Runscope API Monitoring    Learn More →

Posts filtered by tag: best practices

5 Steps to API Monitoring Success

By Ashley Waxman on .

Whether you’re using APIs to power your infrastructure like Omnifone or your apps like Syncano, you need tools and processes in place to make sure those APIs are running smoothly at all times. To stay on top of things, you’ll want to make your APIs aren’t just up, but are also running at top speed and returning the correct data. We’ve shared with you the 6 biggest API testing mistakes you’re probably making and how to fix them, which is a great place to start. API monitoring is essentially just running API tests on a schedule, so once you’ve got that foundation down, here are 5 ways to make sure you’re effectively monitoring your APIs.

1. Monitor your APIs frequently

This first one may seem like a no-brainer, but it’s important to reiterate that APIs are dynamic and have a lot of dependencies—monitoring them on a consistent, continuous schedule is critical to getting an accurate view of API performance. Doing occasional synchronous testing is great for debugging, but you need to capture data flowing through your APIs constantly in order to spot trends and asses API performance. Of course, syncing those test schedules up to the notification channel your team uses, like Slack, PagerDuty and HipChat, will ensure that when your tests do catch a failure, you can dive in and solve the problem immediately.

2. Monitor key API traffic in production

All kinds of unpredictable things can happen in a production environment, triggering random or intermittent problems, which is why production monitoring is so important. This is especially true in the case of transactional APIs. Take, for example, when a customer is in your app putting a charge through a payment API, creating a new lead in a CRM or sending an email to a lead. If an API fails in these circumstances—a credit card payment returns an error and doesn’t go through—you need to be able to detect that error as soon as it happens, before your customers leave your app, losing you revenue. Unfortunately, these types of API calls cannot be simulated, and proactive API monitoring won’t catch them.

Real-time API monitoring logs live API traffic and alerts you of key API transaction failures and anomalies for the APIs you rely on most, whether they’re yours or third-parties’. You can learn more about real-time API monitoring in our free live demo of Runscope Live Traffic Alerts tomorrow, November 3 at 10 a.m. PT. UPDATE: This event has passed.

3. Monitor third-party and partner APIs

Oftentimes, apps and services today rely on partner or third-party APIs to provide a key feature or functionality, like geolocation or social sharing. While you may be monitoring your own APIs, are your partners monitoring theirs? Be sure that those third-party APIs that your apps depend on are living up to your expectations by incorporating them in your API monitoring practices. Companies like uShip, whose main channels for their product involve key API integrations, have a large proportion of their API tests devoted to partner and third-party APIs. When your app breaks, your customer doesn’t know that your partners’ API is the one that’s broken. Monitoring third-party APIs keeps your partners accountable and your customers happy.  

4. Monitor for API correctness

An API may be up and running fast, but if it’s returning the wrong data, then all your customers see is a broken app and a bad experience. Data validation is an important part of holistic monitoring. By adding assertions to your API monitoring solution, you can drill down to the data level and make sure your APIs are returning the data you expect. Assertions allow you to specify expected data in the response to a request made in a test run. When a test is run, the outcome is determined by whether or not all the assertions pass.  

5. Get a complete performance picture

You also want to check that your API is performing up to speed. It is just as important to identify slowly degrading performance—from intermittent error counts to increases in latency—as it is to know when the service is down entirely. These trends can help you address more complex issues with your API, such as database or hardware related issues, early on, before your API comes screeching to a halt.

See how you can tie all of these best practices together to keep your team in the loop about API issues before your customers notice in our latest webinar, below. Then get started with Runscope for free to cover the bases of API issues and solve problems fast.

Categories: community, howto, monitoring, product, webinar

6 Common API Testing Mistakes (and How to Avoid Them)

By Neil Mansilla on .

If you work with APIs in your day-to-day, then you’ve probably experienced this scenario: you put in several hours to create tests for all your services, and then plug them into your workflow, but somehow you still aren’t aware that your APIs are failing. Either a customer tells you before you find out, your team can’t triage an API issue fast enough, or your tests are passing but your apps still break. If you’ve encountered any of these headaches, the problem may be your process around building and maintaining your API tests. We’ve identified six API testing mistakes that engineers, API developers, QA testers and DevOps teams alike have made so we can help you solve those problems and build better APIs together.

