Postman:

1tier architecture:

Client and server in same machiene

2 tier architecture:
Client in separate machiene and database in another

3 tier architecture:

Client,business login, databse

We directly do testing on api. In real time environment they will develop data base first, then api. then
web(ui )

If you do 80 % of testing on API, only we have to do 20% of testing on web.

Ex:
Here make my trip is connected with different airlines APIs. Make my trip doesn’t have APIs

Like google map is using by Ola, Uber etc.

And you logging in some sites with Gmail account or face book account.
SOAP is not using now a days. very few companies are using. SOAP supports only xml format for
communication.

2nd one supports xml Json, text, html etc.

If you place API on the internet, then it is called web service.

APIs does not need internet to run. Once it is in production then it is web service.it needs internet.

Rest API methods/HTTP request methods

Get- to get the response

Post- sending the data to store in database.

Put –to update existing data

Delete- to delete the data from data base

In https data is encrypted.

Here https is protocol, host is domain, rest is path to page.

Resource is which is available in the server. End point is the path. Scheme +host called server.

Here payload is the data. Request payload means what we request and response payload means what it
returns.

Development team send only end point not the complete URL

Some people called it a URL and some people call the total link as URI.

https://reqres.in/ to check requests below, response will come in the json format.

Here request is the end point , above link is host

Here you can get the data using browser also by combining host and endpoint. But this is only for get
request. We can not use browser for other requests
For post request we send data to store using request payload and we get some response using response

Payload.
If we send some request we get some response data to verify status code, cookies,headers etc.
Session2:

Postman –API testing tool.

Supports desktop and web version . we can use tool of both versions.

First you need to create account.

Create a workspace. Where we maintain all the files and information, test data etc.

Create a workspace
Click on new->select workspace

Select workspace type and click n next

Give name and select other settings you want.

Click on create.

If you don’t have existing workspace , new button will not display. Click on workspace->give name and
click on create workspace.
If you want to delete workspace, click on workspace and right side select settings. Below we get delete
workspace.
Give the workspace name to delete and click on delete button.

Rename:
Click on workspace in right panel. It will allow to rename

Collection:

Contains no of folder and HTTP requests. Under collection we can create new collection, rename and
delete. We can run the collection. We can create any no of collections under workspace. Without
collection we cannot create folder and http requests.

Click on create collection or click on files from 3 dots on left upper corner or click on + icon
Click on new collection and rename it,if you want. Or click on left panel collection name and 3 dots will
appear and take necessary action.

You can duplicate and export import etc we can take actions.
As an input we pass the request and we get the response. we do validations on response.

Requests:

GET

POST

PUT

DELETE

The above requests we can create under collection.

We generally don’t use patch request. We update complete data using put.

Sample demo apis site

Here we are using browser for testing. We don’t test apis through browser. For some scenarios we test
apis through browser and get response in browser only.
Examples for testing:

We have 3 parts in URL

Domain or host

Path parameters

Query parameters.

Here 2 is the resource.

Sometimes you don’t have query parameters. Based on how client framed the APIs. How they stored in
the servers

Below are the test cases based on different types of requests.

Whenever you are sending request we need to have what type of request we are sending. And request
payload. And we get response payload. On that we do status validations. Based on the status code we
decide the request is failed or success.

Sometimes we don’t need request payload.

Click on +icon to create new request or click on 3 dots next to collection. Or click on add request under
collection.
We get the below page.

GET request:

you can rename the request by clicking on the request

We have pasted the url in the URL field. And click on send button. It will give the response. Body, some
times cookies, Headers and results.
URL:https://reqres.in/api/users?page=2

Headers:
Test results will come when we give validation messages.

Right side we get status code, time taken to execute and returned data size.

We need to validate below

POST request
When we do POST Request we need to give request payload. For example we are providing json data we have to
click on body-> select Raw-> in the end of the live we get different formats. Select Json from there. And paste the
request body under that box. Developer will give the document which you need to select. Based on the API
requirement we need to provide the data.

