Last reviewed: 2026-05-08

Key takeaways

  • Treat a chat completions smoke test as a small, repeatable production-readiness check, not as a one-time manual request.
  • Validate four layers separately: credentials, request schema, response parsing, and operational behavior under failure.
  • Use the CometAPI API documentation and the chat completions reference page as the source of truth for current endpoint shape and request fields: https://apidoc.cometapi.com/ and https://apidoc.cometapi.com/api-13851472.
  • Monitor signals that help you distinguish client-side mistakes from provider-side or network issues: status codes, latency, timeout rate, retry rate, response-shape failures, and fallback activation.
  • Keep thresholds in this checklist as starting examples to tune for your application, traffic profile, and user experience requirements.
  • For broader integration guidance, see the CometAPI tutorials index at /sites/cometapi-tutorials/ and recent tutorial posts at /sites/cometapi-tutorials/posts/.

Concise definition

A CometAPI chat completions smoke test is a minimal, repeatable request-and-assertion workflow that confirms your application can authenticate with CometAPI, send a valid chat completions request, parse the response, record operational telemetry, and handle common failure paths before or during production use.

A smoke test does not prove full quality, accuracy, or uptime. It answers a narrower question: “Is this integration basically working right now, and are the right monitoring signals being captured if it stops working?”

Scope of this checklist

Use this checklist when you are:

  • Connecting an application to CometAPI chat completions for the first time.
  • Rotating API keys or moving secrets between environments.
  • Deploying a new model-routing, retry, timeout, or fallback layer.
  • Investigating whether an incident is caused by request formatting, authentication, network behavior, or downstream response handling.
  • Creating a scheduled health check that runs outside the main application path.

Before implementing the test, confirm the current CometAPI request requirements in the official API documentation at https://apidoc.cometapi.com/ and the chat completions endpoint reference at https://apidoc.cometapi.com/api-13851472. If the behavior you observe differs from the documentation, use the CometAPI help center as the support and escalation starting point: https://apidoc.cometapi.com/help-center.

Smoke test checklist

1. Confirm environment and secret wiring

Validate these items before sending a request:

  • The application is using the intended environment variable or secret name.
  • The API key is present at runtime and is not an empty string.
  • The key is not logged in plaintext.
  • The base URL is the expected CometAPI API base from the current documentation.
  • The deployment environment is the intended one, such as local, staging, or production.
  • Your HTTP client timeout is explicit rather than relying on an unknown library default.

Practical validation steps:

  1. Print a redacted secret presence check, such as COMETAPI_API_KEY present: yes.
  2. Log the configured base URL without including credentials.
  3. Run the smoke test from the same network path used by the application, not only from a developer laptop.
  4. Confirm that failed authentication is observable as a distinct error class in logs and metrics.

Do not log bearer tokens, full request headers, or user prompts containing sensitive data.

2. Validate a minimal chat completions request

A good smoke-test request should be small, deterministic, and low-risk. It should not include private user data, production documents, or long prompts.

Sanitized curl-style example:

curl -sS -X POST "$COMETAPI_BASE_URL/v1/chat/completions" \
  -H "Authorization: Bearer $COMETAPI_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "model": "REPLACE_WITH_A_SUPPORTED_MODEL_FROM_DOCS_OR_CONFIG",
    "messages": [
      {
        "role": "system",
        "content": "You are a concise test responder."
      },
      {
        "role": "user",
        "content": "Reply with exactly: cometapi-smoke-test-ok"
      }
    ],
    "temperature": 0
  }'

Validation assertions:

  • The request is sent to the documented chat completions path.
  • The Authorization header is present and redacted in logs.
  • The request body is valid JSON.
  • The messages array contains at least one user message.
  • The configured model value comes from your approved configuration and is verified against current documentation or your account configuration.
  • The test prompt contains no customer data.

The CometAPI chat completions reference page should be checked for current request shape and supported fields before relying on this sample in production: https://apidoc.cometapi.com/api-13851472.

3. Validate response shape, not just HTTP success

A smoke test that only checks 2xx is too weak. Also assert that your application can parse the response format it expects.