1. Building tests that don’t represent real functional use

It’s easy to set up tests that verify independent services and endpoints, and then call it a day when they all pass. Test Inventory API, check; test Shopping Cart API, check; and so on. However, your end-users are likely consuming these methods in conjunction with one another, not independently. Building tests without considering how the APIs will be consumed may be quicker in the short-term. However, in doing so, you won’t be testing across concerns, which could prevent you from uncovering and debugging potentially serious API issues.

In traditional software testing, tests built across multiple units or functions are called integration tests. Building integration tests for APIs can be easier than you think. Take a typical retail API scenario. We’d test some inventory/SKU management resource methods along with a shopping cart resource method, like this:

  1. GET /items (fetch a list of items)

  2. POST /items (create a new item)

  3. GET /items/{itemId} (verify existence of newly created item)

  4. POST /cart (add this new item to the shopping cart)

  5. DELETE /items (remove the item)

  6. GET /items (verify that the item has been removed)

Each of the APIs used in the above scenario may work when tested independently, but without testing the entire flow, you cannot be sure that they are working together, as intended.

2. Leaving out response time assertions

API tests can be built to check for any number of variables, like status codes and response content. Those pieces may be vital for checking method correctness, but what if an API request is taking 10 seconds to respond? Does this test still sound like it should pass? While often overlooked, response time assertions are a quick but necessary addition to any API test to make sure all your boxes are checked when it comes to a complete end-user experience.

Set up response time assertions that are reasonable and represent how long you or your developers think it should take. If you start at a high threshold, you can easily scale down and see what works for that particular request. A high threshold response time assertion is far better than nothing, particularly when testing production endpoints. An app that takes too long to load can send your consumer off to the next app.

3. Not including API dependencies

Traditional software integration testing involves testing separate units of code together, ensuring that they operate consistently and reliably, together. With modern applications that depend heavily on web services, it is commonplace to rely on web services that live outside of your four walls. Therefore, testing only your own APIs doesn’t give you the whole picture of how your app will operate in the real world. Your API is a product that depends on partner services, and if any of those services fail, your API could also be failing to your customers.

A good rule of thumb: If your product relies on it, then you should test and monitor it. Third-party integrations can be just as valuable as your own APIs, and if your app or service is broken, your consumers won’t know (or care) about whose service is failing.

4. Testing APIs in a vacuum

Building API tests can be a bit of a solo act, but the minute a test is in your workflow, you need to bring in the appropriate teams for when issues do occur. API tests don’t always fail for the same reasons and can impact a variety of stakeholders. Therefore, test failures require the attention of different teams in your organization. If you set up test failure notifications to go to just you, you’re adding time, effort and headaches to your workflow.

The minute an API test is added to your development or operational workflow, involve the right people via the notification channels they use most. Add notifications for the team responsible for remediating API issues by integrating your API tests with Slack, PagerDuty, HipChat and other tools to empower your whole team to solve API problems fast.

5. Ignoring intermittent problems

When your tests come back with 99.99% success, that measly 0.01% failure rate is easy to cop to minor blips that will recover on their own. Errors that occur infrequently and recover quickly become easy to ignore. However, by not digging into the root cause of intermittent problems, or worse, not realizing an increase in their frequency, you could be missing an opportunity to catch a systemic problem early on that may manifest as a much bigger failure later.

Going into traffic logs to debug these issues is an extra step, but it’s a step worth taking. Runscope logs all the API traffic that runs through your tests and allows you to compare requests and results side by side so you can debug intermittent problems quickly, and avoid potentially serious future problems.

6. Managing everything by hand

With so many dev tools out there helping you automate your workflow, there’s no reason to keep creating API tests manually. Doing this work by hand can be cumbersome and take time away from other important work. One way to streamline your test creation process is by importing the work you’ve done in tools like Swagger or importing HAR files. In Runscope, these definitions and files can instantly be turned into API tests.

If you manage large test suites or have complex multi-step tests, break free of the UI and launch your IDE. The Runscope API allows you to programmatically read, create, modify and schedule large numbers of complex API tests and puts test automation and management in your hands.

Start Testing the APIs You Depend On

With these best practices in your arsenal, you’re set to begin testing the APIs that power your business. Sign up for Runscope to start testing your APIs today. You can also join us this morning at 10 a.m. PT for our free live webinar, Getting Started with API Monitoring. [UPDATE: This webinar has passed, but you can watch the recording.] We’ll show you how to create your first API test, notify your team when tests fail and more. If you can’t make it, stay tuned for the recording!

