Please select the area the issue is related to
Gateway
Please select the aspect the issue is related to
Aspect/API (API backends, definitions, contracts, interfaces, OpenAPI)
Suggested Feature
Built-in LLM provider templates should be treated as read-only. Users must not be able to update or delete them from any surface.
In the Platform API / control plane, PUT / PATCH / DELETE on a built-in template are blocked, as we treat them as read-only templates.But in the Gateway REST APIs, PUT / DELETE have no such guard, built-in templates can be updated or deleted. Also, when the gateway is restarted, those changes are lost during reseeding (deleted built-ins are re-created).
Since built-in templates are shipped and maintained by WSO2, modifying or deleting them should be restricted.
Proposed Solution
- Block update and delete operations on built-in templates. Requests must be rejected with a clear, actionable error message rather than failing silently or partially applying.
Related Issues
No response
Steps to Verify
Please select the area the issue is related to
Gateway
Please select the aspect the issue is related to
Aspect/API (API backends, definitions, contracts, interfaces, OpenAPI)
Suggested Feature
Built-in LLM provider templates should be treated as read-only. Users must not be able to update or delete them from any surface.
In the Platform API / control plane, PUT / PATCH / DELETE on a built-in template are blocked, as we treat them as read-only templates.But in the Gateway REST APIs, PUT / DELETE have no such guard, built-in templates can be updated or deleted. Also, when the gateway is restarted, those changes are lost during reseeding (deleted built-ins are re-created).
Since built-in templates are shipped and maintained by WSO2, modifying or deleting them should be restricted.
Proposed Solution
Related Issues
No response
Steps to Verify