Anatomy of a Dying API

It's as inevitable as death and taxes. At some point, previously stable APIs start to throw performance errors and generally degrade. This can manifest in a number of ways: The API starts to have more failures. There are more time outs. It gets slow for no apparent reason. There are many reasons for this, from an inattentive dev group to older equipment being used - but the net result is the same. For us here at APImetrics, it's interesting to see how our CASC (Cloud API Service Consistency) Score relates to a company's decision to depreciate the API (sunset the [...]

By | May 1st, 2017|Summary, Support|0 Comments

Are You Monitoring Your API Security?

by Marcelo Graciolli licensed under CC BY 2.0 There are many ways to monitor API security on the web. Some APIs might have no security – you can make a simple HTTP call and get an answer back – but if for whatever reason the data is protected or monitored, it's normal to have some form of API security. This typically takes one of two major formats – an API key, or OAuth authentication. Things get very interesting with OAuth. With OAuth 2, you can set up a scope to allow access to only certain API resources. So [...]

By | April 27th, 2017|Sectors, Support|0 Comments

Everything You Need to Know About the APImetrics CASC Score

One of the things about APIs is that they're complicated. There's a lot of things that can and do wrong. So there are many metrics that we measure for each API. That's why we came up with the CASC Score as part of our APImetrics Insights analytics package. CASC stands for Cloud API Service Consistency. What is a CASC Score? Simply put, you don't want to know just that your API is performing. You also want to know HOW it is performing. Our CASC Score is a number between 0 and 1000 that tells you how well an API performed [...]

By | April 21st, 2017|Summary, Support|1 Comment

Cookie Authentication

We support Cookie Authentication using the Post-Conditions section of a test, in conjunction with a multiple-test test run. The general idea would be a test run with the follow: Call an API which creates the session In the Post-Conditions, extract cookie value in post-conditions Call other tests, add a header using the custom variable from (2). For example, if your API returns a header: 200 OK Set-Cookie: ASP.NET_SessionId=zw4ixeriskyukm5asrdh0nlv; path=/; HttpOnly … In Post-Conditions, add a variable under headers named COOKIE, with the following path: Set-Cookie|replace('; path=/; HttpOnly', '')   Then in the follow-on tests, add a header in the test [...]

By | March 10th, 2015|Feature updates, Support|0 Comments

Test Frequency – Deciding on your test frequency

One of the things that we are clear about is APImetrics is not a load nor stress testing platform.  We're focused on providing a close indication of the likely quality of the developer experience on REST based APIs.  Consequently, we actually don't test all that often, our default for our public tests is once every 15 minutes.  One of the reasons for that has been the behavior of some APIs with cached data in app queries.  Testing every 15 minutes in this case actually provides misleading good performance data. However, this isn't true for all APIs.  We're also testing the [...]

By | November 1st, 2013|News, Support|0 Comments