Endpoint Validation and Testing
Validate endpoints against your spec with syntax, auth, schema, and performance checks—catch contract drift early with actionable reports.
Overview
Endpoint validation helps you ensure your implementation matches your contract. It’s the fastest way to detect:
- broken or drifting schemas
- missing status codes or response shapes
- auth and connectivity problems
- design/compliance issues your team cares about
Related: Endpoint import and discovery.
Validation types
- Syntax: URL and method correctness, parameter naming, schema syntax.
- Semantic: logical consistency, auth compatibility, appropriate response codes.
- Compliance: standards/security/documentation rules (team-defined).
Run endpoint validation
- Select endpoints to validate.
- Choose a validation profile (if your deployment supports profiles).
- Run validation checks.
- Review the report and fix issues.
- Re-run validation to confirm the fix.
Example report structure
{
"endpoint": "/api/v1/users/{id}",
"validation_status": "warning",
"checks": [
{
"type": "syntax",
"status": "passed",
"message": "URL structure is valid"
},
{
"type": "security",
"status": "warning",
"message": "Consider adding rate limiting",
"severity": "medium"
},
{
"type": "documentation",
"status": "failed",
"message": "Missing response schema for 500 error",
"severity": "high"
}
]
}
Connection testing and verification
Verify endpoint connectivity and basic functionality.
Connection test types
- Basic Connectivity Test
- DNS resolution verification
- Network reachability check
- SSL/TLS certificate validation
- Response time measurement
- Authentication Test
- Credential validation
- Token refresh verification
- Permission scope testing
- Session management verification
- Functional Test
- Successful request/response cycle
- Expected status codes
- Response format verification
- Error handling validation
Test Execution Steps:
- Configure test parameters (timeout, retries, etc.)
- Set up test credentials/authentication
- Execute connection test
- Analyze test results
- Document findings
- Schedule recurring tests if needed
Connection test output
Test: GET /api/v1/users/12345
Status: SUCCESS
Response Time: 145ms
Status Code: 200
Content-Type: application/json
SSL Certificate: Valid (expires: 2026-03-15)
Authentication: Successful (Bearer Token)
Headers Received:
- X-Request-ID: abc123
- X-Rate-Limit-Remaining: 999
Response Size: 432 bytes
Schema validation against responses
Validate actual API responses against defined schemas.
Schema validation process
- Send Test Request
- Execute endpoint with valid parameters
- Capture complete response
- Parse Response
- Extract response body
- Parse according to content type
- Handle encoding issues
- Compare Against Schema
- Validate data types
- Check required fields presence
- Verify field constraints (min/max, patterns, etc.)
- Validate nested structures
- Generate Validation Report
- List matching elements
- Highlight mismatches
- Suggest schema corrections
- Calculate compliance score
Validation Rules:
- Type Checking: Ensure field types match schema (string, number, boolean, etc.)
- Required Fields: Verify all required fields are present
- Format Validation: Check formats (email, date, UUID, etc.)
- Constraint Validation: Verify min/max values, string lengths, patterns
- Enum Validation: Confirm values are within allowed enums
- Additional Properties: Check for unexpected fields
Validation report example
{
"endpoint": "/api/v1/users/12345",
"validation_result": "failed",
"compliance_score": 0.85,
"issues": [
{
"path": "response.data.created_at",
"expected": "string (ISO 8601 date)",
"actual": "number (timestamp)",
"severity": "medium",
"suggestion": "Update schema to accept number or convert response to string"
},
{
"path": "response.data.phone",
"expected": "required field",
"actual": "missing",
"severity": "high",
"suggestion": "Add phone field to response or update schema"
}
],
"matches": 17,
"total_fields": 20
}
Performance testing (optional)
Assess endpoint performance characteristics under various conditions.
Performance metrics
- Response Time Metrics
- Average response time
- Median response time
- 95th/99th percentile response times
- Min/max response times
- Throughput Metrics
- Requests per second (RPS)
- Concurrent request capacity
- Data transfer rate
- Reliability Metrics
- Success rate
- Error rate by type
- Timeout frequency
- Retry success rate
Performance test types
-
Load Testing
- Gradually increase load
- Identify breaking points
- Measure degradation patterns
Configuration:
load_test:
duration: 5m
ramp_up: 1m
initial_users: 10
max_users: 500
increment: 50
increment_interval: 30s
-
Stress Testing
- Push beyond normal capacity
- Identify failure modes
- Test recovery mechanisms
Configuration:
stress_test:
duration: 10m
target_rps: 1000
spike_enabled: true
spike_multiplier: 3
spike_duration: 30s
-
Spike Testing
- Sudden load increases
- Measure response to traffic spikes
- Validate auto-scaling behavior
-
Endurance Testing
- Sustained load over time
- Memory leak detection
- Resource exhaustion testing
Configuration:
endurance_test:
duration: 24h
steady_load: 100
sampling_interval: 5m
Performance Test Results:
Endpoint: GET /api/v1/users
Test Type: Load Test
Duration: 5 minutes
Total Requests: 15,000
Successful: 14,985 (99.9%)
Failed: 15 (0.1%)
Response Times:
Average: 125ms
Median: 118ms
95th Percentile: 189ms
99th Percentile: 245ms
Max: 312ms
Throughput:
Average RPS: 50
Peak RPS: 75
Data Transfer: 45 MB
Errors:
Timeouts: 10
5xx Errors: 5
Connection Errors: 0
Related articles
Related articles
- Endpoint Import and Discovery · Product documentation
- Endpoint Management · Product documentation
Next steps
- Getting started · Install + connect your spec
- Configuration fundamentals · Stabilize runs
- Initial configuration · Users, licensing, projects
- Release notes · Updates and fixes
Still stuck?
Tell us what you’re trying to accomplish and we’ll point you to the right setup—installation, auth, or CI/CD wiring.