Suggested response checks:

  • HTTP status is successful.
  • Response body is parseable JSON.
  • The expected assistant message field exists.
  • The assistant content is non-empty.
  • The response can be mapped into your internal application object without throwing an exception.
  • Usage or metadata fields, if consumed by your application, are handled defensively when absent or changed.
  • Unexpected extra fields do not break parsing.

Example assertion strategy:

  • Hard requirement: the response has at least one assistant output your parser can read.
  • Soft requirement: the output contains the expected smoke-test phrase.
  • Diagnostic-only: capture response ID, status code, elapsed time, and sanitized error body when available.

Do not make the smoke test depend on broad semantic quality. For example, checking whether the model wrote a brilliant answer is not a smoke test. Checking whether the integration can complete a small request and parse the response is.

4. Monitor latency and timeout behavior

For chat completions, latency can vary by model, prompt size, network path, and response length. Use the following as example starting points to tune:

  • Client-side timeout: choose an explicit value appropriate for your user experience.
  • Warning latency threshold: for example, alert when p95 latency exceeds your normal baseline by a chosen percentage.
  • Timeout rate threshold: for example, investigate if timeout rate increases above your historical baseline for more than one monitoring window.

Signals to capture:

  • Request start time and end time.
  • Total duration.
  • DNS/connect/TLS timing if your HTTP stack exposes it.
  • Server response time if provided.
  • Timeout count.
  • Retry count.
  • Final outcome after retries.

Practical validation steps:

  1. Run the smoke test once from local development.
  2. Run it from staging or the production-like environment.
  3. Compare latencies across environments.
  4. Confirm the monitoring dashboard can show latency percentiles, not only averages.
  5. Confirm timeouts appear as timeouts, not generic unknown errors.

5. Monitor status codes and error classes

Track status codes and application-level error categories separately. This makes triage faster.

Recommended categories:

CategoryWhat it usually indicatesWhat to validate
Authentication or authorization failureMissing, expired, malformed, or unauthorized credentialSecret presence, header formatting, key scope
Bad requestInvalid JSON, invalid field, unsupported parameter, or request-shape issuePayload schema and current endpoint docs
Rate limiting or quota-related responseRequest volume or account limits may be involvedBackoff behavior and usage patterns
TimeoutNetwork, provider latency, prompt size, or client timeout issueTimeout value, retry policy, prompt size
5xx or upstream failureService-side, dependency, or network issueRetry and fallback behavior
Parse failureApplication expected a different response shapeParser resilience and response contract

Keep the raw error body only when it is safe to store. Redact prompts, keys, user identifiers, and any sensitive content before logs leave the application boundary.

6. Validate retry behavior

Retries should be deliberate. A smoke test should confirm that your retry layer does not amplify failures.

Check:

  • Retries are disabled for clearly invalid requests, such as malformed JSON.
  • Retries are limited by a maximum attempt count.
  • Retries use backoff rather than immediate tight loops.
  • Timeout settings apply per attempt and to the overall operation where appropriate.
  • Logs include the attempt number.
  • Metrics record both original failures and final outcome.

Example starting policy to tune:

  • Retry only transient classes such as selected timeouts or 5xx responses.
  • Use a small maximum attempt count, such as 2 or 3, for interactive requests.
  • Add jitter to avoid synchronized retry bursts.

These are example operational patterns, not universal thresholds. Tune them to your application’s latency budget and failure tolerance.

7. Validate fallback behavior

If your application uses a fallback model, provider route, cached answer, or degraded response, test that path explicitly.

Fallback validation steps:

  1. Configure a controlled failure mode in staging, such as an intentionally invalid model name in a non-production configuration.
  2. Confirm the primary request fails in the expected category.
  3. Confirm the fallback path activates only for intended error classes.
  4. Confirm the user-facing response is clearly safe and appropriate.
  5. Confirm metrics record both the primary failure and fallback success or failure.
  6. Confirm fallback does not hide incidents from alerting.