URL:https://reqres.in/api/users
Example Request payload

{
"name": "morpheus",
"job": "leader"
}

Id is created to sent data. Data is stored and id created. Next time if you can call the data using id.
If you want to save request click on save button upper right corner and give a name and save the
request under required collection.

PUT request:

We can modify the existing data by sending request payload. Using id we have to call the data. Use it in
URL.
We need to give all the data. From multiple table data, single value update sometimes not allows. Hence
we have to give all data.

DELETE Request:

Select Delete request and send the url and Id and click on send
Status codes:

3 level of status codes are there

200 series are successful requests

400 series are accessing unauthorized access of APIs

500 series are server errors. Server issues.

Session 3:

We need to install belos

Download nodejs from nodejs site. No need of installation. Go to the download path and check version
from cmd. Nodejs and npm will come together.
Node - -version

Npn - - version

We have to run below command in the cmd to install json server

npm install -g json-server

It is installed.

We are doing installation to check our own demo apis for practice. If other apis are already installed by
organization, we don’t need it.

Store the below with students.json file type in notepad.

"name":"arun",

"gender":"Male",

"physics":"88",

"maths":"87",

"english":"78"
},

"name":"rajesh",

"gender":"Male",

"physics":"100",

"maths":"88",

"english":"79"

Now cmd you need to give the path of json file. I have place it where json server is there. And execute
the below command.

json-server students.json

C:\Users\xd5713\node-v20.13.1-win-x64>json-server students.json

You will see below. in demo it showed 1st screenshot. for me 2nd screenshot
Ctrl+C to exit from server

Index is the index for data. We gave 2 records. If you give only index it will show below.

If you use end points it will show the selected data 0 or 1 for 2 records.
http://localhost:3000/0 will show 1st record.

http://localhost:3000/1 will show 2nd record.

You can import above file as collection.

You can use same url in post man tool it will work.

Use the resource

http://localhost:3000/students in the url and use POST,GET,PUT,DELETE commands. For deletion we

have to give id.

When you close the collection from postman tool. It will stop the server running and shows operations
performed in postman.
When ever we are communicating between client and server, the data will be communicated through
JSON/xml format.

JSON->Java Script Object Notation.

Json data is light weight, and encryption and decryption are possible for security. Return the data in json
format only.

In xml and json ,json is preferable.

Xml used for SOAP type services and JSOn used for REST services.

What is JSON:
JSON is derived from the JS

In JSON we represent data in Key and Value pairs.

Key:Value
Key always included in double quotations.

Number value type should not put in quotations.

String values should have double quotations.

Multiple values we have to put in square brACKETS. This is array.

“phone” : [

1234,

2345

Only string type value should have quotations. Boolean should nt have quotations.

If you don’t have any value you can put it as null

“phone” : null.

The below we call as object data. Because it contains multiple data types.
To insert multiple records:

1.Create an name

Student

2.Add Array

Student:[ ]

3.Add single data.

Student:[

“name”: “suresh”,

“Id”:20

4. Add multiple records. Each record is an object again.

{

“Student“ :[

“name”: “suresh”,

“Id”:20

},

“name”: “rajesh”,

“Id”:21

We can say above code is Array of objects.

Object means multiple key value pairs
If we need to validate data we need to write json path.

If you want to extract the 1st student name. id etc. we need to write path.

Ex: Students[0].name.
It is difficult write like this. Hence we use 2 tools.

JSON path finder

JSON path.

Go to JSON path finder site and place students JSON data in left panel.

Right side it give the data. And when you click on each data. It will generate a path in path field.
X is root path. We can ignore it.

By using this we will extract particular data and apply validations.

Extract the data. Compare the data with that one with expected data and validate the json response.

JSON path site is for below.

The data we generated which is correctly identifying the value or not.

Paste the json data in left panel and json path from 1st site and paste it in JSON Path field.

In right panel it brings the right value.

We can write jsonpath manually also.

Post man library provides some functions which is in JS to validate response.
Post man uses CHAI framework for this. It is a JS framework.

We use assertions to validate responses.

In the above PM is postman. test is function in PM library

Test Name is out test name, Function is a keyword.

