Improper validation of role config

[hashidave]

A customer of mine ran into an issue where they configured a jwt auth role using vault write config/auth/jwt/role/xyz and used the json in the screenshot. Vault took it with no complaints as shown.
There's a subtle error here in that claim_mapping should actually be claim_mappingS & it took us a while to track it down & wasted a bunch of time to figure out why the claim_mappings didn't work.
My ask is to at least warn on unknown parameters if not outright fail.
thanks.

[austingebauer]

Hi @hashidave - Vault use to provide warnings for fields provided to the API that aren't a part of its field schema. It looks like this has since changed. It is now an opt-in parameter of specific backends via the TakesArbitraryInput field.

I remember there being mixed feedback when these warnings were added. How do people feel about them? Is it worth adding to this auth method? Or should it be addressed in a consistent way at the Vault level? Looking for thoughts.