Welcome
Tester Guide
This guide describes the tasks that you can perform for testing various domains, technologies, and applications. To enable testing, you must configure and enable the environment for testing.
Tester Guide - Integrations and API Testing
This guide describes the tasks that you can perform for testing various domains, technologies, and applications. To enable testing, you must configure and enable the environment for testing. This guide is intended for Integrations and API testers.
Integrations and API Testing
You can use find information about the tasks that you can perform for testing various domains, technologies, or applications.
Security vulnerabilities testing by using HCL® AppScan
You can use HCL® AppScan to scan all HTTP traffic that is generated as part of integration testing in HCL DevOps Test Integrations and APIs (Test Integrations and APIs) for security vulnerabilities.

Release Notes
This document includes information about the new features introduced, features deprecated or removed, defects fixed, and known issues identified in this version of HCL DevOps Test Integrations and APIs (Test Integrations and APIs). You can also find the installation and upgrade instructions along with the contact information of HCL Customer Support.
System requirements
This document includes information about hardware and software requirements for HCL DevOps Test Integrations and APIs (Test Integrations and APIs) 2024.03 (11.0.1).
Getting Started
This guide provides an overview and describes the tasks to get you started with HCL DevOps Test Integrations and APIs (Test Integrations and APIs).
Administrator Guide
This guide describes how to install HCL DevOps Test Integrations and APIs (Test Integrations and APIs). After you install the software, you can perform administration tasks such as configuration and integration of the product. This guide is intended for administrators.
Tester Guide
This guide describes the tasks that you can perform for testing various domains, technologies, and applications. To enable testing, you must configure and enable the environment for testing.
- Tester Guide - Integrations and API Testing
  This guide describes the tasks that you can perform for testing various domains, technologies, and applications. To enable testing, you must configure and enable the environment for testing. This guide is intended for Integrations and API testers.
  - Integrations and API Testing
    You can use find information about the tasks that you can perform for testing various domains, technologies, or applications.
    - Testing Java™ applications
      You can use HCL DevOps Test Integrations and APIs (Test Integrations and APIs) to test Java™ applications.
    - Testing Java™ Message Service (JMS) systems
      Use the generic JMS plug-in to connect HCL DevOps Test Integrations and APIs (Test Integrations and APIs) to a wide range of EAI platforms, which includes any vendor that provides an implementation of this Java™ standard. JMS provides a way of separating the application from the transport layer of providing data. The same Java classes can be used to communicate with different JMS providers by using the JNDI information for a specific provider. The classes first use a connection factory to connect to the queue or topic, and then use populate and send or publish the messages. On the receiving side, the clients then receive or subscribe to the messages
    - Testing Java™ objects
      You can import Plain Old Java™ Objects (POJOs) from JAR files into HCL DevOps Test Integrations and APIs (Test Integrations and APIs) in order to parse and construct messages containing the serialized forms of those objects. You can construct and parse the Java objects and perform validation, but you cannot test the objects directly.
    - Testing with Apache Camel components
      You can use HCL DevOps Test Integrations and APIs (Test Integrations and APIs) to create tests and stubs by setting up an Apache Camel component in a Test Integrations and APIs project. You can configure the technology endpoints supported by the Camel component as the physical resources in the Test Integrations and APIs project and test for the services provided by the technology.
    - Testing with Apache Kafka
      Starting from HCL DevOps Test Integrations and APIs (Test Integrations and APIs) 10.0.2 and later, you can create Kafka transports to test Kafka services.
    - Testing with Docker
      You can use Docker containers with HCL DevOps Test Integrations and APIs (Test Integrations and APIs) to run stubs co-located with your test systems.
    - Testing with the email transport
      When you use applications in your test environment that use email services, you can use HCL DevOps Test Integrations and APIs (Test Integrations and APIs) to create tests and stubs for testing the email services. You can set up an email transport in a Test Integrations and APIs project and configure the email servers as the physical resources in the Test Integrations and APIs project, and then test the email services.
    - Testing with Envoy Proxy (Experimental)
      You can use HCL DevOps Test Integrations and APIs (Test Integrations and APIs) to record the HTTP traffic on the Envoy Proxy by using the Experimental HTTP Tap Filter feature of the Envoy Proxy.
    - Testing with the File transport
      As with any other transport, the File transport includes both logical and physical configurations. Tests and stubs are associated with the logical File resource, which represents an abstraction of the File resource and is the same for all environments. The physical File Access configuration includes connection details, and you can configure a different physical File Access for each environment.
    - Testing with the FIX transport
      You can use the Financial Information eXchange (FIX) transport and FIX dictionaries in HCL DevOps Test Integrations and APIs (Test Integrations and APIs) to help you test trade-related messages and the systems that use them.
    - Testing with the HTTP transport
      To provide support for HTTP-based communications, you must configure and run HCL DevOps Test Integrations and APIs (Test Integrations and APIs) by using the HTTP transport and SOAP message formatters.
    - Testing with IBM® API Developer Portals
      You can configure HCL DevOps Test Integrations and APIs (Test Integrations and APIs) to synchronize IBM API Connect™ Developer Portal resources or IBM® API Management Developer Portal resources.
    - Testing with IBM® App Connect Enterprise
      When you want to test the services on applications deployed by the integration node of IBM® App Connect Enterprise, you can use the synchronization feature in HCL DevOps Test Integrations and APIs (Test Integrations and APIs) to import details of deployed applications into a Test Integrations and APIs project. You can select the tests and stubs to be created in your project during the synchronization process in Test Integrations and APIs.
    - Testing with IBM® Integration Bus
      When you want to test the services on applications deployed by the integration node of IBM® Integration Bus, you can use the synchronization feature in HCL DevOps Test Integrations and APIs (Test Integrations and APIs) to import details of deployed applications into a Test Integrations and APIs project. You can select the tests and stubs to be created in your project during the synchronization process in Test Integrations and APIs.
    - Testing with IBM® WebSphere® Application Server
      You can configure HCL DevOps Test Integrations and APIs (Test Integrations and APIs) to synchronize IBM® WebSphere® Application Server resources.
    - Testing with IBM® WebSphere® MQ messages
      You can test WebSphere® MQ messages using the WebSphere MQ transport method or JMS interface. HCL DevOps Test Integrations and APIs (Test Integrations and APIs) also supports testing WebSphere MQ on z/OS systems.
    - Testing with WebSphere® Portal
      You can configure HCL DevOps Test Integrations and APIs (Test Integrations and APIs) to synchronize IBM® WebSphere® Portal resources.
    - Testing with IBM® z/OS® Connect Enterprise Edition
