When an enterprise exposes its APIs for internal or external consumption, application developers (both internal and external) write applications using these exposed APIs. Before the API is embedded within an application, it needs to be tested in order to make sure that the API can be successfully adopted. SmartBear’s Ready API! is an API testing tool widely used for this purpose. The WSO2 API Manager plugin, developed in partnership with SmartBear, allows seamless integration between the two products allowing application developers to work with the Ready! API platform to test APIs exposed via WSO2 API Manager.
This tutorial explains how to integrate Ready! API with WSO2 API Manager and then test APIs that are exposed in the API Manager. It also explains how Ready! API can be used to generate OAuth 2.0 tokens with different grant types and the benefits this integration can bring to an application developer.
This tutorial uses the
PhoneVerification API, which is created in section Create and Publish an API.
Installing the WSO2 API Manager plugin in Ready! API
Ready! API supports WSO2 API Manager versions 1.8.0 onwards. Ready! API 1.7.0 has been used in this guide.
- Download and run Ready! API.
- Click the Plugins button shown below to open the the Plugin Manager.
- Browse the plugin repository, locate the WSO2 API Manager plugin for Ready! API and click Install/Upgrade Plugin.
- Click Yes on the confirmation message that appears.
Let's test an API exposed via WSO2 API Manager.
Testing APIs using Ready! API
- Run the WSO2 API Manager server.
Run Ready! API if it's not already open.
If you are using a self-signed certificate with WSO2 API Manager, you need to explicitly configure Ready! API to trust this certificate. Click File > Preferences and then select the Internal Browser tab. Select the Trust the self-signed certificate check box and click OK.
- Start by creating a new project in Ready! API. Click File > New Project.
- In the Description File tab, select the Import from WSO2 API Manager option and click Import.
On the dialog box that appears, enter the information of the API Store from which API information needs to be extracted and click OK.
It is possible to import APIs from tenant stores as well.
Project Name API Manager Project API Store URL https://localhost:9443/store/ API Store User Name admin API Store Password admin API Manager Version 2.0.0
- Select one or more APIs from the list of APIs available in the API Store and click OK.
Your project is created and the required APIs are imported to Ready! API.
- Select an API (e.g. PhoneVerification) and expand the API to see all the HTTP verbs associated with it. Select the require HTTP verb (e.g. GET) to test the API.
Any query parameters that were added when creating the API in the API Manager appear here. You can also add your own resource path or query parameters to test the API.
- To add your own parameters, click the Parameters field and then click the Plus icon.
- Enter the required information for the API (e.g. 18006785432 as the phone number).
Once all the required information is added for the API, you need to add the API OAuth 2.0 token to invoke the API. Click the Auth tab at the bottom of the screen.
You can either get a test access token from the API Store or use the inbuilt OAuth 2.0 access token generation option. In this example, the inbuilt token generation option is used.
The inbuilt OAuth 2.0 access token generation option allows an access token to be generated with different grant types, which can be used to test the key generation process of WSO2 API Manager without requiring an application to perform the OAuth 2.0 key generation. This option can also be used in cases where you want to test access to different HTTP verbs and resource paths using different types of scopes and API keys.
- In the Auth tab, click Get Access Token.
On the dialog box that appears, enter the following information.
OAuth 2 Flow - You can choose from different grant types to generate your token. In this example, we have used the Client Credentials Grant type.
Client Identification and Client Secret - Get these values from the API Store. Browse to the application that the API being tested is subscribed to (e.g. DefaultApplication) and copy the values from the Production Keys tab.
Access Token URI - Provide the URL of the access token endpoint of the API Manager. By default, this URL is
Scope - Define the scope under which a token should be generated. If you have not defined any scope restrictions when creating the API you can leave this blank.
- Once done, click Get Access Token.
- The access token is retrieved from the server.
- Now you can invoke the API by sending the request. The response is displayed as shown below. If you encounter an error, make sure that the values given for the endpoint, resource and parameters are correct.
You have successfully tested an API.
To use the access token taken from the API Store,
- Login to the WSO2 API Manager Store and browse to the application that the API being tested is subscribed to (e.g. DefaultApplication).
- In the Production Keys tab, generate (or regenerate) a test access token and copy it.
- Go back to the Ready! API, paste the access token for the API and send the request.
- The response is displayed as shown below. If you encounter an error, make sure that the values given for the endpoint, resource and parameters are correct.