Testify API Documentation

Table of contents

General

In our Technical Documentation the required information when working with the Testify API is listed.

The Testify API can be used to query information from Testify, but also to create and update information. With help of the Testify API it is easily possible to connect Testify to your own systems and exchange information in an automated way.

The Testify API is a REST API which can be accessed via authenticated HTTP requests (using an API key). The documentation with all available endpoints can be found at https://cloud.testify.io/core/services/swagger/index.html and it is recommended to use the most recent version, which at the moment of writing this documentation is Testify API v2.0. Note that as of now all listed versions are supported, but it is not recommended to use the internal or older APIs as these might get deprecated in the future.

Depending on whether the https://cloud.testify.io/ stage or an own stage is used, the StageBaseUrl can differ and must be adapted in the request URL (and also in the Swagger UI URL). All examples in this documentation use https://cloud.testify.io as StageBaseUrl and assume that the Testify stage is used.

Authentication

To access the Testify API a Testify user with a valid API key is needed. This API key must then be sent in every requests header.

Please be aware that a user in Testify has roles and permissions and is allowed to make certain requests based on that. An API key is always generated for a certain Testify user and when making a request with an API key the permissions of that user are used. Therefore, it is advised to create an own Interface User that has all roles and permissions needed for accessing the endpoints.

Create Interface User and generate API Key

  1. Go to https://cloud.testify.io/todos and Log In with your regular account.

  2. Go to “Administration” → “Users” and create a new Interface User with a self defined password and all roles assigned.

  3. Within the User’s Profile, click on the context menu and select “Generate API key”.

  4. Note the API key that consists of secret, Subject and Tenant.

Please be aware that this API key can only be viewed once and must be regenerated otherwise. Regenerating means disabling the previous used API key.

Authenticate with API Key

  1. Place secret, Subject and Tenant in request header.

External vs. Internal ID in Testify Public API

Many entities in Testify namely checklist templates, checklist instances, testobjects, testobject-types testequipments, testequipment-types, customfields, issue categories, groups and users have an external and an internal ID. The internal id must be a globally unique identifier in the format of “00000000-0000-0000-0000-000000000000“, whereas the external id can be in a format more readable for humans to better recognize the object and must also be unique.

E.g. internal id: 9033d3c6-5897-484c-a247-61cc4e636920, external id: my-testobject

Users can choose an external ID to make it easy to correlate the entities to entities in other systems. For example, when testobjects are synced with an ERP system, you could reuse the IDs of the ERP system and set the external IDs in testify with that value. That will make it easy later on to find the correlationg test object for an entity in your ERP system by just doing an ID lookup.

Where does the Testify Public API use External IDs?

In General, all IDs used by the Testify Public API are external IDs.

What happens when no External ID is provided when creating objects?

An internal ID is always automatically generated by the system itself. The external ID can be chosen when creating the entity via the API by just assigning a value to the ID property. This value has to be unique, though. When creating an object without providing an external ID, it automatically gets set to the value of the generated internal ID.

HTTP Methods

With GET requests the details of an entity can be queried.

A POST request method is used when a new entity should be created and the data is usually sent as JSON in the request body.

A PUT endpoint is used when an existing entity should be updated. The updated entity is usually sent as JSON in the request body and all properties get updated.

The PATCH endpoints can be used to update single properties of an entity.

If a property is included in the JSON request body, it's value should be updated with the value from the JSON. All other properties that are not included will stay the same as before. To delete an optional property value this can be done by setting the property in the JSON to NULL.

For properties that contain lists, NULL and an empty array both will mean the list will be emptied after the update. If you want to update a list you have to provide the complete list of entries again that should be set after the update operation.

Webhooks

Webhooks allow you to respond on events that occur in Testify in an automated way, without the need to make requests repeatedly. To use webhooks a HTTP server where Testify is allowed to send POST requests is needed. When this is available, it can be easily configured within Testify on what events should be reacted to and to which URL the request should be sent to.

