Reviewing API tests

Reviewing the output of API tests triggered locally and in the cloud

API tests can be triggered locally and in the cloud. This guide describes the output generated by both types of test runs.

Local runs

When an API test runs locally, its output is captured in a Local Run Output window and does not persist inside the mabl app.


Example of local run output for an API test.

You can find the following types of output from a local API test run:

Step descriptionGet list of users
GET {{@api.url}}/posts
Request method and endpointGET
Status, response size, and API response time[200 OK, 284B, 277ms]
AssertionsPassing: ✓ Total users equals 12
Failing: - Status equals 200 [FAILED] expected response to have status code 200 but got 503
Console log statements| New user's ID is 1234
ErrorsUnexpected token '<' at 1:1 <!DOCTYPE html> ^

Cloud runs

When an API test runs in the cloud, its results are captured in the Test Output page.


The Test Output page



There is no live view for API tests. When you trigger an API test in the cloud, the test executes to completion and then the results are shown.

Review test run information

Click on View all to review information about the test run.

Review individual steps

Click on test steps to review detailed information about that specific API request:

  • Request details
  • Response details
  • Assertions: Indicates the status (pass/fail) of each assertion for a test step
  • Console logs: If you are running a console log statement in a script, it appears in this tab.
  • Errors: Error messages for failing steps appear here.

Reviewing individual steps in an API test run

Masking sensitive data

To avoid accidental exposure of secrets, the values of sensitive properties and headers are replaced with a ***** placeholder. If you want to view the masked values in a specific tab, you can click on the Show icon in the upper right corner.


Click show to reveal values of sensitive properties.

When sensitive values are revealed in that particular tab, the Show button changes to Hide. To mask values again, click on the Hide button.

If you navigate away from a tab where values are revealed and return to it later, the values will be masked again when the tab is reopened.


Sensitive values that are being masked

  • authorization
  • proxy-authorization
  • access_token
  • refresh_token.

Note that names are case-insensitive.

Learn more