[API Fortress](https://apifortress.com)API Fortress is a continuous testing platform for APIs. We've been a friend to Kong since the beginning. In this guest blog post, we explain how our company uses Kong to facilitate the process of virtualizing APIs.
As more companies adopt microservice architectures and DevOps best practices, APIs play a bigger and bigger role in software development. The explosion of services and APIs makes control platforms like Kong imperative in the new API economy. Many companies want to innovate faster, and the push towards shorter and more effective sprints has made Continuous Integration and Continuous Delivery (CI/CD) a popular practice. This practice requires automated testing, but even companies that haven't implemented instantaneous deployment patterns can still accelerate development by automating API tests.
API Fortress builds tools to automate API testing. Our experience working with customers and their API testing challenges has highlighted a prevalent requirement - mocking APIs. Companies we work with need to mock APIs for three common reasons:
There are many more reasons, but those are three of the most common.
The idea of mocking an API might seem simple, but in practice, the existing options that users had for mocking were limited. Open source libraries take a lot of effort to set up, and existing paid platforms can be overly expensive and sometimes limited. At API Fortress, we believed that a simple, robust option was needed. So we built one.
The experience of creating mocked APIs in our platform is fairly straightforward: users simply copy and paste the payloads into our GUI. But, we wanted to find an even easier route. We wanted our platform to automatically create mocks from live API calls. The goal was to find a method more powerful than recording manual calls that users make from their desktops. We're a platform, after all, so we wanted to take a platform-level approach.
While we were architecting our solution, we realized that Kong could be a critical component to intercept real API calls and responses, which we could then use to generate mocks. 
With our plugin, Kong can capture snapshots of payloads that pass through it and send those snapshots to API Fortress. Our platform can then automatically turn those calls into mocked APIs with the click of a button. One click, and an entire organization has access to virtualized API. Cool, right?
Users can set up API mocking in a few steps, which are described in the API Fortress documentation [here](https://apifortress.com/doc/mocking-services)here.
The basic process is broken into three steps:
Our mocking feature is only available for the on-premises version, but we offer a free 30-day trial. If you'd like to follow along, simply [sign up for an account](https://mastiff.apifortress.com/app/web/login/register)sign up for an account, and our team will help you get a container (Docker/Kubernetes/Open Shift) to deploy. We'll summarize the general steps to use mocking below, which may help you think about your own implementation.
A trial provides you with a few prerequisites for mocking with API Fortress, including:
core/docker-compose.yml (if using Docker, for example), which includes the Kong section at the endinit_kong.shstart_kong.shThe first step is to start Kong and its prerequisites, which include a database. You can use Cassandra or Postgres with Kong, but in our example, we use Postgres, which we provide a preconfigured instance of as part of the API Fortress container.
Next, we need to initialize Kong using the previously mentioned script, init_kong.sh. Once Kong has finished initializing, we can start the Kong container itself. We do this using our provided docker-compose file. After the file runs, you want to check and make sure that the container is running.
We can verify that the proxy is up and running using a cURL command or the HTTP client of your choice. A positive response from this route indicates that the proxy server is up and running. Congratulations! You now have a live proxy server!
Our last step in the setup phase is creating an API Fortress API key. The gif below shows the process.
Every time we create a mock route, we need to point it at the dashboard. The simplest way to do so is to add a wildcard entry to our DNS. If that is not an option, individual DNS entries for each mock route are also an option. If API Fortress is running at apif.example.com, the wildcard entry of *.apif.example.com would point at the same IP address and allow every prepended domain to reach the same server.
In order to proxy an API route, we need to POST a request to the proxy server that contains the following information about the route in the header:
name: The name of the API profileupstream_url: The origin URL, which is the destination that we're passing through the proxy on our way tohosts: A list of hosts that will trigger this API profile, which is formatted as the URL(s) that will trigger the proxied responseThe result is a profile of a proxied API.