How to define a webhook within Testify

  1. As logged in User go to “Administration” → “Workflows” and create a new Workflow.

  2. Define a Name.

  3. Define an Event.

  4. Define an Action with scope “Webhook” and type “trigger”.

  5. Click on “Parameters” and provide the URL of the webhook that should be called and can be accessed by Testify via POST request. As an optional parameter, an Identifier can be specified, which then will be sent in the request body. Also, the request timeout and the HTTP status codes that indicate success can be customized, as well as some authorization options containing of a secret and HTTP headers. Please consider that Content-Type: application/json and Content-Length HTTP headers are set implicitly as default by Testify and can't be added here.

  6. Save newly created workflow, which then automatically gets invoked when the specified event occurs.

  7. To see when a webhook has been executed and whether the execution has been successful, go to the workflow details, click on the context menu and select “History”.

Samples of what information will be sent in the webhook payload

The HTTP method is always POST and the payload depends on the event that triggered the webhook.

Property

Description

Property

Description

WebHookIdentifier

This is set to the identifier that can be set as an optional parameter at the webhook configuration (see above).

IssueFilter, ChecklistFilter, TestObjectFilter, PdfFilter, UserFilter, or TimerFilter

Depending on the event that triggered the workflow these are set.

TriggeredByWorkflowId

Id of the workflow that triggered the event. Only set if the event was triggered by a workflow.

TenantId

Id of the tenant.

EntityType

Gives information about the event that triggered the webhook: 1 (issue), 2 (checklist), 3 (testobject), 4 (pdf), 5 (user), or 6 (timertrigger).

Action

Tells whether 1 (created) or 2 (updated) triggered the webhook.

In our case a checklist has been created, so 1 is set.

ChangedValues

Only set if the triggering event is an update event. Shows the values that were changed in this update.

EntityId

External Id of the object that triggered the webhook.

In our case this is the external id of the created checklist.

EntityUrl

URL where details of the object that triggered the webhook can be found.

In our case the created checklist can be queried via GET-request to this URL.

CreatedAt

Date and time when the event took place.

{ "webHookIdentifier": "string", "issueFilter": { "createdById": "00000000-0000-0000-0000-000000000000", "modifiedById": "00000000-0000-0000-0000-000000000000", "assignedToId": "00000000-0000-0000-0000-000000000000", "testObjectId": "00000000-0000-0000-0000-000000000000", "testObjectExternalId": "string", "testObjectTypeId": "00000000-0000-0000-0000-000000000000", "state": "issueState", "issueCategoryId": "00000000-0000-0000-0000-000000000000", "issueSeverityId": "00000000-0000-0000-0000-000000000000", "title": "string", "description": "string", "scheduledFor": "2023-03-27T11:08:24.661Z" }, "checklistFilter": { "externalId": "string", "createdById": "00000000-0000-0000-0000-000000000000", "modifiedById": "00000000-0000-0000-0000-000000000000", "assignedToId": "00000000-0000-0000-0000-000000000000", "testObjectId": "00000000-0000-0000-0000-000000000000", "testObjectExternalId": "string", "testObjectTypeId": "00000000-0000-0000-0000-000000000000", "state": "testItemState", "checklistTemplateId": "00000000-0000-0000-0000-000000000000", "scheduledFor": "2023-03-27T11:08:24.661Z", "score": 0 }, "testObjectFilter": { "createdById": "00000000-0000-0000-0000-000000000000", "testObjectTypeId": "00000000-0000-0000-0000-000000000000", "testObjectId": "00000000-0000-0000-0000-000000000000", "testObjectExternalId": "string" }, "pdfFilter": { "pdfProfileId": "00000000-0000-0000-0000-000000000000", "userId": "00000000-0000-0000-0000-000000000000" }, "userFilter": { "userId": "00000000-0000-0000-0000-000000000000", "groupIds": [ "00000000-0000-0000-0000-000000000000" ], "roleIds": [ "string" ] }, "timerFilter": { "actorId": "00000000-0000-0000-0000-000000000000", "cronExpression": "string" }, "triggeredByWorkflowId": "00000000-0000-0000-0000-000000000000", "tenantId": "00000000-0000-0000-0000-000000000000", "entityType": "subscriptionEntityType", "action": "eventActions", "changedValues": { "additionalProp1": { "oldValue": {}, "newValue": {} }, "additionalProp2": { "oldValue": {}, "newValue": {} }, "additionalProp3": { "oldValue": {}, "newValue": {} } }, "entityId": "00000000-0000-0000-0000-000000000000", "entityUrl": "string", "createdAt": "2023-03-27T11:08:24.661Z", "testifyCorrelationId": "string" }

