IZ Analyzer – Scanning API Projects

Written by:
Published on May 7, 2021

IZ Analyzer – Scanning API Projects

In an API and microservices world, the quality of the deliverable becomes paramount – since a weak link can break the whole chain.

In the previous blog posts, we had seen how Mulesoft code implementations could be quality tested in an automated manner with IZ Analyzer.

Now with API Analyzer plugin, APIs can be quality tested in an automated manner. Make sure that only the quality integration without security issues/vulnerability will make it through the quality gate. API Analyzer plugin supports scanning multiple APIs within the same project. Supported versions include –

  • RAML 0.8
  • RAML 1.0
  • OAS / Swagger 2.0
  • OAS 3.0

Scanning using Anypoint Studio plugin



Make sure you have –

On The Fly Results

  • Navigate to WindowPreferencesIZ Preferences, provide the appropriate Service Url
  • Click on Sync Metadata to sync the Organizations and available Quality Profiles
  • Select desired API Analyzer Quality profile
scan api
  • Navigate to Window Show ViewotherIZ Analyzer → select On the Fly Results
  • Open the API (RAML or OAS) file to view the results
scan api
  • More information about scanning projects in Anypoint Studio can be found here.

Scanning using Sonar Scanner

API projects can be scanned using sonar scanner to view the scan results in web dashboard. More details on scanning the project using CLI can be found here.

API Analysis dashboard after a successful scan would look similar to –

scan api

Details of issue displaying the exact file and line numbers –

scan api

Choosing between multiple APIs

If a project contains multiple APIs, all the available APIs will be scanned. There might be certain scenarios where we need to scan specific APIs instead of all.

Specific APIs can be included or excluded by using analyzer-apis.json file. Create a file called analyzer-apis.json in the project root directory and specify the required APIs to be scanned.

In the example below, only api_1.raml and api_2.raml will be considered during analysis.

  "apis": [

End Note

Hope you found this article interesting. Do drop us a comment below with your inputs, views, and opinions regarding scanning API projects using IZ Analyzer.

Try API Analyzer for Free

You can try our online free scanner to get a quick report of all quality issues in your API project.

Try Now – https://analyzer.integralzone.com/try

Book Online Demo – https://integralzone.com/book-online-demo/

Leave a Reply

Your email address will not be published. Required fields are marked *

Other Blog Posts

Other Blog Posts

Code Quality Reviews: Annual Trend Survey Report : 2022

About the Survey Integral Zone launched its first 2022 Annual Trend Survey on Code Reviews in the month of January. The survey was answered by over a hundred senior decision-makers worldwide. The concept of code reviews is subjective. Organizations adhere to different standards, with no common protocol. By bringing in data from a variety of …

Read more

The Ultimate guide to Creating custom rules to validate Bitbucket repository with IZ Analyzer- Part 2

In the previous blog The Ultimate guide to Creating custom rules to validate Bitbucket repository with IZ Analyzer- Part1, we have already created a custom rule to validate if the repository is created in BitBucket. In this post, let us look at creating a custom AutoFix definition to create a new repository in BitBucket if …

Read more

The ultimate guide to Creating custom rules to validate Bitbucket repository with IZ Analyzer- Part 1

Overview IZ Analyzer is the most popular automated code quality analysis tool for MuleSoft and API (RAML and OAS) projects. It comes with over 200 pre-built rules aligned to industry best practices. In addition to the pre-built rules, project teams can define organization specific rules by using Custom Rules: one of our most exciting features. …

Read more