Summary
The v2 Authorization API proto defines hard-coded validation limits on batch request sizes:
GetDecisionMultiResourceRequest.resources — maximum 1,000 resources per request:
repeated Resource resources = 3 [(buf.validate.field).repeated = {
min_items: 1
max_items: 1000
}];GetDecisionBulkRequest.decision_requests — maximum 200 decision requests per bulk request:
repeated GetDecisionMultiResourceRequest decision_requests = 1 [(buf.validate.field).repeated = {
min_items: 1
max_items: 200
}];Source: service/authorization/v2/authorization.proto
Current documentation state
These limits are only documented in the proto definition and auto-generated OpenAPI specs. They are not called out in any prose documentation (neither OpenTDF docs nor DSP admin/developer guides).
Requested actions
- Documentation: Document these limits alongside the other v2 Authorization API validation constraints in prose documentation.
- Evaluate the limits: Confirm whether 1,000 resources per multi-resource request and 200 requests per bulk request are the appropriate ceilings, or whether they should be adjusted or made configurable.
Related
Summary
The v2 Authorization API proto defines hard-coded validation limits on batch request sizes:
GetDecisionMultiResourceRequest.resources — maximum 1,000 resources per request:
repeated Resource resources = 3 [(buf.validate.field).repeated = { min_items: 1 max_items: 1000 }];GetDecisionBulkRequest.decision_requests — maximum 200 decision requests per bulk request:
repeated GetDecisionMultiResourceRequest decision_requests = 1 [(buf.validate.field).repeated = { min_items: 1 max_items: 200 }];Source:
service/authorization/v2/authorization.protoCurrent documentation state
These limits are only documented in the proto definition and auto-generated OpenAPI specs. They are not called out in any prose documentation (neither OpenTDF docs nor DSP admin/developer guides).
Requested actions
Related