US Patent 12003543 Method and system for modifying and validating API requests

Some embodiments of the invention provide a method of modifying and validating API requests received at an API server. At a mutating admission controller of the API server, the method intercepts an API request received at the API server. The method invokes a mutating webhook to query a policy agent that includes a set of policies for modifying API requests to determine whether the API request requires modifications. When the policy agent determines that the API request requires modifications based on an identified policy from the set of policies, the method performs the modifications and forwards the modified API request for validation by the API server. After the API server has validated the API request, the method intercepts the API request at a validating admission controller and invokes a validating webhook to query the policy agent to determine whether the API request is valid. When the policy agent determines that the API request is valid, the method forwards the API request to be admitted to a database of the API server.