3 Ways to Fortify Your APIs to Make Sure They’re Battle Ready

  August 16, 2016

In this post we examine the impact of an outage of HBO’s live-streaming service, HBO Now, which took place in June during an airing of an episode of Game of Thrones. We’ll look at what teams working with APIs should learn from this incident, why API testing is important, and how to select the right tool for API testing.

On June 19th 2016 at 9 PM, Eastern Time, diehard fans of ‘Game of Thrones’ were waiting with great anticipation for the ‘Battle of Bastards’ episode to start streaming on HBO Now, but they were greeted with an error message on their screens.

DownDetector.com, the website that tracks outages across the internet, reported more than 15,000 complaints during the period.  Something had gone horribly wrong with the streaming service at a time when millions of viewers had stopped their daily lives to watch what may have been the most anticipated episode of the popular TV series. Their excitement turned to fury when the episode finally started mere minutes before it was actually scheduled to end.

Tweets from fans like “Dear #HBONow I will accept a full refund or a month free - you decide @HBO #HBOfail indicate that customers closely associate the money they spend to the value they expect from a service and — especially so in the digital age — they judge the brand through the timeliness and quality of the service it provides.


Make sure your applications are “battle ready”

This likely isn't the first story you’ve heard about a prominent application failing, right at the time when performance was most important. We see high profile examples of software outages all the time, and often it’s because these applications are not battle ready.

In today’s connected world, fortifying your application also means fortifying the APIs that power it. When an API falls, your application falls with it. This includes testing critical APIs completely. A big part of this is choosing the right tools and ensuring that these tools are built into the API test processes from day one, and also confirming that these tools scale with the team and its vision.

Here are three steps you can take to fortify your APIs:

1. Put API testing on the Front Lines

Comprehensive testing often takes a backseat in the development and operations process — quick development and verification of REST and SOAP APIs, and their integrations is preferred. Developers frequently end up testing from the command line, using code snippets, or online testing and browser add on tools like LoadImpact and Postman.

Although this practice bodes well for the initial sanity testing of the API, allowing it to take hold in the broader quality assurance process can be detrimental to the long term success of your application. Bugs will reappear, major performance issues will not be discovered, and security loopholes will remain a consistent threat for your valued customers.

2. Arm Yourself with the Right Tools to Protect Your API

Fortifying your APIs starts with arming yourself with the right API testing tools.

Rather than using light weight tools, primarily used for the purpose of development, teams should look at comprehensive testing platform as an ally to develop successful applications. Without it, the team sets course for ultimate defeat in the battle it will face in the future when their application is successful and peak performance is desired.

For years now, open source SoapUI has been the favored testing tool for developers, testers and managers alike. Teams seeking a more exhaustive test coverage quickly move beyond SoapUI to the Ready! API framework that enables functional, performance, and security testing for your REST, SOAP and, JMS APIs. It prepares you for a win in the battle and the greater war for customer loyalty and trust.

3. Save Your Resources and Conquer Your Testing Challenges

Comprehensive and scalable testing should not be an afterthought; rather it should stand with the primary tools that the team uses. If you’ve been using a light weight API testing tools, you may be worried about losing the work you’ve already invested in setting up API validations. The good news is you can make the most of those resources by importing lightweight functional API tests, collections from a tool like Postman into SoapUI.

When you’re ready to move beyond baseline inspection tools, we have made it extremely easy to create functional test cases from URL endpoints, and to import any collections you created from your Postman runs into SoapUI. For more details, read this tutorial on importing Postman collections into SoapUI.

Fortify Your APIs

HBO has a solid reputation for phenomenal original content, and until this episode HBO had never gone through a major technology systems failure, but one incident put an ugly dent in that impression.

Don’t put your application and API performance at risk. SoapUI is an API testing tool that offers a free, open source version as well as a fully featured pro version with extended functionality. With over 9 million downloads, it has become the de facto standard for functional testing of REST and SOAP APIs, allowing users to quickly and easily create automated functional, regression, compliance, and security tests.

Download SoapUI now for free.