An Exploratory Study on Faults inWeb API Integration in a Large-Scale Payment Company

Service-oriented architectures are more popular than ever, and increasingly companies and organizations depend on services offered through Web APIs. The capabilities and complexity of Web APIs differ from service to service, and therefore the impact of API errors varies. API problem cases related to Adyen's payment service were found to have direct considerable impact on API consumer applications. With more than 60,000 daily API errors, the potential impact is enormous. In an effort to reduce the impact of API related problems, we analyze 2.43 million API error responses to identify the underlying faults. We quantify the occurrence of faults in terms of the frequency and impacted API consumers. We also challenge our quantitative results by means of a survey with 40 API consumers. Our results show that 1) faults in API integration can be grouped into 11 general causes: invalid user input, missing user input, expired request data, invalid request data, missing request data, insufficient permissions, double processing, configuration, missing server data, internal and third party, 2) most faults can be attributed to the invalid or missing request data, and most API consumers seem to be impacted by faults caused by invalid request data and third party integration; and 3) insufficient guidance on certain aspects of the integration and on how to recover from errors is an important challenge to developers.

[1]  Philippe Suter,et al.  Inferring Web API Descriptions from Usage Data , 2015, 2015 Third IEEE Workshop on Hot Topics in Web Systems and Technologies (HotWeb).

[2]  Martin P. Robillard,et al.  What Makes APIs Hard to Learn? Answers from Developers , 2009, IEEE Software.

[3]  Brian Ellis,et al.  The Factory Pattern in API Design: A Usability Evaluation , 2007, 29th International Conference on Software Engineering (ICSE'07).

[4]  Andy Zaidman,et al.  Understanding the interactions between users and versions in multi-tenant systems , 2013, IWPSE 2013.

[5]  Frank Maurer,et al.  SpyREST: Automated RESTful API Documentation Using an HTTP Proxy Server (N) , 2015, 2015 30th IEEE/ACM International Conference on Automated Software Engineering (ASE).

[6]  Jun Li,et al.  How Does Web Service API Evolution Affect Clients? , 2013, 2013 IEEE 20th International Conference on Web Services.

[7]  Brad A. Myers,et al.  Improving API usability , 2016, Commun. ACM.

[8]  Mira Mezini,et al.  Ieee Transactions on Software Engineering 1 Automated Api Property Inference Techniques , 2022 .

[9]  Shaohua Wang,et al.  What Do Client Developers Concern When Using Web APIs? An Empirical Study on Developer Forums and Stack Overflow , 2016, 2016 IEEE International Conference on Web Services (ICWS).

[10]  Gabriele Bavota,et al.  API change and fault proneness: a threat to the success of Android apps , 2013, ESEC/FSE 2013.

[11]  Andy Zaidman,et al.  Web API growing pains: Stories from client developers and their code , 2014, 2014 Software Evolution Week - IEEE Conference on Software Maintenance, Reengineering, and Reverse Engineering (CSMR-WCRE).

[12]  Romain Robbes,et al.  How do developers react to API deprecation?: the case of a smalltalk ecosystem , 2012, SIGSOFT FSE.

[13]  Jeffrey Stylos,et al.  A case study of API redesign for improved usability , 2008, 2008 IEEE Symposium on Visual Languages and Human-Centric Computing.

[14]  Julian Dolby,et al.  Opportunities in Software Engineering Research for Web API Consumption , 2017, 2017 IEEE/ACM 1st International Workshop on API Usage and Evolution (WAPI).

[15]  David Bermbach,et al.  Benchmarking Web API Quality , 2016, ICWE.

[16]  Shaohua Wang,et al.  How Do Developers React to RESTful API Evolution? , 2014, ICSOC.

[17]  Alberto Bacchelli,et al.  On the Reaction to Deprecation of 25, 357 Clients of 4+1 Popular Java APIs , 2016, ICSME.

[18]  Martin P. Robillard,et al.  A field study of API learning obstacles , 2011, Empirical Software Engineering.

[19]  Julian Dolby,et al.  Statically Checking Web API Requests in JavaScript , 2017, 2017 IEEE/ACM 39th International Conference on Software Engineering (ICSE).