We need to write assertion in curling brackets.

( ) => mark and function() both are same.

First one is for single status request.

2nd one is for multiple status requests.

3rd one is for if you post data. It will create a record. It shows created in the result pane. It verifies that.

We have to write these assertions under Test tab.

Test results are below

Validating headers:

Content type is in the json format or not? We need to check content type in the headers.
Results
Verify the cookies:

We need to verify cookie and value.details.

Response body validation:

Const ->variable type

jsonData is a variable which stores the response.

Pm.response.json()->brings the json response from PM library

Verify the result in result tab. In the function, if one statement is failed, entire result will be failed.
Validating JSON fields in response:

Verifying values.

Here jsonData.id is path.

JSON schema validation:

Schema is a structure. What kind of data types we are allowing.

Search in the net to get json schema.

Paste the response body in the site and it will give the json schema.

"name": "arun",

"gender": "Male",

"physics": 88,

"maths": 87,

"english": 78

}
According to that schema the result should be there in postman.

We need to store this schema in a variable. And response data we need to store in a variable. We need
to use the below assertion.

You should copy this schema into Test tab for verification and give the below assertion.
Here tv4 is Tiny Validator4 library.

You can select all the requests as collection . right click on collection->select run collection.after clicking
run collection it will show below

You can select and unselect the requests here.

Result will display like below.

Session 5:

Pre request script execution:

Before sending the request It will be executed.

Pre Request script->Request->response->Test. This is the execution scquence.

Pre request scripts are available in 3 levels

1.collection level

2.Folder level

3.Request level.
Sequence of execution
NOTE: Here scripts are displaying as Pre –request and Test tab is displaying as post-response under
scripts TAB.

We define pre-request scripts and post request scripts in collection, folder, request levels.

For below example

The above is like println in java. We write these kind of scripts in levels . those will be executed in above
screenshot order and display in console

Variables:
Where? When and why?

When we have common data for all requests we use variables.

Ex: common URL for for all requests.

To create variables directly there is an option. Select common URL and it shows set as new Variable. Set
the level and use it.

If you want to create manually->

To create global variables we need to click environment icon on top right side.

Click on add in global variables block.

Enter variable name and variable value

Where ever we need it we need to use this URL variable like below

{{glb_URL}}/0
When you type {{ in url tab it will display variables.select from that.

If you want to create collection variables select collection->3dots->edit->variables

Or after selecting collection you can directly click on variables in the right pane.

You need to save after giving variable.

Environment variable:

Click on icon next to environment variable and click on add button in environment block.

After adding environemnts it will display like this

Select the environment and click on edit button , give the variable and save

While doing testing select environment and give variable belongs to that environment.

Local variable:

We have to create it in pre-request scripts only. It will execute while running the script.

Showing the creation of variable and using it in the url in the below screen. It is only for this request.
You can create global variable in prerequest scripts. Use below sysntax

Below is usage

You can create environment variables in pre-request scripts like below. Select environment from
environment field and give below script

You can add collecton variable by selecting the collection

Below is the script

If you want to remove the variables after execution you have to write unset script

Till now we have used the variables in URL. Now I want to get it into tests.

For that we have to use

Ifyou want to print the variable put it in console.log.

Session6:

Chaining:

One response will be the request of another API. This is called chaining.
We have to store the response in one variable. We have to use that in another API.

Chaining process

We send a post request to create student data.

Id will automatically create. From there we are extracting the id.

Here we are placing the response body in a variable and from there we are getting the id. Here
responseBody is keyword. In the 2 nd statement we are setting the environment variable for id from the
data we got.then we are setting the variable in the URL .

In the below request we are using the environment variable.

If you want check api in the internet. We need to go to below site

This is a remote api not internal like above.We have to use trying it out links like below with URL

We need some authentication here. We have to create some token here.

Click on get your access token link. And sign up.It will return the token.

Click access token will give new access token.

We need to use below request body to create new record

Chaining process for this

Before running tests add token in the authorization tab

But if you have no of requests you have to add no of times. Hence we use collection level
Authentication.

