Tools to use in API development

Photo by Girl with red hat on Unsplash

If you are developing an API or consuming one, at some point you are going to need a tool to test the functionality of said API. In this article, we are going to explore some of the tools I use when developing any solution that involves an API, explain how they work at a high level, and how to use some of the functionality.

Before we start testing our API, we have to define what it is. An API (Application Programming Interface) is a software intermediary that allows two applications to talk to each other and provide an accessible way to extract and share data within and across organizations without knowing anything about the technologies or architecture used to implement it. Most modern applications use APIs to present data to their users or to share data with other services like payment or location services.

The modern API has taken on some unique characteristics that have truly transformed the technology space. First, modern APIs adhere to specific standards (typically HTTP and REST), which enable APIs to be developer-friendly, self-described, easily accessible, and understood broadly. Additionally, today, APIs are treated more like products than code. They are designed for consumption for specific audiences (e.g. mobile developers), and they are documented and versioned in a way that enables users to have clear expectations of their maintenance and lifecycle.

With that said, after you start developing an API you have to ensure that your actual server is responding as expected, you can test this implementing request tests on your code but if you want to have an extra verification step you can test some endpoints using some of the testing tools that are going to be presented in this article. On the other hand, if you are consuming an existing API to integrate it with your application, it is a good idea to get it to work first with the testing tools, and when you fully understand how the request is actually made and what it needs you can translate that to code into your application. An important side note to API testing tools is that if you are simulating a front-end communicating with a back-end, there might be some differences in behavior when you implement the code on your front-end, this is caused by restrictions put in place by the browsers that block or limit what you can access for any request made. Remember that these testing tools act more like a server to server communication where there are no restrictions. With that out of the way let’s move into some tools.

The first and most popular tool for API testing is Postman. The tool can be very complex in its functionality but it is very beginner friendly and easy to use for someone that just needs to quickly test some endpoints. The main functionality can be seen in the following image and I will explain it as simply as I can.

Postman Interface

The main field that we are interested in is the URL field (blue section), where you can type the API’s URL and select the HTTP method that you are going to use to reach the endpoint. You also can add some headers, depending on the configuration of the API, like authorization or custom headers, and depending on the HTTP method that you are using you can also set a body in the format that the API is expecting(usually JSON) (green section).

On the right side, you have a panel that contains a very useful functionality for new developers or if you are trying to debug a faulty request, that is the code snippets section (yellow section), where you can select your language and it will show you the piece of code that you should use to make the request from your application.

On the left side, you have the option to create collections and save your requests (red section), these are mostly for organization purposes, but if you are working with a team you can create your requests, and once they are confirmed that work, save them to a collection for the other developers to be able to see them.

Finally, you can also set variables (magenta section) to use most when writing URLs or headers, to use them without actually typing the whole thing, this is very useful for things like tokens and really long ids that might be prone to errors when typing them manually.

Photo by Cesar Carlevarino Aragon on Unsplash

Now that we saw a tool to send requests to APIs let’s now see one to send responses to an API. Beeceptor is a website where you can configure endpoints and the response you get from those endpoints can be configurable. There are many aspects that can be configured for the response like status code, response body, response body for each status code, response delay, and headers among others. This tool is very useful to test that your API is handling responses as expected or when you are working with an integration, and you don’t have a sandbox environment to test against (for example when integrating a CRM or payment service), you can mock the service in Beeceptor and test your APIs flow after it gets the response.

So far I have shown you ways to test REST APIs but there are ways to test other types of APIs that can be very useful when using different kinds of services. SOAP services can be tested using SOAPUI, which is similar to Postman and it can be used to test REST services as well but it is the goto application to test SOAP. As for GraphQL, there is a tool called GraphiQL where you can build your queries or mutations and check the response that the API sends back. I’m not going to go in-depth about these tools but if you want to learn more feel free to go to their documentation, links will be in the references section.

The last tool that I want to talk about is a very interesting one because it will expose the API that you are running in your local host to the internet making it accessible by any service that you are trying to integrate for testing purposes. The way it works is that it runs a server in your computer that connects to the Ngrok servers and it will give you a URL for you to set up in the service that you are going to integrate, when said service sends a request Ngrok server will redirect that request to your locally running server acting like a bridge between the internet and your computer. The only limitation that I have found so far when using Ngrok is that since it uses redirection as the response for the requests, some services don’t like that so it will not work for those kinds of services. If you want to know more about Ngrok you can go through their documentation, the link is in the references section.

The last thing I want to share with you is a concept that many servers use to deliver requests to your application, and that is a reverse proxy. A reverse proxy is a server that sits on the network edge, so all the requests have to go through it, intercepts, and then send it to the right server to be processed. When the processing is done then the reverse proxy reorganizes the request and sends it back to the origin. So for a customer, it may look like you are interacting with a single instance of a service but in reality, the reverse proxy is communicating with several services to get the request processed.

That is all that I wanted to share with you about what I use to test APIs when developing them. Thank you for reading this article, I hope you found it useful and if you liked it give a clap and follow me to get notified every time I publish a new article.

References

• https://www.mulesoft.com/resources/api/what-is-an-api
• https://beeceptor.com/
• https://learning.postman.com/docs/getting-started/introduction/
• https://www.ibm.com/docs/en/rsas/7.5.0?topic=standards-soap
• https://www.soapui.org/getting-started/
• https://github.com/graphql/graphiql
• https://ngrok.com/docs
• https://www.cloudflare.com/learning/cdn/glossary/reverse-proxy/