Consumer-driven contracts
Consumer-driven contracts (CDC) is a testing pattern where API consumers define their expectations of an API in formal contract files, and the API provider runs these contracts as part of its test suite to ensure it never violates consumer expectations. Tools like Pact implement CDC for REST APIs and gRPC. Unlike provider-defined API schemas (OpenAPI), CDC captures what consumers actually use — not all theoretically valid requests.
Why it matters in practice
CDC solves the backwards compatibility verification problem that SemVer labels alone cannot. A provider can declare a change "non-breaking" while inadvertently removing a field that 3 of its 40 consumers depend on. With CDC, those consumers' contract tests fail immediately when the provider's test suite runs, before any deployment. This is particularly valuable for platform teams managing shared internal APIs with many downstream consumers — each consumer team owns their contract, and the platform team runs all contracts on every pull request.
Common mistakes
- •Letting contract tests become stale — CDC only works if consumers update their contracts when their actual usage changes.
- •Using CDC for public APIs where you cannot require consumers to maintain contracts — CDC is most effective for internal APIs with known, cooperating consumers.
- •Treating CDC as a replacement for integration tests — contracts verify compatibility, not end-to-end correctness.