IZ Analyzer – Scanning API Projects

Written by:
Published on May 7, 2021

IZ Analyzer – Scanning API Projects

In an API and microservices world, the quality of the deliverable becomes paramount – since a weak link can break the whole chain.

In the previous blog posts, we had seen how Mulesoft code implementations could be quality tested in an automated manner with IZ Analyzer.

Now with API Analyzer plugin, APIs can be quality tested in an automated manner. Make sure that only the quality integration without security issues/vulnerability will make it through the quality gate. API Analyzer plugin supports scanning multiple APIs within the same project. Supported versions include –

  • RAML 0.8
  • RAML 1.0
  • OAS / Swagger 2.0
  • OAS 3.0

Scanning using Anypoint Studio plugin



Make sure you have –

On The Fly Results

  • Navigate to WindowPreferencesIZ Preferences, provide the appropriate Service Url
  • Click on Sync Metadata to sync the Organizations and available Quality Profiles
  • Select desired API Analyzer Quality profile
scan api
  • Navigate to Window Show ViewotherIZ Analyzer → select On the Fly Results
  • Open the API (RAML or OAS) file to view the results
scan api
  • More information about scanning projects in Anypoint Studio can be found here.

Scanning using Sonar Scanner

API projects can be scanned using sonar scanner to view the scan results in web dashboard. More details on scanning the project using CLI can be found here.

API Analysis dashboard after a successful scan would look similar to –

scan api

Details of issue displaying the exact file and line numbers –

scan api

Choosing between multiple APIs

If a project contains multiple APIs, all the available APIs will be scanned. There might be certain scenarios where we need to scan specific APIs instead of all.

Specific APIs can be included or excluded by using analyzer-apis.json file. Create a file called analyzer-apis.json in the project root directory and specify the required APIs to be scanned.

In the example below, only api_1.raml and api_2.raml will be considered during analysis.

  "apis": [

End Note

Hope you found this article interesting. Do drop us a comment below with your inputs, views, and opinions regarding scanning API projects using IZ Analyzer.

Try API Analyzer for Free

You can try our online free scanner to get a quick report of all quality issues in your API project.

Try Now – https://analyzer.integralzone.com/try

Book Online Demo – https://integralzone.com/book-online-demo/

Leave a Reply

Your email address will not be published. Required fields are marked *

Other Blog Posts

Other Blog Posts

Customer Success Stories: Why IZ Analyzer Is a Game Changer

IZ Analyzer, a dynamic code analysis tool, has garnered significant praise from a diverse range of clients, each with their own unique perspectives on what makes it stand out. Client Feedback: A Deep Dive Client from a Fortune 500 beverage manufacturing: Specialized MuleSoft Code Scanning For this global leader in the beverage industry, the specialization …

Read more

MuleSoft Runtime Code Scanning – Why Do You Need It?

One of the most frequently asked questions is if we have static code analysis and a well defined DevOps process, why would we need run time code analysis? In this article, let’s explore the differences between the two and why you might want to have runtime code analysis (and IZ Runtime Analyzer) even if you have …

Read more

Ensuring Software Quality in Healthcare: Leveraging IZ Analyzer for MuleSoft Code Scanning 🏥💻

Ensuring software quality in the healthcare industry is a top priority, with direct implications for patient safety, data security, and regulatory compliance. Healthcare software development requires adherence to specific rules and best practices to meet the unique challenges of the industry. In this blog post, we will explore essential software quality rules specific to healthcare …

Read more