas/ou_id"
I have an API that specifies a query parameter like this:
where org_id is thus:
and ou_id is thus:
but this is being flagged up as a OWASP API1:2019 issue.