Your SlideShare is downloading. ×
Careful - APIs Inside: Testing and Monitoring for App Development
Upcoming SlideShare
Loading in...5

Thanks for flagging this SlideShare!

Oops! An error has occurred.

Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Careful - APIs Inside: Testing and Monitoring for App Development


Published on

Mobile World Congress Wipjam Testing Session presentation: APIs Inside.

Mobile World Congress Wipjam Testing Session presentation: APIs Inside.

Published in: Technology
  • Be the first to comment

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

No notes for slide


  • 1. Careful - APIs Inside Testing and Monitoring for API Driven Apps Steven Willmott 3scale Inc. @njyx, @3scale
  • 2. Behind (Almost) Every App is a Great API
  • 3. 3scale is… API Infrastructure Provider ! Power 350+ APIs ! 110,000 Developers writing Apps (Selection) ! API Tech Operations API Business Operations Developer Support
  • 4. Apps Depend on API Backends Your App Direct Indirect Proxy Your Backend
  • 5. Creates Problems Development Time Run Time OAuth Bad Docs Weird HTTP Errors Rate Limit Problems High Latency Version Changes APIs Can Waste Time Old Versions Random Failures Poor SDKs Rate Limit Failures APIs Can Kill Your App
  • 6. Development Time Tools HTTP Problems • • • • ! HTTP is Easy until it’s not (Caching, Verbs, Headers, Hashes, Media Types) Use HTTP Sniffers (HTTPScoop, Fiddler) + network sniffers (e.g. Wireshark) Check & use caching headers CORS, Cross Site Problems HTTPScoop Auth Problems oAuth Libraries & Documentation • beware oAuth “variants” • Try: • • • Other Authentication: • Try to use provided SDKs • Unit Test heavily for custom integrations •
  • 7. Development Time Tools Provider Problems • • • • • ! Bad Documentation: look for interactive docs (swagger active docs, iodocs, apiary) Unspecified Rate Limits (when do they kick in?) Old Versions Different Production and Test Environments Unit test mocks Pro Tip How to ask An API Provider a ! question ! ! “I was doing the following with you API, I was expecting this … to happen, to my dismay, this other thing happened instead …”(*) (* - credit Kirsten Hunter)
  • 8. Active Docs (via 3scale)
  • 9. Operations Time Tools The Old • • • • Pingdom et. al. Provide standard HTTP alerts, Webmetrics: step by step test execution primarily for SOAP APIs Nagios, Monit, Munin, SENSU etc. in your own infrastructure Splunk et. al. for log analysis. ! The New ! How to ask An API Provider a ! question ! • • • Runscope Smartbear 3scale APITools ! • ! New tools: proxy transform, step by step unit testing, authentication tests, API specific analytics ! ! !
  • 10. Where is the Fun & Profit? API Testing is getting easier APIs are more stable over time Mocks & Proxies Help a Lot Happy Users are More Fun & Generate More Profit!
  • 11. Thank You Contact: @njyx -