HTTP Testing

Overview

HTTP tests allow you to send HTTP requests to your applications’ API endpoints to verify responses and defined conditions, such as overall response time, expected status code, header, or body content.

HTTP tests can run from both managed and private locations depending on your preference for running the test from outside or inside your network. HTTP tests can run on a schedule, on-demand, or directly within your CI/CD pipelines.

Configuration

You may create a test using one of the following options:

  • Create a test from a template:

    1. Hover over one of the pre-populated templates and click View Template. This opens a side panel displaying pre-populated configuration information, including: Test Details, Request Details, Assertions, Alert Conditions, and Monitor Settings.

    2. Click +Create Test to open the Define Request page, where you can review and edit the pre-populated configuration options. The fields presented are identical to those available when creating a test from scratch.

    3. Click Save Details to submit your API test.

  • Build a test from scratch:

    1. To build a test from scratch, click the + Start from scratch template, then select the HTTP request type and specify the URL to query. Available methods are: GET, POST, PATCH, PUT, HEAD, DELETE, and OPTIONS. Both http and https URLs are supported.

      See Advanced options for more options.

    2. Name your HTTP test.

    3. Add Environment Tags as well as any other tag to your HTTP test. You can then use these tags to filter through your Synthetic tests on the Synthetic Monitoring & Continuous Testing page.

    4. Click Send to try out the request configuration. A response preview is displayed on the right side of your screen.

    Define HTTP request
    1. Click Create Test to submit your API test.

Snippets

When setting up a new Synthetic Monitoring API test, use snippets to automatically fill in basic auth, performance, and regions, rather than selecting these options manually. The following snippets are available:

  • Basic Auth: Automatically test your APIs using pre-populated basic auth headers, JavaScript, bearer token, and API/app key auth variables.

  • Performance: Automatically configure a test with the shortest frequency (one minute), perform a gRPC health check, and test for overall response time latency with a breakdown of network timing.

  • Regions: Automatically test your API endpoint against a location in each of the three primary geographic regions (AMER, APAC and EMEA).

    Screenshot of the left hand side of an API test creation, showing the snippets example

Advanced options

    • HTTP version: Select HTTP/1.1 only, HTTP/2 only, or HTTP/2 fallback to HTTP/1.1.
    • Follow redirects: Select to have your HTTP test follow up to ten redirects when performing the request.
    • Ignore server certificate error: Select to have your HTTP test go on with connection even if there are errors when validating the SSL certificate.
    • Timeout: Specify the amount of time in seconds before the test times out.
    • Request headers: Define headers to add to your HTTP request. You can also override the default headers (for example, the user-agent header).
    • Cookies: Define cookies to add to your HTTP request. Set multiple cookies using the format <COOKIE_NAME1>=<COOKIE_VALUE1>; <COOKIE_NAME2>=<COOKIE_VALUE2>.

    • Client Certificate: Authenticate through mTLS by uploading your client certificate (.crt) and the associated private key (.key) in PEM format. You can use the openssl library to convert your certificates. For example, convert a PKCS12 certificate to PEM formatted private keys and certificates.

      openssl pkcs12 -in <CERT>.p12 -out <CERT_KEY>.key -nodes -nocerts
openssl pkcs12 -in <CERT>.p12 -out <CERT>.cert -nokeys

    • HTTP Basic Auth: Add HTTP basic authentication credentials.

    • Digest Auth: Add Digest authentication credentials.

    • NTLM: Add NTLM authentication credentials. Support both NTLMv2 and NTLMv1.

    • AWS Signature v4: Enter your Access Key ID and Secret Access Key. Datadog generates the signature for your request. This option uses the basic implementation of SigV4. Specific signatures such as Amazon S3 are not supported out-of-the box. For “Single Chunk” transfer requests to Amazon S3 buckets, add x-amz-content-sha256 containing the sha256-encoded body of the request as a header (for an empty body: x-amz-content-sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855).

    • OAuth 2.0: Choose between granting client credentials or a resource owner password and enter an access token URL. Depending on your selection, enter a client ID and secret, or a username and password. From the dropdown menu, select an option to either send the API token as a basic authentication header, or send the client credentials in the body. Optionally, you can provide additional information such as the audience, resource, and scope (as well as the client ID and secret, if you selected Resource Owner Password).

    • Encode parameters: Add the name and value of query parameters that require encoding.
    • Body type: Select the type of the request body (application/json, application/octet-stream, application/x-www-form-urlencoded, multipart/form-data, text/html, text/plain, text/xml, GraphQL, or None) you want to add to your HTTP request.
    • Request body: Add the content of your HTTP request body.
      • The request body is limited to a maximum size of 50 kilobytes for application/json, application/x-www-form-urlencoded, text/html, text/plain, text/xml, GraphQL.
      • The request body is limited to one file of 3 megabytes for application/octet-stream.
      • The request body is limited to three files of 3 megabytes each for multipart/form-data.
    • Proxy URL: Specify the URL of the proxy the HTTP request should go through (http://<YOUR_USER>:<YOUR_PWD>@<YOUR_IP>:<YOUR_PORT>).
    • Proxy header: Add headers to include in the HTTP request to the proxy.
    • Do not save response body: Select this option to prevent response body from being saved at runtime. This can be helpful to ensure no sensitive data gets featured in your test results. Use mindfully as it can make failures troubleshooting more difficult. For more security recommendations, see Synthetic Monitoring Security.