Recommended fallback signals:

  • primary_request_failed
  • fallback_attempted
  • fallback_succeeded
  • fallback_failed
  • fallback_reason
  • final_user_visible_status

Fallback should improve resilience, not erase visibility.

8. Validate token and prompt-size safeguards

Even if the smoke test is intentionally small, production traffic may include longer prompts. Your test suite should include a separate validation for prompt-size handling.

Check:

  • Your application enforces maximum input length before sending requests.
  • Very long inputs are rejected, summarized, chunked, or routed through an approved workflow.
  • The application handles provider errors for oversized requests gracefully.
  • Token budget assumptions are configuration-driven, not hard-coded in many places.
  • The user receives a helpful message when input is too large.

Avoid publishing fixed token limits unless they come from the current endpoint documentation or your own verified configuration. The official documentation at https://apidoc.cometapi.com/ should be treated as the place to verify current API behavior.

9. Validate observability fields

At minimum, emit one structured event per chat completion attempt.

Suggested fields:

  • event_name
  • environment
  • service_name
  • operation, such as chat_completions
  • request_id or internal correlation ID
  • provider_response_id, when available and safe to store
  • model_config_key, not necessarily the raw provider model name if you abstract it
  • http_status
  • error_class
  • duration_ms
  • timeout_ms
  • retry_attempt
  • final_attempt
  • fallback_used
  • success
  • redaction_applied

Do not store raw prompts or completions by default unless your privacy, retention, and compliance requirements allow it.

10. Validate alerting

The smoke test is most useful when it can trigger a meaningful alert.

Example alert conditions to tune:

  • Scheduled smoke test fails more than once in a short window.
  • Authentication failures appear after a deploy or secret rotation.
  • p95 latency rises materially above the service baseline.
  • Timeout rate increases above normal.
  • Response parse failures occur after an SDK, parser, or API-change deployment.
  • Fallback usage increases suddenly.

Each alert should include:

  • A short title.
  • Environment.
  • Affected service.
  • Last known status code or error class.
  • Correlation ID or smoke-test run ID.
  • Link to logs or dashboard.
  • Link to runbook.
  • Escalation target.

For editorial and runbook planning standards on this satellite site, see /sites/cometapi-tutorials/editorial/.

Use this runbook whenever the scheduled check fails.

Step 1: Confirm whether the failure is reproducible

  • Re-run the smoke test once from the same environment.
  • Run it from a second environment if available.
  • Compare the error class and status code.

If only one environment fails, investigate environment-specific configuration, DNS, firewall, egress, proxy, or secret injection.

Step 2: Check recent changes

Review:

  • Deployments.
  • Secret rotations.
  • Model configuration changes.
  • HTTP client or SDK upgrades.
  • Retry, timeout, or fallback policy changes.
  • Network egress changes.

Step 3: Compare request shape against documentation

Open the current API docs and endpoint reference:

Check whether your request path, headers, JSON fields, and response parsing assumptions still match the published reference.

Step 4: Isolate authentication

Run a controlled test with a known-good key from a secure environment. Do not paste keys into shared tickets or chat tools. If the key was rotated recently, confirm the running process actually received the new value.

Step 5: Isolate parser failures

If the HTTP request succeeds but the application fails:

  • Capture a sanitized sample response.
  • Confirm the parser can handle optional or missing fields.
  • Confirm the application is not assuming array indexes without checking length.
  • Confirm downstream business logic accepts the parsed object.

Step 6: Escalate with useful evidence

If internal checks do not resolve the issue, use the CometAPI help center: https://apidoc.cometapi.com/help-center.

Collect:

  • Approximate time window, including timezone.
  • Environment.
  • Endpoint path.
  • HTTP status code.
  • Sanitized error body.
  • Correlation ID or response ID if available.
  • Whether retries occurred.
  • Whether fallback occurred.
  • Confirmation that secrets and prompts were redacted.

Monitoring signals checklist

Use this checklist when building dashboards or alerts.

Availability signals

  • Scheduled smoke-test success rate.
  • Production chat completions success rate.
  • Failure count by status code.
  • Failure count by error class.
  • Consecutive failed smoke-test runs.
  • Regional or environment-specific failures if applicable.