      IBM® z/OS® Connect Enterprise Edition provides a framework for enabling z/OS®-based programs and data to fully participate in the new API economy for mobile and cloud applications. Use IBM® z/OS® Connect Enterprise Edition to access z/OS subsystems, such as CICS®, IMS™ and Batch, by using RESTful APIs with JSON formatted messages. You can access multiple z/OS subsystems concurrently through a common interface.
    - Testing with Kubernetes
      HCL DevOps Test Integrations and APIs (Test Integrations and APIs) supports testing with Kubernetes after you set up a Kubernetes cluster. You can test the containerized applications that run as services in Kubernetes in Test Integrations and APIs. You can also create and publish stubs from Test Integrations and APIs to Kubernetes and then run the stubs in Kubernetes.
    - Testing with Microsoft™ .NET objects
      You can import serializable .NET objects from .NET assembly files (.exe or .dll) into HCL DevOps Test Integrations and APIs (Test Integrations and APIs) and apply them to messages in the same way as you would apply a schema. A service-based test or stub can then send and receive a message containing a serialized form of a .NET object from the assembly file. You can construct and parse the .NET objects and perform validation, but you cannot test the objects directly.
    - Testing the migrated Postman collections
      You can migrate Postman collections and environments that you created in Postman to HCL DevOps Test Integrations and APIs (Test Integrations and APIs). Operations, transports, tests and stubs are automatically created during migration and you can run the tests and stubs in Test Integrations and APIs.
    - Testing with MongoDB
      If you are using HCL DevOps Test Integrations and APIs (Test Integrations and APIs) 9.5.0 or later, you can create MongoDB transports and run tests against them.
    - Testing with the MQ telemetry transport
      If you are using HCL DevOps Test Integrations and APIs (Test Integrations and APIs) 8.6.0 or later, you can create MQ telemetry transports.
    - Testing with Oracle Fusion
      Configure and run HCL DevOps Test Integrations and APIs (Test Integrations and APIs) with the Oracle Fusion plug-in, which provides support for synchronization with and testing of the web services and composites that are available on a configured SOA server (that is, an Oracle WebLogic server with Oracle SOA Suite 11g deployed on it).
    - Testing with RabbitMQ
      If you are using HCL DevOps Test Integrations and APIs (Test Integrations and APIs) 9.2.1.1 or later, you can create RabbitMQ transports.
    - Testing with SAP applications
      You can use HCL DevOps Test Integrations and APIs (Test Integrations and APIs) to test SAP application server resources.
    - Testing with Software AG CentraSite
      You can incorporate governance in your SOA by using the integration of HCL DevOps Test Integrations and APIs (Test Integrations and APIs) with Software AG CentraSite.
    - Testing with Software AG Universal Messaging
      You can use HCL DevOps Test Integrations and APIs (Test Integrations and APIs) API to test Software AG Universal Messaging Broker server resources. From Test Integrations and APIs 10.0.2 or later, you can create Software AG Universal Messaging Broker transports, configure and run Test Integrations and APIs with the Software AG Universal Messaging server.
    - Testing with Software AG webMethods
      You can configure and run HCL DevOps Test Integrations and APIs (Test Integrations and APIs) with the Software AG webMethods Integration Server to connect to Software AG webMethods Broker and Integration Server resources.
    - Testing with SSL
      To provide secure connections between clients and servers during testing, you can use the Secure Sockets Layer (SSL) technology supported by HCL DevOps Test Integrations and APIs (Test Integrations and APIs).
    - Testing with TCP and UDP transports
      In HCL DevOps Test Integrations and APIs (Test Integrations and APIs), you can create transports that facilitate communication between clients and servers by using both TCP- and UDP-based sockets.
    - Testing with TIBCO applications
      To use HCL DevOps Test Integrations and APIs (Test Integrations and APIs) to test TIBCO messaging, you must configure and run Test Integrations and APIs with the TIBCO messaging plug-in. Doing so supports TIBCO Rendezvous messaging ("plain" TIBCO Rendezvous messaging and TIBCO ActiveEnterprise (AE) formats), TIBCO EMS messaging, and sending and receiving AE messages by using TIBCO EMS.
    - Testing applications on z/OS®
      You can test applications on IBM® z/OS® systems by using the capabilities that are supported for mainframes by HCL DevOps Test Integrations and APIs (Test Integrations and APIs).
    - Managing credentials
      If you have external resources that must be accessed by project or test resources in HCL DevOps Test Integrations and APIs (Test Integrations and APIs) and you do not want to expose the credentials used to access the external resources, then you can implement a user-defined access in a credential management system.
    - Configuration of virtual IP addresses as virtual clients
      You can find information about how to configure virtual IP addresses in the operating system, and then use the virtual IP addresses to configure them as virtual clients in tests or as virtual servers in stubs.
    - Configuration of test runs in a GitHub Actions Workflow
      You can configure test runs of test resources that you create in HCL DevOps Test Integrations and APIs (Test Integrations and APIs) in a GitHub Actions Workflow. You can choose to run test resources in the GitHub Workflow when you do not want to run the test resources without opening Test Integrations and APIs.
    - Security vulnerabilities testing by using HCL® AppScan
      You can use HCL® AppScan to scan all HTTP traffic that is generated as part of integration testing in HCL DevOps Test Integrations and APIs (Test Integrations and APIs) for security vulnerabilities.
      - Starting DevOps Test Integrations and APIs from the command line
        You must start HCL DevOps Test Integrations and APIs (Test Integrations and APIs) from the command line by using the hostname and port of the computer on which you installed HCL® AppScan Dynamic Analysis Client when you want HCL AppScan Dynamic Analysis Client to capture and scan the HTTP traffic from and to Test Integrations and APIs. After you start Test Integrations and APIs and run tests, the HTP traffic is scanned by HCL AppScan Dynamic Analysis Client for security vulnerabilities.
  - Extending DevOps Test Integrations and APIs functionality by using custom functions
    You can add more calculations and operations to tests by using the HCL DevOps Test Integrations and APIs (Test Integrations and APIs) custom function class. Test Integrations and APIs custom function is a Java™ class that extends the com.ghc.ghTester.expressions function.
  - Working in non-GUI mode
    You can use the tools and executable files that are provided along with the product software. You can use these tools to perform different test actions in a non-GUI mode.
- Tester Guide - Service Virtualization
  This guide describes the tasks that you can perform for using virtual services or stubs to simulate parts of an environment if the real services are not yet available or because they are difficult or expensive to use. This guide is intended for API Testers.
Test Manager Guide
This guide describes the tasks that you can perform for tracking the quality of the application. This guide is intended for Test Managers.
Troubleshooting
While working with HCL DevOps Test Integrations and APIs (Test Integrations and APIs), you might encounter some problems that you can easily troubleshoot.
Reference Guide
This guide provides the topics to help the API tester use the product by using the user interface, commands or scripts. This guide is intended for API testers.
Security Considerations
You can take certain actions to ensure that your installation is secure, customize your security settings, and set up user access controls.
Notices
This document provides information about copyright, trademarks, terms and conditions for product documentation.

