API Testing

1.Application Program Interface

An application program interface (API) is a set of routines, protocols, and tools for building software applications. Basically, an API specifies how software components should interact, like a gateway directing each request to its corresponding destination. There are many types of API and you can more details here (dont go here now, you may get overwhelmed and lost).

2.Testing API

API testing is similar to testing any front-end application but without any pretty GUI. While testing any software aplication which is integrated with any API, testing API for that application will be part of Integration testing. Testing API during inital stages of application of SDLC and having it automated from then on makes the application more stable and can prevent the errors to reach client.

They are tons of tools to do all this here are few with details. But, we will get started with Postman

3.Requests

1.GET - As simple as “GET me food”. A request for some specific data.

2.POST - Consider it as user trying to send(POST) some data to the application. So API expects some sort of Body(data) in this request.

3.PUT - Whatever you POSTed in the POST can be updated here in PUT. So API expects some sort of Body(of existing data) in this request.

4.DELETE - As word says just “get rid of it”. Here also API expects some sort of Body(of existing data) to get rid of.

These requests can be put together into a collection(folder) can be executed. With javascript in these requests we can read and write data to acheive desired workflow.

4.Testing with Postman

Assuming you have downloaded Postman by now, we can get started on putting a collection together to do a test for a basic workflow. Here user tries to Login and get some basic data after login.

1.Login - To login to any application user must provide credentials to the application which means, the application is expecting some data which is to be sent in a POST request.(you might be wondering where to send), so answer is, connect to any api we just use a URL that was designed and provided in some sort of documentation like Swagger UI which gives you more details on what type of request is expecting certain type of body and type of expected response.

So, in order to have you authenticated and get you more information on next request we need some kind of token(like access-ID). Lets call this variable(because it keeps changing), we have to read this variable say token from the response of the POST request. To do that we will write a small javascript block that will read the token and save it in something called environment (top right corner). We will write this block of code in Tests section.

postman.setEnvironmentVariable(“environment variable value”,responseJSON.data.id);

To know more about the types of data to be passed in body, here are more details.

2.Get Information - To get more information like Mail for example from your next request after logging in can be made by using GET request, however API has to make sure before retreiving data that your request is actually authenticated(that we did in our first request). So, API is expecting a token that we received from the Login request to be sent along with the GET request and that can be done by passing token that we saved to environment in the header as .

3.Validating received data - The response body contains lot of data that we should validate atleast few specific entities based on our requirements. That can be done by adding JavaScript code in the Test module of your request.

All the requests are based on HTTP. This gives us more details on how the requests and responses should be. More to come.