Skip to main content

The Backend API Firewall

Unlike traditional testing tools that rely on brittle UI navigation, Jataka’s API Firewall bypasses the browser entirely. It generates data payloads and pushes them directly via the Salesforce REST/Tooling API.

Overview

The API Firewall is Jataka’s first line of defense. It executes transactions at the API level to catch Governor limit breaches before they can cause production incidents.

How it works

When a PR is opened, Jataka executes the transaction and instantly captures the Sforce-Limit-Info headers.
Fail-Fast Architecture: If the API Firewall detects a Sev-1 limit breach (like 101 SOQL queries), it will instantly block the PR and cancel the Kamikaze UI Pod to save you compute costs.

Limits Caught Automatically

SOQL in Loops

Catches System.LimitException: Too many SOQL queries: 101.

DML in Loops

Catches System.LimitException: Too many DML statements: 151.

Apex CPU Timeouts

Profiles long-running synchronous Apex triggers.

Data Skew Locks

Catches UNABLE_TO_LOCK_ROW errors before production.

Real-time Profiling

Header Analysis

Jataka intercepts and analyzes Salesforce response headers in real-time: 
HTTP/1.1 200 OK
Sforce-Limit-Info: api-usage=47/50000
Sforce-Limit-Info: per-app-api-usage=23/10000

Sub-second Detection

Traditional testing takes minutes. Jataka detects issues in milliseconds:
MetricTraditional ToolsJataka API Firewall
Test Execution2-5 minutes200-500ms
Limit DetectionPost-executionReal-time
Feedback LoopHoursInstant

Code Example: Jataka Report Card

When a limit is breached, Jataka posts this directly to your GitHub PR: 
{
  "status": "CRITICAL",
  "error_type": "SOQL_IN_LOOP",
  "limits_used": {
    "soql_queries": "101/100",
    "cpu_time_ms": "450/10000"
  },
  "recommendation": "Move the [SELECT Id FROM Account] outside of the for loop on line 42 of AccountTrigger.cls",
  "file": "classes/AccountTrigger.cls",
  "line": 42,
  "confidence": 0.95
}

Advanced Features

Custom Thresholds

Configure custom limits for your org’s specific needs: 
# jataka.yml
thresholds:
  soql_queries: 80      # Warn at 80% of 100 limit
  dml_statements: 120   # Warn at 80% of 150 limit
  cpu_time: 8000        # Warn at 80% of 10000ms limit
  heap_size: 6MB        # Custom heap size threshold

Batch Transaction Testing

Test multiple scenarios in parallel: 
jataka test --scenarios create-account,update-opportunity,delete-contact

Historical Analysis

Track limit usage over time: 
jataka trends --metric soql_queries --days 30

Integration Examples

GitHub Actions

name: Jataka API Firewall Test
on: [push, pull_request]

jobs:
  api-firewall:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - name: Run Jataka API Firewall
        run: |
          jataka test --engine api-firewall --fail-on-critical

Slack Notifications

Get instant alerts in Slack when limits are breached: 
integrations:
  slack:
    webhook: https://hooks.slack.com/...
    channels:
      - "#dev-alerts"
      - "#qa-team"
    alerts:
      - critical_limits
      - performance_degradation

Best Practices

Troubleshooting

Common Issue: “API limit exceeded during testing”Solution: Use a dedicated test user or reduce test parallelism to avoid hitting Salesforce API limits during testing.
Performance Tip: Cache test data between runs to reduce API calls and improve test speed.

What’s Next?

Ready to try it? Run jataka test --engine api-firewall --quick to see it in action!