IssueState

Draft = 0, Opened = 1, Resolved = 2, Verified = 3, Deleted = 99

TestItemState

Open = 0, InProgress = 1, Completed = 2, (deprecated) Done = 3, Verified = 4, Removed = 99

SubscriptionEntityType

EventActions

Here are some samples of sent information in the webhook payload:

  • Checklist created:

  • Issue created:

    • Everything looks very similar to the checklist created event, but here the IssueFilter is set and EntityType is set to 1 (issue).

  • Issue updated:

    • The issue has been resolved with a duration of 5 minutes.

    • Note the ChangedValues attribute that shows that duration and state were changed. Also Action has value 2 (updated) now.

Authenticated webhook requests

As mentioned above additional parameters for sending authenticated webhook requests can be specified in the webhook “Parameters”. So the target of the webhook is able to verify the integrity of an incoming webhook request. This is possible by 2 differnt mechanisms:

  1. Adding arbitrary HTTP-Headers: This consists of key-value pairs which are then sent in the HTTP headers, e.g. Username: {Username}, Password: {Password}. Please be aware that this should only be done when using a secure channel like HTTPS, TLS.

  2. Signing the webhook request with a pre-shared secret: This adds the following two additional HTTP headers to the webhook request - Testify-Webhook-Signature and Testify-Webhook-Signature-Timestamp. The Testify-Webhook-Signature is a hashed value, which is created from a timestamp and the request payload by using SHA256 HMAC with the provided “secret” in the webhook parameters and then base64 encoding. Represented as: base64(HMACSHA256(TIMESTAMP + BODY))
    To verify the signature, create the same SHA256 HMAC signature (containing of the Testify-Webhook-Signature-Timestamp and the request payload) with the provided secret, then base64 encoding and compare it to the Testify-Webhook-Signature sent in the request header. See following example:

Example of a complete use case

This example shows a complete use case using Testify API. First a testobject is created and for this testobject a checklist is instantiated. When the checklist is completed in Testify two webhooks are called, one that fetches the check results and one that informs us about a generated PDF for that checklist and downloads it.

  1. Create testobject via Testify API:

    1. Send POST-request

      • Endpoint: {StageBaseUrl}/public/testobjects?api-version=2.0

      • HTTP method: POST

      • HTTP headers: API key (secret, Subject, Tenant), Content-Type: application/json, Content-Length

      • Payload (approach 1): Both the internal id and the external id are automatically set by the system and are the same.

      • OR Payload (approach 2) including self-assigned external id: The external id is set to my-testobject and the internal id is automatically set by the system.

    2. Testobject has successfully been created if response has statuscode 200 OK and payload contains external id of new testobject. If response statuscode is 400 Bad Request something in the request is wrong, but error details are provided in the payload.

  2. Instantiate checklist for newly created testobject via Testify API:

    1. Send POST-request:

      • Endpoint: {StageBaseUrl}/public/checklists?api-version=2.0

      • HTTP method: POST

      • HTTP headers: API key (secret, Subject, Tenant), Content-Type: application/json, Content-Length

      • Payload (approach 1): testObjectId contains the external id of the above created testobject.

      • OR Payload (approach 2) including self-assigned external id:

    2. Checklist has successfully been started when response has statuscode 200 OK and payload contains external id of new checklist instance. If response statuscode is 400 Bad Request something in the request is wrong, but error details are provided in the payload.

  3. React to webhook informing us of completed checklist and fetch check results:

    Prerequisites 1 - Before completing the checklist: Configure webhook that should be triggered (see above).
    Event details: Scope: “Checklist”, Type: “updated”, Triggers: State = “Done”
    Action details: Scope “Webhook”, Type: “trigger”, provide URL

    1. Parse Webhook payload:

      • ChangedValues shows state change from 0 (open) to 3 (done) and new modifiedAt date.

      • EntityId is needed to fetch the checklist results.