Latency signals

  • p50 latency.
  • p90 latency.
  • p95 latency.
  • p99 latency for incident review.
  • Timeout count.
  • Timeout rate.
  • Duration by model configuration or route.

Reliability signals

  • Retry attempts per request.
  • Final failure after retry.
  • Fallback activation rate.
  • Fallback success rate.
  • Circuit-breaker open events, if used.
  • Queue depth, if requests are processed asynchronously.

Correctness signals

  • Response parse failure rate.
  • Empty assistant-message rate.
  • Unexpected response-shape count.
  • Application validation failure count.
  • User-visible error count.

Safety and privacy signals

  • Secret redaction checks in logs.
  • Prompt logging disabled or policy-controlled.
  • Sensitive-field redaction success.
  • Access to stored logs restricted.
  • Retention policy applied.

Cost-control and budget signals

Because this article is based on public documentation links and not a pricing source, avoid assuming current prices. Still, you can monitor usage-control indicators:

  • Request count.
  • Prompt-size distribution.
  • Output-size distribution.
  • Requests blocked by input-size policy.
  • Requests routed to fallback or degraded mode.
  • Unexpected traffic spikes.

Minimal pass/fail criteria

A practical smoke test can use these pass/fail gates:

GatePass condition
AuthenticationRequest is accepted with the intended credential
Request formatJSON body matches the documented endpoint shape
Response statusHTTP result is successful
Response parsingApplication extracts a non-empty assistant message
ObservabilityStructured event records status, duration, and outcome
Error handlingKnown failure mode produces a classified, redacted error
Retry policyRetries occur only for intended transient failures
Fallback policyFallback activates only when configured and is visible in metrics
AlertingA failed smoke test can trigger an actionable alert

Common mistakes to avoid

  • Using a production customer prompt as a health check.
  • Logging full bearer tokens or unredacted request headers.
  • Treating one successful manual curl request as production readiness.
  • Failing to test parser behavior.
  • Retrying malformed requests.
  • Hiding fallback activations from alerts.
  • Setting timeouts only in infrastructure but not in the application client.
  • Depending on fixed model names without a configuration review process.
  • Publishing pricing, availability, or benchmark claims that are not backed by current documentation.

FAQ

How often should a CometAPI chat completions smoke test run?

For production, many teams run a scheduled smoke test frequently enough to detect integration failures before users report them. The exact interval should reflect your traffic level, incident-response expectations, and tolerance for synthetic requests. Also run the test after deployments, secret rotations, and configuration changes.

Should the smoke test use the same prompt every time?

Usually yes. A stable, non-sensitive prompt makes failures easier to compare across runs. Keep it short and deterministic. Do not use private customer data.

Is an HTTP 200 response enough to pass?

No. Also verify that the response body is parseable and contains the assistant output your application expects. A status-only check can miss parser and response-contract failures.

Should I test fallback in production?

Prefer controlled fallback tests in staging. In production, monitor whether fallback occurs naturally and ensure alerts do not ignore it. If you run production fallback tests, keep them safe, low-volume, and clearly labeled as synthetic.

Where should I verify the current endpoint details?

Use the CometAPI documentation home and the chat completions endpoint reference as the current source of truth: https://apidoc.cometapi.com/ and https://apidoc.cometapi.com/api-13851472.

What should I include when escalating an issue?

Include the time window, endpoint, status code, sanitized error body, environment, correlation ID, retry behavior, fallback behavior, and confirmation that secrets and sensitive prompts were removed. The CometAPI help center is available at https://apidoc.cometapi.com/help-center.

Sources checked

  • https://apidoc.cometapi.com/ — Accessed 2026-05-08. Purpose: verify the official CometAPI documentation entry point and use it as the source of truth for current API behavior.
  • https://apidoc.cometapi.com/api-13851472 — Accessed 2026-05-08. Purpose: verify the chat completions endpoint reference location for request and response details.
  • https://apidoc.cometapi.com/help-center — Accessed 2026-05-08. Purpose: identify the support/help-center location for escalation guidance when smoke-test failures cannot be resolved internally.