Categories: apis, howto, testing

5 Post-Launch Steps to Make Your App Successful

By Neil Mansilla on .

This post originally appeared on the Build Blog by ThinkApps

So you’ve designed, built and launched your app. Before you pat yourself on the back and move on to the next project, your work isn’t quite done. In order for your app to gain adoption, consistently delight users and be successful for the long haul, you need to put certain systems and workflows in place. Great apps are successful for many reasons—they evolve, exceed customer expectations and function reliably. Making your app great doesn’t have to be difficult, if you have the right tools. We’ve compiled a list of five tool-tips to help you—and your app—be awesome.

1. Tune in to your community channels

When your users encounter a problem or have a question, they won’t necessarily reach out to you directly. Users often post issues to Twitter and Stack Overflow when they’re looking for answers, or sometimes vent about unaddressed issues on a blog. We use tools like IFTTT, Zapier and Google Alerts to monitor the web and social media for certain keywords related to our product. We pipe these results into Slack to get instant notification in the channel we use most. By taking the time to set up these systems outright, we have confidence that we’re in tune with our community and can stay on top of what’s being said about our product so we can engage accordingly.

2. Ask for feedback, not just ratings

Most people believe that users love their app. Do you? Have you ever asked? It can be difficult to engage your users without the proper tools, and feedback is key for building on success. For native apps (mobile and desktop), tools like Apptentive make it super easy to understand customer sentiment. All you have to do is drop in the SDK and insert a few lines of code, and you’ll be able to survey your users to find out how they really feel about your app in no time. Just make sure you make that information actionable by using it to help inform future iterations and updates.

3. Use notifications wisely

Notifications, be they mobile push notifications or emails, are a great way to remind users that they should be using your app. But it’s important not to spam your users with every event that you believe is valuable. So where do you draw the line?

For business applications that have a large number of notifications, provide a simple interface that allows your user to toggle each type of message on or off. For lighter weight apps, do research and experiments to find out which events mean the most to your users, and at what time they are most contextual or valuable. 

For mobile apps, platforms like Urban Airship and Parse make it very easy to send notifications to just a few or a large number of users. For sending email, use a trusted provider for high reliability and deliverability, such as SendGrid or MailChimp. These tools have analytics and recommendations baked in to help guide you in the right direction and leverage the data accordingly.

4. Test your UI

Bad experiences can happen to any website for various reasons—a server was unavailable, a network connection was lost or maybe someone really did forget to bundle in a library or file on the last code commit. A new generation of tools make web UI testing a lot easier for non-testing professionals, like Ghost Inspector. You don’t have to write any scripts or a single line of code.

The Ghost Inspector browser extension can record clicks, form submissions and more, allowing you to create tests simply by using your own web app in the browser. Once a test is created, you can run it continuously on a set interval, so that if your web app isn’t rendering and operating exactly as you expected, you’ll receive notifications via email, Slack or PagerDuty. Additionally, Ghost Inspector automatically records video and screenshot of every test run, so you can see exactly what your users experience, have a record of it and debug the problem.

5. Monitor the APIs on which your app relies

More and more, apps rely on APIs to integrate data and functionality into one unified interface. Whether the APIs your apps are consuming are home-grown or from another service provider, it’s important to know that all of them are not only up, but also operating as expected. Runscope keeps you informed of any API issues you deem important, including issues involving uptime, latency and correctness (that the API is returning the right data).

Like Ghost Inspector, you don’t need to know any code to use Runscope. API tests run in the cloud from up to 12 locations around the world, so you know how your API is performing everywhere your users are. With integrations into some of the most popular channels, including Slack, PagerDuty, HipChat and more, you and your team can get real-time notifications via the tools you use most. Once you’re ready to dive into an issue, Runscope provides unparalleled visibility into the traffic running through your API, providing the entire response body data and ability to share test results with partners or teammates in one click.  

Coming up with a great idea and building your app is just the beginning. To make and keep your app successful, you must always be conscious about how you can improve upon it—and you can only do that if you’re measuring and monitoring key metrics. Luckily, there are many tools available for app developers like you to monitor customer sentiment all the way to monitoring APIs. Putting those monitoring systems in place allows you to keep a pulse on your app to keep it successful in the future. Many of them offer free trials to get started—sign up for Ghost Inspector and Runscope today to ensure that your app's success lasts. Or sign up for both and save!

Categories: api ecosystem, apis, ghost inspector, community, howto

Everything is going to be 200 OK®