    2. Send GET-Request to fetch checklist results:

      • Endpoint: {StageBaseUrl}/public/checklists/{EntityId}/results/flat?api-version=2.0

      • HTTP method: GET

      • HTTP headers: API key (secret, Subject, Tenant)

      • Payload: no payload

    3. The response should have status code 200 OK and gives details of the checklist instance with all testcases. Details to this response can be found below at “Structure of checklist results” section.

       

  4. React to webhook informing us of generated PDF for checklist and download it:

    Prerequisites 1 - Before completing the checklist: Configure workflow that automatically generates PDF.
    Event details: Scope: “Checklist”, Type: “updated”, Triggers: State = “Done”
    Action details: Scope: “PDF”, Type: “generate”, select PDF protocol profile and language

    Prerequisites 2 - Before completing the checklist: Configure webhook that should be triggered.
    Event details: Scope: “PDF”, Type: “Checklist PDF generated”
    Action details: Scope “Webhook”, Type: “trigger”, provide URL

    1. Parse Webhook payload:

      • EntityUrl is needed to get created PDF.

    2. Send GET-Request to get created PDF and download it:

      • Endpoint: EntityUrl

      • HTTP method: GET

      • HTTP headers: no headers

      • Payload: no payload

    3. The response should have status code 200 OK and gives the created PDF as payload.

Localization

All localizations implemented in Testify can also be used in the Testify API. Every tenant has a default language which normally is English (US). Following languages are available:

Iso-Code

Title

Iso-Code

Title

bs

Bosanski

de-AT

Deutsch

en-GB

English (UK)

en-IN

English (India)

en-US

English (US)

es-MX

Español

fr

Français

nl

Nederlands

pt-BR

Português

ru

русский

zh-CN

中文(中国)

zh-TW

中文(台灣)

Example for creating a custom field with a title in multiple languages

  1. Send POST-Request:

    • Endpoint: {StageBaseUrl}/public/customfields?api-version=2.0

    • HTTP method: POST

    • HTTP headers: API key (secret, Subject, Tenant), Content-Type: application/json, Content-Length

    • Payload:

      • The label contains the respective iso code with the localized content and the default language must always be provided.

  2. The response should have status code 200 OK and gives the custom field key of the newly created custom field.

Structure of Testify checklists

Entities

  • Checklist Template: Defines the structure of a checklist with its pages, sections and checks.

  • Checklist Template Revision: Is a revisioning mechanism for checklist templates. A checklist template revision can be in different states (see Enumeration types below).

  • Checklist Instance: Is an instance of a checklist template which is assigned to a certain user or group and where check results are added. A checklist instance can be created from a checklist template´s current (published) revision.

  • Check(Testcase): A checklist can contain 11 different types of checks with different parameters and result values (see details below).

Enumeration types

Many endpoints use enumeration types in their request or response body. In the Testify API they are represented by their integer value. Some important examples are listed below:

Checklist Template Revision State (revisionState)

Checklist Instance State

Testcase Result Value Type

Testcase Plugin Parameter Type

List of Check Types (TestCase Plugins) with result and parameter structure

The result type always refers to the TestCase Result Value Typeand the parameter type always refers to TestCase Plugin Parameter Type (see above, with examples about how the value can look like)

Testify offers 11 different check types (internally called TestCase Plugins). The different check types contain different types of data which are described in this section.

Logical Check - testify_booleantestcase

Calculation Check - testify_calculation_testcase

Date Check - testify_datetestcase

File Upload Check - testify_file_upload_testcase

Multi Select Check - testify_multi_selection_testcase

Numeric Check - testify_numerictestcase

Photo Upload Check - testify_photo_upload_testcase

Single Choice Check - testify_single_choice_testcase

Test Object Selection Check - testify_test_object_selection_testcase

Text Check - testify_texttestcase

Time Check - testify_timetestcase

Geoposition Check - testify_geopositioncheck

Signature Check - testify_signaturecheck

Add check result

Endpoints

There are two endpoints where check results can be added. They differ in whether the checkId or the checkIdentifier ist set. Both - checkId and checkIdentifier- can be queried at the GET /public/checklists/{externalId}/results/flat endpoint. (which is described above)

  1. POST /public/checklists/checkresult: Add check result by checkId.

  2. POST /public/checklists/checkresult/identifier: Add check result by human-readable checkIdentifier.

Request Body for different Check Types