Your SlideShare is downloading. ×
Careful - APIs Inside: Testing and Monitoring for App Development
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Careful - APIs Inside: Testing and Monitoring for App Development

2,366
views

Published on

Mobile World Congress Wipjam Testing Session presentation: APIs Inside.

Mobile World Congress Wipjam Testing Session presentation: APIs Inside.

Published in: Technology

0 Comments
4 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
2,366
On Slideshare
0
From Embeds
0
Number of Embeds
5
Actions
Shares
0
Downloads
28
Comments
0
Likes
4
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Careful - APIs Inside Testing and Monitoring for API Driven Apps Steven Willmott 3scale Inc. @njyx, @3scale
  • 2. Behind (Almost) Every App is a Great API
  • 3. 3scale is… API Infrastructure Provider ! Power 350+ APIs ! 110,000 Developers writing Apps (Selection) ! API Tech Operations API Business Operations Developer Support 3scale.net
  • 4. Apps Depend on API Backends Your App Direct Indirect Proxy Your Backend
  • 5. Creates Problems Development Time Run Time OAuth Bad Docs Weird HTTP Errors Rate Limit Problems High Latency Version Changes APIs Can Waste Time Old Versions Random Failures Poor SDKs Rate Limit Failures APIs Can Kill Your App
  • 6. Development Time Tools HTTP Problems • • • • ! HTTP is Easy until it’s not (Caching, Verbs, Headers, Hashes, Media Types) Use HTTP Sniffers (HTTPScoop, Fiddler) + network sniffers (e.g. Wireshark) Check & use caching headers CORS, Cross Site Problems HTTPScoop Auth Problems oAuth Libraries & Documentation • beware oAuth “variants” • Try: • oAuthbible.com • oauth.io • Other Authentication: • Try to use provided SDKs • Unit Test heavily for custom integrations • http://www.slideshare.net/synedra/demystifying-restruby
  • 7. Development Time Tools Provider Problems • • • • • ! Bad Documentation: look for interactive docs (swagger active docs, iodocs, apiary) Unspecified Rate Limits (when do they kick in?) Old Versions Different Production and Test Environments Unit test mocks Pro Tip How to ask An API Provider a ! question ! ! “I was doing the following with you API, I was expecting this … to happen, to my dismay, this other thing happened instead …”(*) (* - credit Kirsten Hunter)
  • 8. Active Docs http://developer.flightstats.com (via 3scale)
  • 9. Operations Time Tools The Old • • • • Pingdom et. al. Provide standard HTTP alerts, Webmetrics: step by step test execution primarily for SOAP APIs Nagios, Monit, Munin, SENSU etc. in your own infrastructure Splunk et. al. for log analysis. ! The New ! How to ask An API Provider a ! question ! • • • Runscope Smartbear 3scale APITools ! • ! New tools: proxy transform, step by step unit testing, authentication tests, API specific analytics ! ! ! http://www.soapui.org/Dojo/overview.html
  • 10. Where is the Fun & Profit? API Testing is getting easier APIs are more stable over time Mocks & Proxies Help a Lot Happy Users are More Fun & Generate More Profit!
  • 11. Thank You Contact: http://www.3scale.net @njyx - steve@3scale.net