API tests can be triggered locally and in the cloud. This guide describes the output generated by both types of test runs.
Local runs
When an API test runs locally, its output is captured in a local run output window and does not persist inside the mabl app.
Example of local run output for an API test.
You can find the following types of output from a local API test run:
| Information | Example |
|---|---|
| Step description |
Get list of usersGET {{@api.url}}/posts
|
| Request method and endpoint | GET https://api.example.com |
| Status, response size, and API response time | [200 OK, 284B, 277ms] |
| Assertions | Passing: ✓ Total users equals 12Failing: - Status equals 200 [FAILED] expected response to have status code 200 but got 503
|
| Console log statements | | New user's ID is 1234 |
| Errors | Unexpected token '<' at 1:1 ^ |
Cloud runs
When an API test runs in the cloud, its results are captured in the test output page.
Note
There is no live view for API tests. When you trigger an API test in the cloud, the test executes to completion and then the results are shown.
Results summary
Failed API cloud runs include a Results summary. Use the failure analysis as a starting point for investigating why the test failed.
Step details
The Step details view lists detailed information about each API request in the test:
- Request details
- Response details
- Assertions: Indicates the status (pass/fail) of each assertion for a test step
- Console logs: If you are running a console log statement in a script, it appears in this tab.
- Errors: Error messages for failing steps appear here.
Reviewing individual steps in an API test run
Masking sensitive data
To avoid accidental exposure of secrets, the values of sensitive properties and headers are replaced with a ***** placeholder. If you want to view the masked values in a specific tab, you can click on the Show icon in the upper right corner.
Click show to reveal values of sensitive properties.
When sensitive values are revealed in that particular tab, the Show button changes to Hide. To mask values again, click on the Hide button.
If you navigate away from a tab where values are revealed and return to it later, the values will be masked again when the tab is reopened.
Sensitive values that are being masked
- authorization
- proxy-authorization
- access_token
- refresh_token
Note that names are case-insensitive.