TestOps logo
Try Testops

API of Allure Testops

The description if all the API methods available in Allure Testops can be found by accessing the following URL: <TESTOPS>/swagger-ui.html

Limitations

All the API methods described could be used in your applications to retrieve, manage the information in Allure Testops.

There is one exception – the upload of the test results. Upload of the tests results is a proprietary workflow which could be changed any time without any notice and without any support from our side.

There is only safe and proper way to upload test results to Allure Testops – using the tools developed by Qameta Software; these are especially designed for this purpose – CI plug-ins (e.g. Allure Testops Jenkins plug-in), or allurectl which will always support correct workflow and will guarantee the system's performance won't degrade.

Swagger page

Swagger section of Allure Testops has two main sections dedicated to API of i) report service, ii) uaa service.

two services

API or report service

API of report service is needed to create, manage retrieve the data related to your tests:

  • test cases
  • test results
  • launches
  • statistics
  • etc.

API of uaa service

API of report service is needed to create, manage retrieve the data related to Allure Testops users, license

Try it out

You can try out the API methods right in Swagger UI.

two services

Swagger UI will show you the curl string which was used, all the parameters and will show the results of API method execution.

Authentication

When you are using swagger page to try an API call, then you are automatically authenticated via application cookies, and there are no additional parameters are required from your side for the authentication purposes.

Despite the swagger API calls contain a XSRF-TOKEN, this is not a token used for the authentication but a parameter used to prevent cross-site requests forgery. See here for the reference: https://duckduckgo.com/?q=XSRF-TOKEN

When developing your own integration using one of the programming languages, you need to be properly authenticated in Allure Testops to be able to call API methods.

For single API call you can use API token, but big amount of API calls will require a lot of CPU resources and could cause OOM failures on UAA service side if the CPU load will exceed the dedicated resources.

If you are going to use many API calls, you need to use Bearer token.

Small amount of API calls

The authentication is done using of API token which you need to generate in your profile.

When the API token is created you need to use it as in example below:

export ENDPOINT="http://localhost:8080"
export API_TOKEN="78e5e1bb-6329-483e-9b34-39fb223b19a1"
export PROJECT_ID=1
export AQL='true'
echo "Getting information about failed tests"
curl -s -G "${ENDPOINT}/api/rs/testcase/__search" \
     --header "Accept: application/json" \
     --header "Authorization: Api-Token ${API_TOKEN}" \
     --data-urlencode "projectId=${PROJECT_ID}" \
     --data-urlencode "rql=${AQL}" \
     --data-urlencode "page=0" \
     --data-urlencode "size=1"

This means the header --header "Authorization: Api-Token ${API_TOKEN}" is to be added to each request you send to Allure Testops.

Considerable amount of API calls

If you perform a lot (say 1-2 API calls per a test case or per a test result in one go) of updates in Allure Testops using API calls, the usage of the authentication described above could cause crash of UAA service due to the lack of CPU resources. For mass usage of API calls we recommend doing the usage of Bearer token for the autentication as follows:

  1. Generate Bearer token
  2. Use Bearer token for the authentication of your API requests.

Generation of Bearer token

export ENDPOINT="https://demo.testops.cloud"
export USER_TOKEN="ef06773a-544b-4f0b-ad53-5a11972c8b74"

echo "Obtaining jwt token"
JWT_TOKEN=$(curl -s -X POST "${ENDPOINT}/api/uaa/oauth/token" \
     --header "Expect:" \
     --header "Accept: application/json" \
     --form "grant_type=apitoken" \
     --form "scope=openid" \
     --form "token=${USER_TOKEN}" \
     | jq -r .access_token)

Usage of Bearer token for the authentication of API requests

echo "Getting user information"

curl -s -G "${ENDPOINT}/api/uaa/me" \
     --header "Accept: application/json" \
     --header "Authorization: Bearer ${JWT_TOKEN}"

Validity of bearer token

Bearer token is generated by Allure Testops with limited validity which by default is 1 hour and this duration is defined by your instance configuration settings via ALLURE_JWT_ACCESS_TOKEN_VALIDITY_SECONDS parameter.

© Qameta Software Inc. All rights reserved.