Post
Ask Question

API Testing

Application programming interfaces(API)

API stands for Application programming interfaces. API helps in data exchange/communication between two software applications/systems.

API acts as an interface that allows communication between two software applications.

How does API work

API works in a client-server architecture. When a client makes a request to a server first the request goes to the API, API will check the corresponding response from the server and serves it to you.

Take an example of booking a flight using goibibo application, For booking a flight we provide the source and destination, and travel dates, after providing it the application searches and displays the list of flights available.

The goibibo application uses the respective airlines API and displays the details of the availability of flight in the goibibo application

Web Services

Web Services works as a client-server application or application component for communication.

The method of communication between two devices over the network.

It is a collection of standards or protocols for exchanging information between two devices or applications.

Two ways web services can be implemented are

  •     REST
  •     SOAP

Both API and Web Services definition looks similar right? The main difference are

WebServices will always be accessible over the internet

Not all APIs are accessible over the internet

So all Webservices are APIs, but not all APIs are Web services.

API Testing

  • API testing is a type of software testing that involves testing application programming interfaces (API's).
  • API testing is a part of integration testing.
  • API testing, our focus is on the Business Logic Layer of the software architecture.

When you look at the test pyramid, Integration testing stands second, so more focus on testing should be given to it by the testers.

  •   Unit Tests
  •   Integration Tests
  •   User Interface Tests

In Agile testing environment, API testing is considered a more important and suitable form of testing because API Testing handles complex functionality. Quick feedbacks in shorter iterations

We verify the below following aspects in the API testing,

  1. Response time of an API Request
  2. Quality and Accuracy of Data.
  3. Need to check the authorization of the request.
  4. HTTP status code and error codes.
  5. Valid error message in the response when resource is not found in the server.

Types of API Testing

  • Unit testing testing
    • The smallest piece of code that can be logically isolated in a system
  • Functional testing
    • Functional testing is a type of testing that seeks to establish whether each application feature works as per the software requirements.
  • Load testing
    • Load Testing determines a system behavior under both normal and anticipated peak load conditions
  • Security testing
    • Software Testing that uncovers vulnerabilities, threats, risks in a software application and prevents malicious attacks from intruders.
  • Interoperability testing
    • Checks functionality relationship between two software systems as per the requirement of end users.
  • Penetration testing
    • A simulated cyber attack was made against the system to evaluate its vulnerabilities
  • Fuzz-testing
    • Software testing method that injects invalid, malformed unexpected inputs into system and sees the vulnerabilities in the system

Protocols used in API testing are

  • HTTP
  • REST
  • SOAP
  • JMS
  • UDDI

Tools used for API testing are:

  • Postman
  • Katalon Studio
  • SoapUI
  • Restassured

Before starting API testing we need the API contract details. Contract details means documentation of the API, it will tell how to use the API, what is the HTTP method type, response code, etc

Components of an HTTP request

  • HTTP method like GET, PUT, POST, DELETE.
  • Uniform Resource Identifier (URI)
    • URI is the identifier for the resource on the server.
  • Endpoint
    • Endpoint to be tested
  • HTTP version
    • Indicate the HTTP version like HTTP V1.1.
  • Request Header
    • Request Header carries metadata for the HTTP request message. Metadata could be a client type, format supported by the client, format of a message body, cache setting, etc.
  • Request Body
    • Resource body indicates message content or resource representation.
  • Query param
    • Defines the resouce location
  • path param
    • Defines the sorting, and filtering operation to be performed on API response
  • authorization:
    • Checks whether the client has access to read/write resource.

API example

https://reqres.in/api/users/2

URI here is https://reqres.in

Endpoint is api/users

path param is 2

Example two

https://reqres.in/api/users?page=2

?page=2 is query param

Summary

This article provides an overview of API Testing and its type and necessary components required to perform API Testing.

Thank you

Happy learning.


Similar Articles