Solve API problems fast with Runscope. Learn More →

Monitor Your Webhook Workflows with New Incoming Requests for API Tests

By John Sheehan on .

API testing and monitoring has traditionally focused solely on outbound requests that simulate what a client of a particular API or endpoint would experience. But APIs are increasingly becoming a two-way conversation, with data flowing into apps asynchronously based on events happening (e.g. GitHub commits, Twilio text messages received, bots receiving requests, etc.). The most popular way this occurs is via a pattern known as webhooks.

Testing a webhooks implementation can be difficult. While you can exercise specific endpoints that consume an event payload (Runscope is great at this), generating test events that mimic real-world conditions is a manual process. What we need is an API testing tool that understands data going out via API calls, but also data coming in via asynchronous callbacks, and the relationship between the two.

Introducing Monitoring and Testing for Webhooks

Today we've added a new feature to our API testing and monitoring lineup that allows you to combine outgoing API calls with incoming callback requests. To understand how this works, let's take a look at a simple example.

Testing Twilio Status Callback URLs

Twilio is an API that allows developers to add communications (voice, text, video) features to their applications. One of the most popular products they offer is their SMS API. When sending SMS, it's really important to know whether or not a message was delivered. The Twilio API offers a "Status Callback URL" that will notify your app of delivery status after you send a message. Delivering a message takes a little bit of time so it's not possible to include a delivery status in the response to the original API call. Instead, you can pass a URL to be notified at asynchronously once the delivery attempt is completed.

To test this scenario, we can create a test that sends an SMS message via an outbound API call, then waits for a callback request containing the delivery status using the new Incoming Request Step type:

Incoming Request Steps can be validated just like the responses of outgoing API calls. In this case, we're checking for a form POST parameter named MessageStatus to make sure the value is correct. You can also check JSON attributes, extract and store values to use in subsequent requests with variables, or write more advanced assertions with JavaScript and the Chai Assertion library.

Testing Conditional Webhooks

Clearbit is one of our favorite new services. We make heavy use of their Enrichment API for qualifying leads. When looking up an email address, sometimes you get an immediate response (if it has been looked up recently) but other times you'll get a callback once the data has been retrieved. Using incoming requests combined with a condition, we can test this scenario as well:

If our initial request returns a 200 OK, we can assert on the response and extract data for subsequent requests. If we get a 202 Accepted back, we know that we'll get the details via the webhook URL and can handle the data there instead.

These are just a couple examples of how you can use Incoming Request steps to verify your webhook and callback workflows. There are many other possibilities including testing bot responses, simple API integration and workflow automation, and much more.

Now Available for All Runscope Accounts

Incoming Request steps are now available for all free and paid Runscope accounts. If you're new to Runscope, be sure to sign up for your free trial to try it out. You'll see the "Add Incoming Step" option at the bottom of the test steps editor. As always, if you have any questions or need help getting started, contact our support team any time.


Categories: announcements, monitoring, testing

Connect Runscope with xMatters for Automated, Intelligent Communication About API Incidents

By Ashley Waxman on .

When your business runs on mission-critical APIs, it’s important to know when those services are experiencing problems such as degraded performance, data quality, or simply not responding at all. Also, as more and more APIs proliferate to other parts of your application and IT infrastructure, knowing exactly who to notify about API problems depending on when and where they occur becomes even a greater challenge.

Intelligent Communication for API Incidents 

Today we’re announcing a new integration between xMatters and Runscope to combine the power of xMatters’ intelligent communication platform with Runscope’s automated API testing and monitoring solution.

xMatters connects insights from any system to the people who matter in order to accelerate essential business processes. The extensible platform allows you to add a layer of intelligent communication across the entire enterprise with automated, targeted communications ensuring that critical messages and notifications get through to the right people on the job. Runscope monitors APIs for availability and correctness. Combined together with this new integration, service issues detected by Runscope are routed to and handled by your existing xMatters’ communication plan.

Integration in a Snap

Connecting Runscope to xMatters is easy with the new xMatters Integration Platform. Once the xMatters has been configured to accept Runscope API test result webhooks, you just need to enable the webhook notifications in one or more of your Runscope test notifications. The Integration Guide has complete setup details.

With the xMatters integration, notifications about test results can be sent to groups or individuals. Team members can respond with “Rerun”, which will trigger another test run in Runscope and ends the event within xMatters. xMatters can also create FYI events to notify groups or individuals when Runscope detects a Live Traffic Alert. The notification includes a link the recipient can click to view the details and acknowledge the notification.

