Currently Auth service's RAML seems outdated, as there are some 500 responses that shouldn't happen (as there should be error handling for those - which also might be missing in some parts), also integration tests do not check response matching RAML.
This task is to fix the api-definition (with splitting schemas), and include integration tests (add lacking tests for permission or validation errors).
Auth's RAML is valid and updated
RAML response bodies moved to JSON schemas
Integration tests check response codes and RAML validity
Integration tests for other results than 20X are added.
No 50X messages are returned in case of any kind of validation/permission errors.
Error handling is consistent with the rest of our services - do not return BindingResults, return ValidationExceptions.