Click on collection->authorization->select token as bearer token->paste the token->save.

Inherit authorization should be selected in every request to import the token.

To create a random values use the below scripts in pre-request

Place those variable in the test body

Extract the id from the response body and save it a environment variable.

Use it in the url to take action on that id

Now we need to check the response data with request data which is given in environment variables.

We have to write in the get request test TAB

To update

Pass that into new request body

To unset the variables

Document:
Session 7:

Parameterization and data driven testing:

Books API

We use book api for this we need to use below

We need token for access the orders.

Post request url

We need to use URL\endpoint

Create a collection and create a post request .Give the body

This will create a token for you to access order APIs

For below 3 we don’t need to add access token.

Getting the status of the book.

To get the list of the books

Get a single book

For the below requests we need to add access token

Use below url for post order and give the body.give the authentication token in collection level.If there is
not much requests which uses token, then for those we have to change as no auth instead of inherit
authorization option.
Get all orders

To get order information.Need to pass order id

Update order:

Provide order in url and use body and update

Delete order :

We need to pass order id.

You can use token as a variable.

Create a variable

Goto authorization in that request and select type bearer token and give the variable in {{}} in token field

Here for data driver testing we use json and csv formats.Here we are going to create below 3 requests

Create a csv file.Select the data from the above book api.check availability true.

Give the header names as variables in body

Write the validations and get the response body into a variable to get order id.

If you want to code directly with out writing for click arrow mark. It will display list of snippets .select
that and it will display script automatically.

To get the orders from books

Write below in the Test

First is for status check and 2nd one is for to check the order id from response body.

Pm.json.response will get the response body. And place environment variable order id in the URL.

To check delete status code and unset environment id use below

Select run collection and enter no of iterations and select the csv file path in the data filed select file.
After uploading file. Preview button will show. Click on that , it will show you uploaded data.

Summary will display like below if everything is passed

If you want to run again. Click on run again. If you want to changes in existing iterations data you can
click new run

With json data file:

Convert csv to json online and use that.

Data driven testing doc:

File upload through postman:

We need java for this.Here we need to use file-upload-RestAPI. Jar file. Place jar file any where in
system.

Open command prompt and use below command

Java –jar file-upload-RestAPI. Jar

Don’t close after running the command it needs to be open.

Use http://localhost:8080 to upload file through ui.

We need to use below urls to upload files

We needto use post request

In the body we need to select form-data and enter key as “file” select from drop down and value select
the file. And save. And click on send.

This will upload file and gives URL to download and file details

If you want to upload multiple file use the below url

http://localhost:8080/uploadMultipleFiles

Here key should be “files”.

If you select the text Option. You have specify the path manually.

The uploaded files will be displayed in C:\uploads. We uploaded in internal.

We don’t check where it is downloaded. We check the response only.

Authentication(authorization):

No auth –No need of authentication

API key-needs api key authentication

Bearer toke- need some token.

Basic auth- UId nad password needed-will not encrypt

Use the below url

Uid:postman

Pwd:password

Digest auth-will encrypt

Oauth1.0 &2.0- are thirdparty authentication.

Digest authentication username and password 3rd step is encrypted.

For digest authentication disable retrying checkbox should be unchecked.don’t need to think
about advanced configuration. When it is required only we have to edit it.

Generally we use API Key, bearer token and OAuth authentications.

Select personal auth token. Select repo in below
Give notes liks as token name and click on generate token.

It will generate a token to use it.

Paste the token in below by selecting bearer token.

API Key authentication:

Need to see this video again:Session8

Session 9:

PETSTORE API

URL:https://petstore.swagger.io/

Below are the APIs. We call it as Models. This is a swagger.

User model gives the response in JSON format

Create user:
Use the body in your request . it will give xml response.

Click on try it out. Wt will generate the response in xml format. It generates curl also.

Import this in postman tool:

Copy curl response and create a new collection in PM-> select collection and click on import->Go
to raw text and paste curl

Click on continue->import.

url is
Curl will directly brings the body to the request.