Let the Right Teams Know About API Issues Today

Runscope customers can begin integrating Runscope monitors with xMatters today. If you aren’t already monitoring your mission-critical APIs, sign up for Runscope for free today and see how you can solve API problems faster with API monitoring connected with xMatters. Learn more about the integration on the xMatters blog and check out the full announcement.

Categories: announcements, howto, integrations, testing, monitoring, product

3 Things Nobody Told You About API Development

By Ashley Waxman on .

Many factors in API development are brought to light after development is done: documentation, testing and caching. However, in order to develop APIs successfully and have an easier time maintaining and iterating on those 3 things, it is critical to include them in the development stage, and not as an afterthought. We recently sat down with Phil Sturgeon, author of Build APIs You Won't Hate, to debunk some of the misconceptions around what to include in development vs. post-production. 

In the video below, Phil explains how and why to include building tests, documentation and caching during the build phase of the API lifecycle. This video covers: 

  • A pragmatic approach to ensuring that your API solves real problems
  • Methods and tools for including documentation, testing and caching in the API development process
  • Basic principles of API design

You can start including API testing in your development process today by signing up for Runscope for free. Easily import your tests from the work you've done in Swagger and experience better test quality and coverage. You can also stay in the loop on discussions around API development by joining Phil's Slack channel

Categories: community, testing, webinar, api ecosystem

This Fortnight in APIs, Release XI

By Ashley Waxman on .

This post is the eleventh in a series that collects news stories, helpful tools and useful blog posts from the previous two weeks and is curated lovingly by the Runscope Developer Relations team. The topics span APIs, microservices, developer tools, best practices, funny observations and more.

For when you’re finally able to commit this Valentine’s Day weekend:

If you operate a CI/CD process, you’re likely making multiple commits a day. But how much thought do you put into your commit message? In the article The Art of the Commit, David Demaree explains what goes into a good commit message, and how taking a little extra time to craft a good one that reads like a headline can save you headaches in the long run.

For when it’s February and you still haven’t started on your New Year’s resolutions:

For a “micro” service, it can be an awfully big undertaking to make the move. Fortunately, Matt Ryan’s blog post, Microservices—When to Start, explains how transitioning from a monolith to microservices architecture actually has a few advantages over starting microservices from scratch. If you’re scratching your head over how to get started when you’re sitting on a monolith, this post is for you.

For when a monolith is worth a thousand microservices:

Once you’re ready to start migrating from a monolith to microservices architecture, planning for scale is a critical component, since microservices allow rapid scale. In this article, Vivek Juneja provides diagrams and walk-throughs of architectural patterns and 3 dimensions of scalability, including testing, monitoring and deployment.

For when real beauty is on the outside:

With most technology, the focus tends to be on backend systems and development. In a refreshing turn, this InfoQ article looks at the needs and implications for UI design in microservices architecture. The summary of Stefan Tilkov’s microXchange talk, “Wait what? Our microservices have actual human users?” debunks several assumptions, like “backend for front-end” patterns and that channels matter. He argues that we need to include UI planning as a key part of building out microservices in any organization.    

For when there’s more to testing than meets-the-(C)I:

Testing and monitoring are often discussed in different camps, but they’re more related and intertwined than you think. Our latest blog post explains how incorporating API testing into your development process enables easier monitoring by running all the tests you built (during development) in production. We explore 3 Benefits to Including API Testing in Your Development Process (plus the chance to get a free copy of Phil Sturgeon’s book, Build APIs You Won’t Hate!)

For when you need to teach an old dog new tricks:

Refreshing legacy code and systems will make even the most accomplished developer a little nervous. Fortunately, GitHub recently released Scientist 1.0, an open source Ruby-based tool to mitigate those fears. In this article in The New Stack, TC Currie explains how Scientist works and how you can use it to bring large amounts of old code into new formats confidently.

For when you remember that you need people to build technology: 

It's easy to look at technology improvements or infrastructure change as individual components, but those changes are part of a larger shift that requires an entire team (and organization's) buy-in. Ron Miller explains how "every company is a software company" in Digital Transformation Requires Total Organizational Commitment. This article explores how many companies in the past several years have attempted digital transformation with a "labs" arm of the business, but moving progressive ideas from labs to the greater org is still a challenge requiring more than just engineers to be on board.

Notice something we missed? Put your favorite stories of the past fortnight in the comments below, or email us your feedback!

Categories: api ecosystem, this fortnight in apis, apis, community

Everything is going to be 200 OK