    Define variables for your HTTP API tests with JavaScript:

    Define HTTP API test with Javascript

    Define assertions

    Assertions define what an expected test result is. After you click Test URL, basic assertions on response time, status code, and header content-type are added based on the response that was obtained. You must define at least one assertion for your test to monitor.

    TypeOperatorValue type
    bodycontains, does not contain, is, is not,
    matches, does not match,
    jsonpath, xpath    		String
    Regex
    headercontains, does not contain, is, is not,
    matches, does not match    		String
    Regex
    response timeis less thanInteger (ms)
    status codeis, is not,
    matches, does not match    		Integer
    Regex

    HTTP tests can decompress bodies with the following content-encoding headers: br, deflate, gzip, and identity.

    You can create up to 20 assertions per API test by clicking New Assertion or by clicking directly on the response preview:

    Define assertions for your HTTP test to succeed or fail on

    To perform OR logic in an assertion, use the matches regex comparator to define a regex with multiple expected values like (200|302). For example, you may want your HTTP test to succeed when a server must respond with a 200 or 302 status code. The status code assertion succeeds if the status code is 200 or 302. You can also add OR logic on a body or header assertion.

    If a test does not contain an assertion on the response body, the body payload drops and returns an associated response time for the request within the timeout limit set by the Synthetics Worker.

    If a test contains an assertion on the response body and the timeout limit is reached, an Assertions on the body/response cannot be run beyond this limit error appears.

    Select locations

    Select the Locations to run your HTTP test from. HTTP tests can run from both managed and private locations depending on your preference for running the test from outside or inside your network.

    Datadog’s out-of-the-box managed locations allow you to test public-facing websites and endpoints from regions where your customers are located.

    AWS:

    AmericasAsia PacificEMEA
    Canada CentralHong KongBahrain
    Northern CaliforniaJakartaCape Town
    Northern VirginiaMumbaiFrankfurt
    OhioOsakaIreland
    OregonSeoulLondon
    São PauloSingaporeMilan
    SydneyParis
    TokyoStockholm

    GCP:

    AmericasAsia PacificEMEA
    DallasTokyoFrankfurt
    Los Angeles
    Oregon
    Virginia

    Azure:

    RegionLocation
    AmericasVirginia

    The Datadog for Government site (US1-FED) uses the following managed location:

    RegionLocation
    AmericasUS-West

    Specify test frequency

    HTTP tests can run:

    • On a schedule to ensure your most important endpoints are always accessible to your users. Select the frequency at which you want Datadog to run your HTTP test.
    • Within your CI/CD pipelines to start shipping without fearing faulty code might impact your customers’ experience.
    • On-demand to run your tests whenever makes the most sense for your team.

    Define alert conditions

    Set alert conditions to determine the circumstances under which you want a test to fail and trigger an alert.

    Alerting rule

    When you set the alert conditions to: An alert is triggered if any assertion fails for X minutes from any n of N locations, an alert is triggered only if these two conditions are true:

    • At least one location was in failure (at least one assertion failed) during the last X minutes;
    • At one moment during the last X minutes, at least n locations were in failure.

    Fast retry

    Your test can trigger retries X times after Y ms in case of a failed test result. Customize the retry interval to suit your alerting sensibility.

    Location uptime is computed on a per-evaluation basis (whether the last test result before evaluation was up or down). The total uptime is computed based on the configured alert conditions. Notifications sent are based on the total uptime.

    Configure the test monitor

    A notification is sent by your test based on the alerting conditions previously defined. Use this section to define how and what to message your team.

    1. Similar to how you configure monitors, select users and/or services that should receive notifications either by adding an @notification to the message or by searching for team members and connected integrations with the dropdown menu.

    2. Enter the notification message for your test. This field allows standard Markdown formatting and supports the following conditional variables:

      Conditional VariableDescription
      {{ #is_alert }}Show when the test alerts.
      {{ ^is_alert }}Show unless the test alerts.
      {{ #is_recovery }}Show when the test recovers from alert.
      {{ ^is_recovery }}Show unless the test recovers from alert.
      {{ #is_renotify }}Show when the monitor renotifies.
      {{ ^is_renotify }}Show unless the monitor renotifies.
      {{ #is_priority }}Show when the monitor matches priority (P1 to P5).
      {{ ^is_priority }}Show unless the monitor matches priority (P1 to P5).

    3. Specify how often you want your test to re-send the notification message in case of test failure. To prevent renotification on failing tests, leave the option as Never renotify if the monitor has not been resolved.