Finally, we need to test the proxied route itself. To do so, curl the URL that you previously defined as the host appended with port 8000, accompanied by any key-value pairs you need to submit and necessary routing information. Our expected response should match the response of the endpoint that we're proxying, provided we're passing the correct headers.
As with creating the actual proxied endpoints, creating recorded mocks requires a modification of the DNS. Adding a wildcard entry for the mock server (*.demoapi-mocks.apif.example.com) will allow these requests to be properly routed once the mocks are recorded.
The next step is to activate the fortress-http-log plugin for Kong by sending a POST request to apif.example.com:8001/apis/3389fcee-3ada-4ed6-957b-082085601111/plugins where apif.example.com is the URL of your API Fortress instance.
The request should pass a number of URL-encoded key-value pairs in the body, which are commonly known as post parameters. These values are largely static.
config.api_key: The API Key value created in step 1config.secret: The API Secret value created in step 1config.mock_domain: The mock domain you wish these routes to be appended to in API Fortress Mocking; it does not need to already existOnce the request has successfully been sent, the fortress-http-log plugin for Kong will be active, and mock recording will be enabled!
You can then start recording mocks by calling the proxied API. As always, note that the proxy route in this call must be replaced with the proxy route that you created. The port, in this case, is 8000 (Kong's proxy port) rather than 8001 (Kong's admin API port).
Finally, we can verify the new mock route in two primary ways. First, we should see it in the Mocking interface in API Fortress. Second, we can query the route directly and receive the same expected response to this call that we receive when polling either the actual or the proxied API.
As you can see, Kong plays a central part in our Mock API recording. We're proud to be part of the Kong community and are excited to see the project growing. 1.0 added some particularly interesting features, and we look forward to doing more together in the future.
For the full documentation on mocking with API Fortress and Kong, or to learn more about what we do, please visit us [online](https://apifortress.com/record-mocks-with-api-fortress)online. See you around the Kong community!
After 12 months of hard work, we’re excited to announce the biggest release of Kong Insomnia that we have ever seen: Kong Insomnia 8.0, significantly rebuilt from the ground up and available today in GA. You can get started for free on insomnia.res
[](https://konghq.com/blog/product-releases/insomnia-8-0)
Free collaboration with Postman — a myth On March 1st, 2026, Postman discontinued free collaboration for small teams. Now , Git or Cloud-native collaboration requires a Team plan starting at $19 per person per month. That means even a 3-person team
[](https://konghq.com/blog/enterprise/insomnia-vs-postman-evaluating-api-testing-tools)
So, what exactly is Kong Insomnia? Kong Insomnia is your all-in-one platform for designing, testing, debugging, and shipping APIs at speed. Built for developers who need power without bloat, Insomnia helps you move fast whether you’re working solo,
[](https://konghq.com/blog/engineering/why-kong-insomnia-is-developers-preferred-api-client)
In this article, we're going to build a fun and simple gRPC server in Node.js. Then we'll demonstrate how to use Insomnia to make gRPC requests on our server. First, let's briefly cover some core tech concepts. If you're already familiar with the ba
[](https://konghq.com/blog/engineering/insomnia-grpc)
API endpoints are like the doors to a web service. Through these endpoints, we can enter and talk to a web service and be shown where and how we can gain access to whatever it is the server has. This process allows separate pieces of software to swa
[](https://konghq.com/blog/learning-center/guide-to-api-endpoints)
Introducing Insomnia Today we are excited to welcome Insomnia to the team at Kong! Insomnia has been on our radar at Kong for quite some time. I was first introduced to Insomnia and Greg in the early days of the project, and I am proud to have bee
[](https://konghq.com/blog/news/kong-acquires-insomnia)
We've been all ears. Your workflows clearly told us what mattered most: tabs that adapt to how you actually work, Git commits you can actually understand, and admin controls that don't require a manual to navigate. Insomnia v12.4 discards the fricti
[](https://konghq.com/blog/product-releases/insomnia-12-4)