Security vulnerabilities testing by using HCL® AppScan

You can use HCL® AppScan to scan all HTTP traffic that is generated as part of integration testing in HCL DevOps Test Integrations and APIs (Test Integrations and APIs) for security vulnerabilities.

Prerequisites

Before you use HCL® AppScan to scan the HTTP traffic to and from Test Integrations and APIs, you must consider the following prerequisites:

You must have installed a licensed version of HCL® AppScan Enterprise or HCL® AppScan Standard edition. Visit the AppScan family of products page to select your product and version to view the documentation. You can refer to the documentation for the installation instructions for the HCL® AppScan version that you want to use.
You must be familiar with configuring and using HCL® AppScan to scan applications or web services for security vulnerabilities.

Overview of tasks

You can find the tasks that you can perform for scanning the HTTP traffic to and fromTest Integrations and APIs in the following table:


	Task
1.	Install HCL® AppScan or the HCL® AppScan Dynamic Analysis Client.
2.	Set up Test Integrations and APIs as the application to scan, in the HCL® AppScan server or the HCL® AppScan Dynamic Analysis Client. You can use any of the following methods to set up the application: Login Management Manual Explore External Traffic Recorder Refer to the AppScan documentation for the details on these methods in the version of AppScan that you want to use.
3.	Start Test Integrations and APIs from the command line. See Starting DevOps Test Integrations and APIs from the command line.
4.	Verify if the HTTP traffic to and fromTest Integrations and APIs is scanned by HCL® AppScan by creating a project, setting up a physical transport, and creating tests to send and receive messages in Test Integrations and APIs. After you run the tests, you can view the scan reports in HCL® AppScan.