    4. Click Create to save your test configuration and monitor.

    For more information, see Using Synthetic Test Monitors.

    One-click

    API test creation suggests endpoints from the Software Catalog and existing API tests to prefill your test form with relevant options. Use existing Datadog data sources such as APM traces, Software Catalog endpoints discovery, and existing similar Synthetic tests created by users.

    Start typing in the API test URL input to get endpoint suggestions or similar tests in Synthetic Monitoring:

    HTTP API Test showing a GET search for an existing API test

    Then, select a suggestion to prefill your test configuration (request options and headers, authentication, and variables):

    Select

    Create local variables

    To create a local variable, click + All steps > Variables. You can select one of the following available builtins to add to your variable string:

    {{ numeric(n) }}
    Generates a numeric string with n digits.
    {{ alphabetic(n) }}
    Generates an alphabetic string with n letters.
    {{ alphanumeric(n) }}
    Generates an alphanumeric string with n characters.
    {{ date(n unit, format) }}
    Generates a date in one of Datadog’s accepted formats with a value corresponding to the UTC date the test is initiated at + or - n units.
    {{ timestamp(n, unit) }}
    Generates a timestamp in one of Datadog’s accepted units with a value corresponding to the UTC timestamp the test is initiated at +/- n units.
    {{ uuid }}
    Generates a version 4 universally unique identifier (UUID).
    {{ public-id }}
    Injects the Public ID of your test.
    {{ result-id }}
    Injects the Result ID of your test run.

    To obfuscate local variable values in test results, select Hide and obfuscate variable value. Once you have defined the variable string, click Add Variable.

    Use variables

    You can use the global variables defined on the Settings page in the URL, advanced options, and assertions of your HTTP tests.

    To display your list of variables, type {{ in your desired field:

    Test failure

    A test is considered FAILED if it does not satisfy one or more assertions or if the request prematurely failed. In some cases, the test can fail without testing the assertions against the endpoint.

    The most common errors include the following:

    AUTHENTICATION_ERROR
    Synthetic Monitoring automatically disables test retries when authentication failures occur. This safety measure remains in effect until you update the test with valid credentials. This prevents unnecessary test executions that would generate false alerts and increase billable usage.
    CONNREFUSED
    No connection could be made because the target machine actively refused it.
    CONNRESET
    The connection was abruptly closed by the remote server. Possible causes include the web server encountering an error or crashing while responding, or loss of connectivity of the web server.
    DNS
    DNS entry not found for the test URL. Possible causes include misconfigured test URL or the wrong configuration of your DNS entries.
    Error performing HTTP/2 request
    The request could not be performed. See the dedicated error page for more information.
    INVALID_REQUEST
    The configuration of the test is invalid (for example, a typo in the URL).
    SSL
    The SSL connection couldn’t be performed. See the dedicated error page for more information.
    TIMEOUT
    The request couldn’t be completed in a reasonable time. Two types of TIMEOUT can happen:
    • TIMEOUT: The request couldn't be completed in a reasonable time. indicates that the request duration hit the test defined timeout (default is set to 60s). For each request only the completed stages for the request are displayed in the network waterfall. For example, in the case of Total response time only being displayed, the timeout occurred during the DNS resolution.
    • TIMEOUT: Overall test execution couldn't be completed in a reasonable time. indicates that the test duration (request + assertions) hits the maximum duration (60.5s).
    MALFORMED_RESPONSE
    The remote server responded with a payload that does not comply with HTTP specifications. This error can happen when remote servers differ in their HTTP support. To prevent issues, run tests with a consistent HTTP version: either HTTP/2 (if available) or HTTP/1.1.

    Permissions

    By default, only users with the Datadog Admin and Datadog Standard roles can create, edit, and delete Synthetic HTTP tests. To get create, edit, and delete access to Synthetic HTTP tests, upgrade your user to one of those two default roles.

    If you are using the custom role feature, add your user to any custom role that includes synthetics_read and synthetics_write permissions.

    Restrict access

    Use granular access control to limit who has access to your test based on roles, teams, or individual users:

    1. Open the permissions section of the form.
    2. Click Edit Access.
    Set permissions for your test from Private Locations configuration form
    1. Click Restrict Access.
    2. Select teams, roles, or users.
    3. Click Add.
    4. Select the level of access you want to associate with each of them.
    5. Click Done.
    Note: You can view results from a Private Location even without Viewer access to that Private Location.
    Access levelView test configurationEdit test configurationView test resultsRun test
    No access
    ViewerYesYes
    EditorYesYesYesYes

    Further Reading

    Additional helpful documentation, links, and articles:

    Introducing Datadog Synthetic MonitoringBLOG more more Introduction to Synthetic TestsLEARNING CENTER more more Get started with HTTP testsDOCUMENTATION more more Run HTTP tests on internal endpointsDOCUMENTATION more more Run multistep HTTP testsDOCUMENTATION more more Learn about Synthetic test monitorsDOCUMENTATION more more