When you have finished configuring your API, Scheer PAS API Management allows you to test your implemented configurations.

Testing of API configurations is only possible with REST APIs that are coming with an OpenAPI Specification.

There are slight differences between the testing of a public API and the testing of a private API:

  • Private APIs are only accessible for known consumers, called clients in API Management context. For Private APIs, a contract must be created between the client and the API it wishes to consume. If you want to test a Private API, you need to test it via one of the created clients.
  • Public APIs can be invoked by any consumer. However, API Management still allows to restrict access to Public APIs by adding policies.

While testing, you can check if the API is invokable. If you have configured policies for an API, you can also check if these policies are applied correctly.

API Definition

To test an API with API Management, you need to provide an API definition in Swagger format. For more information on API definitions, refer to Managing APIs > Definition.

If the API has been imported from the API Catalog, the definition file should have been added automatically.

If you have added policies to your API setup, you may have to add some information to the API definition file, e.g. regarding tokens that need to be supplied.

Testing the API

The process of testing itself is the same regarding public and private APIs. However, how to access the test page within API Management differs.

On this Page:

Related Pages:

Related Documentation:

Test Page of Public APIs

If you want to test an API marked as Public, you need to open the details page of the API. Open the sidebar menu and select All APIs from menu item APIs:

On page All APIs lookup the API you want to test and click on its name:

The details page of the API opens. If the API has a definition file linked, a link View API Definition is displayed:

Click this link to open the API Definition in test mode.

Test Page of Private APIs

Open the detail page of a client and got o tab APIs. In this tab you will find a list of all APIs the client consumes.

Click Try-It-Out on the API you want to test.

Testing

You can use the Swagger UI to make test calls to your service. Click on the method you want to test and use the Try it out button.

For more information about the functions of the Swagger UI, go to the Swagger homepage.

You can also use the API Developer Portal to access the Swagger UI and make your test calls (refer to chapter Developer Portal for further information).

Click on the button API Documentation which you can find on an API tile...

...or on the details page of an API.

Testing the Application of a Policy

You can also test policy application using the Swagger UI. Assume that for the current API (SupportManager in this case) the Ignored Resources Policy has been added. Consumers of the API should not be able to execute GET /supportcases /*:

To test if the policy is applied to a call, try to test the ignored resource.

If everything is fine, an HTTP 404 error is displayed in section Server response.

The Response body shows the error message "Requested path \"/supportcases\" has been ignored.". Thus, the API has been invoked and the Ignored Resources Policy has been applied to the call as intended.


  • No labels