API Economy Boom

The API economy is proving to be big business with more than 10,000 APIs published in the last 18 months (according to the world’s largest API repository, ProgrammableWeb). If you’re not already leveraging APIs as a provider or a user, you’re missing out on the potential to improve your services, increase your customer base and customer engagement, raise brand awareness and raise your company’s overall valuation. Netflix is a fine example of a company that has benefited in all these ways and is now receiving an astonishing 5 billion requests to its public APIs every day.

APIs are also the cornerstone of the Internet of Things, set to be a $19 trillion business by 2020 according to Cisco. APIs are driving innovation from the inside out by supplying access to intellectual property, goods, services and new ways of working, in turn offering a competitive advantage to those businesses savvy enough to make them public. No longer merely a development technique, APIs have been elevated to an integral part of application infrastructure and an important business driver. It’s a complete reversal for business leaders who are used to closely guarding the secrets of their success, so it requires a change in mindset and strategy in order to get it right. An API-specific, manual and automated test strategy with effective protocols for handling glitches is necessary to ensure that both your internal business users and external API customers are getting the best possible user experience.

Putting APIs to the Test

When considering your API test strategy, you need to consider who your consumers are and what they will need from your API. That helps you plan your API Quality needs and create the right test plans and environments. There are several types of API testing – once you’ve identified your consumer’s needs, you can decide how much of each type of testing you need to do. The kinds of API testing you should consider are:

Functional Testing

Functional testing can be in the form of unit testing, exploratory testing, automation or test cases. Your basic goal with this type of testing is to ensure that your API does what you say it will do and handles error conditions gracefully.

Load Testing

When you make your API available to partners or external developers, you significantly increase the load on your API. Any third party application using your API impacts the performance of your API… and if any of those applications goes viral… well, the load can be substantial. Your partners’ success can drive your failure! Load testing your API ensures that you can withstand the increased usage and helps you identify where and when to throttle the traffic.

Security Testing

APIs can increase your revenue stream, leverage your brand, and encourage partnerships. But they can also leave you vulnerable if you don’t take steps to protect yourself. Before embarking on a security strategy, analyse things like the attack surface your API exposes, the content and format of your payload, how secure your endpoints are, etc. Running a series of security scans against your API will help expose any vulnerabilities and give you a chance to correct them before anyone can compromise your data.


Virtualisation isn’t really a type of testing but it is commonly used as a means to enable testing. Your partners need a way to exercise your APIs, load test their applications, run their own application security tests and create test automation frameworks. Isolating your production APIs from this activity will make them more stable and reliable for the applications using them. Creating mock services or virtual APIs for third parties to use as a sandbox will allow people to easily work with your APIs during the development phase.

Smarter than the Average Bear

API testing tools are still in their infancy but API specialist and Sogeti partner SmartBear offers some particularly good options, including functional testing, load testing, security testing and service virtualisation tools.

The API economy can fuel enormous growth and innovation, but with that innovation comes a responsibility for quality and security. Make sure that your APIs live up to your business goals by pushing them to their limits before pushing them to production.

Lorinda Brandon is Director of API Partner Development at SmartBear Software, the leader in software quality tools for the connected world. She has worked in various management roles in the high tech industry including customer service, quality assurance and engineering. Lorinda has built and led numerous successful technical teams at various companies, including RR Donnelley, EMC, Kayak Software, Exit41 and Intuit, among others. She specializes in rejuvenating product management, quality assurance and engineering teams by re-organizing and expanding staff and refining processes used within organizations. Lorinda is a strong advocate for women in IT, promoting the importance of closing the gender gap for upcoming generations. Follow her on Twitter @lindybrandon.

Posted in: API, Business Intelligence, Innovation, Internet of Things, Publications, Virtualisation      
Comments: 0
Tags: , , , , , , , , , , , , , , ,