Syvizo

API Validator



This component provides features for testing APIs, setting up validations and run those validations as regression tests.


After logging in to the platform, select “API Validator”. You will need to have access to the API Validator module for this:





This will take you to the API Validator project’s dashboard and display the project on which you have access. You can open a project by clicking on “Open” button on the same row as project or create a new API Validator project by clicking on “+ Create” button on the top right of screen. 


To open the project, click on open button.


To delete the project, click on the delete button


Creating a new project from this screen will create an empty project with no paths added. You will need to add paths into the project. The paths do not need to be from single API or they can even be from an API that is outside of the platform.


If you open API Validator from context action menu from either API Design Studio, API Flow Manager or API Collaborator, you will be taken directly to the API Validator project corresponding to the project context if the API Validator project exists already. If the project does not exist, a new API Validator project will be automatically created with paths and methods from the API specification as initial project and it can be altered as required.



Testing APIs

On the API validations component, the left most menu is context action menu. This is for the contextual navigation between components of Syvizo API Platform. This is covered in the Introduction section.


The menu for API Validator is next to the context action menu and contains 4 sections. 

  • Test API
  • Environments
  • Validations
  • Test Sets


Test API

The Test API section provides functionality to test APIs. You can create request by adding parts of the request such as headers, parameters, request body and authorisations.


If you have navigated to API Validator from context action menu from other component o the platform, you can see that the API Validator project would be created with the paths and available methods in the project. If you have created a new blank project, then the left menu will be empty and you can add paths and methods from scratch.

The paths and methods can be added to any existing project as well.


To add a new path, you can click on button next to the project name. It opens a dialog box to enter the path to be added. 


To add a method to the path, click on the button next to the path and it will add a new method under the path. Do note that the default method that is added is “GET” and it can be changed to any other method in the right panel.


The test panel on the right can have multiple tabs to test different methods. 

You can edit the method and domain or url to be tested.


The other parts of the request need to be specified in the tabs below the url box. Click on the tabs to provide values.

The param section has a table to enter values of the parameter names and their values. Optionally the description can be provided. To add more values, press tab on the last column of the last row and it will add a new row of the current last row is not empty. 


Similarly in the header tab, you can provide the names and values of the headers and optionally header key. To add more values, press tab on the last column of the last row and it will add a new row of the current last row is not empty.


Body section has different options for the body type:

  • No Body specifies that the request does not have a body to be sent. Some method types such as GET, HEAD, DELETE and TRACE. 
  • Form Data specifies that the request has key/value type of data. It represents data from an HTML form. You can provide key and value pairs in the given table. To add more values, press tab on the last column of the last row and it will add a new row of the current last row is not empty.
  • x-www-form-urlencoded specifies that the data is sent in encoded format to the server, and uses the same encoding as the URL parameters. 
  • Raw specifies that the data is to be picked up as entered in the box and sent to the server in the request body. The options for raw data are text which specifies any text, json specifies that the data is in json format and xml specifies that the data is in xml format. The option “Replace Environment Variables" is to specify if you would like to replace values in the request with corresponding environment variables. This is applicable only if there are any values in the request body that are enclosed in “${“ and “}”. More details on this can be found in “Environment Variables” section.



For most REST request you will use raw data type with json format.

  • Binary specifies that the data is in binary format. To use this, a file is uploaded and the file contents are sent to the server as body


Authorizations

Authorizations have following options and these are to be specified based on the API being called. Most APIs are implemented with one of these authorization types. You can find the type of authorisation needed in API documentation.

  • No Auth specifies that there is no authorisation is to be sent with request
  • API Key is most widely used authorisation type. If an API needs API Key as authorisation, you can specify the key name, key value and select if the key should be sent in header or in query to the server.
  • Bearer Token specifies that the authorisation details are being sent as a token. A token is a string of characters that represents the identity and permissions for the client. The client obtains the token from an authentication server.
  • Basic Auth specifies that a user name and password is to be sent as part of the request. Its simplest form of authentication
  • OAuth 2.0 is an authorization framework that provides a standardized way for applications to obtain authorization and access resources on behalf of a user, without needing to know the user's credentials. It is commonly used for authentication and authorization in modern web and mobile applications. OAuth 2.0 supports several authentication options or grant types. If the API server requires this authentication mechanism, you can provide the details in the fields in given screen


Once the request is sent, the response is obtained and the details are show in the lower part of the screen. 

  • status shows the status sent by the server
  • time shows the total time taken to send the request and receive response
  • size show the size of the response in kilo bytes
  • body is shown in the body tab if body contents are text based. In case the body contents are not text, they are not shown
  • headers list down all the header names and their values in tabular format
  • Cookies list down all the cookies sent by the server. The fields in cookies information are Name, Value, Domain, Path, Expires, Http Only, Secure