Skip to main content

Playbook: Onboard a Project

Set up a complete project with environments, targets, and initial tests — all via API.

AI Prompt

"Using the Proofarc API at https://app.proofarc.ai, onboard a new project called 'My Service'. The API runs at http://my-service:8080 with Swagger at /v3/api-docs. Set up dev and staging environments with the target in both. Create a basic CRUD test scenario and run it."

Steps

1. Authenticate

TOKEN=$(curl -s $BASE_URL/api/auth/login -X POST \
-H "Content-Type: application/json" \
-d '{"username":"admin","password":"your-password"}' | \
python3 -c "import sys,json;print(json.load(sys.stdin)['token'])")

2. Create the project

PROJECT=$(curl -s -X POST -H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
$BASE_URL/api/projects \
-d '{"name":"My Service","description":"User management API"}')

PROJECT_ID=$(echo $PROJECT | python3 -c "import sys,json;print(json.load(sys.stdin)['id'])")

3. Add targets to environments

# Development environment (id=1)
curl -s -X POST -H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
$BASE_URL/api/environments/1/targets \
-d '{
"name":"My Service API",
"targetType":"REST_SERVICE",
"baseUrl":"http://my-service:8080",
"swaggerPath":"/v3/api-docs",
"healthcheckPath":"/actuator/health",
"appTag":"my-service"
}'

# Staging environment (id=2)
curl -s -X POST -H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
$BASE_URL/api/environments/2/targets \
-d '{
"name":"My Service API",
"targetType":"REST_SERVICE",
"baseUrl":"http://my-service-staging:8080",
"swaggerPath":"/v3/api-docs",
"appTag":"my-service"
}'
# Link to dev and staging
curl -s -X POST -H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
$BASE_URL/api/projects/$PROJECT_ID/environments \
-d '{"environmentId":1}'

curl -s -X POST -H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
$BASE_URL/api/projects/$PROJECT_ID/environments \
-d '{"environmentId":2}'

5. Create API test scenario

curl -s -X POST -H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
$BASE_URL/api/scenarios \
-d '{
"name":"My Service Smoke Test",
"projectId":'$PROJECT_ID',
"environmentId":1,
"baseUrl":"http://my-service:8080",
"appTag":"my-service",
"steps":[
{
"stepOrder":1,
"name":"Health check",
"httpMethod":"GET",
"endpointPath":"/actuator/health",
"expectedStatusCodes":[200]
},
{
"stepOrder":2,
"name":"Swagger available",
"httpMethod":"GET",
"endpointPath":"/v3/api-docs",
"expectedStatusCodes":[200]
}
]
}'

5b. Wire auth (only if the app requires authentication)

If the application is marked AUTHENTICATED, execution is refused with a clear HTTP 400 until a usable auth source exists. Pick one:

  • Public-only first run (e.g. the health check above): add "allowUnauthenticated":true to the execute body in step 6.

  • Protected endpoints: seed a credential and, for username/password, the login endpoint:

    # Seed the credential
    curl -s -X POST -H "Authorization: Bearer $TOKEN" -H "Content-Type: application/json" \
    $BASE_URL/api/environments/1/auth-config/credentials \
    -d '{"tag":"admin","username":"admin","password":"admin123","isDefault":true}'

    # Tell the environment how to log in (skip if the credential is a static token / API key)
    curl -s -X PUT -H "Authorization: Bearer $TOKEN" -H "Content-Type: application/json" \
    $BASE_URL/api/environments/1/auth-config/auth-endpoint \
    -d '{"type":"BEARER","loginEndpoint":"/auth/login","tokenJsonPath":"$.accessToken"}'

    Then pass "credentialTag":"admin" in the execute body. See API Authentication for the full matrix.

6. Execute and check results

# Execute
curl -s -X POST -H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
$BASE_URL/api/scenarios/1/execute \
-d '{"tags":["onboarding"]}'

# Wait 10 seconds, then check
sleep 10
curl -s -H "Authorization: Bearer $TOKEN" \
$BASE_URL/api/scenarios/1/executions

Result

You now have:

  • A project with dev + staging environments
  • API target configured with Swagger and health check paths
  • A smoke test scenario that validates the API is reachable
  • First execution results

Next: Create CRUD tests from Swagger