FatimaBharwana

Postman
Postman is a popular API testing tool designed to simplify API
development and testing

FatimaBharwana
What is an API?

 API stands for Application Programming Interface. It is a set of rules and

protocols that allows different software applications to communicate with
each other. APIs work like messengers: they take your request to a system,
get the needed data or action, and deliver the response back to you.

FatimaBharwana
Types of APIs
Web APIs (HTTP APIs)Definition: These Open APIs (Public APIs):
APIs allow applications to communicate
over the internet using the HTTP/HTTPS These are publicly available APIs that
protocol. anyone can use.
Examples:
➢ REST APIs (Representational State
Transfer):Used for simple, ▪ Google Maps API: Developers use this
lightweight communication. to embed maps in their apps or
▪ Example: A weather app fetching the websites.
current temperature from a server. ▪ OpenWeather API: Fetch weather
data for any city.
➢ SOAP APIs (Simple Object Access
Protocol):Used for more complex
systems requiring high security and
structure.
▪ Example: Payment processing in
banking systems.

FatimaBharwana
Types of APIs
Internal APIs (Private APIs):
These are designed for use within an
organization to improve its internal
operations.
Examples:
▪ A company's HR system
communicating with the payroll
system to process salaries.
▪ A logistics company's tracking app
accessing its database to update
shipment statuses.
FatimaBharwana
Partner APIs:
These are shared with specific
business partners to allow limited
access to systems.
Examples:
▪ Uber’s API for restaurants to
integrate delivery services.
▪ Expedia’s API for hotels to manage
room bookings via their platform.
Types of APIs
Composite APIs:
These combine multiple API calls into a
single request, reducing the number of
round trips between client and server.
Examples:
▪ An e-commerce website fetching
product details, reviews, and seller
information in one request.
▪ A travel app retrieving flight options,
hotels, and car rentals
simultaneously.
FatimaBharwana
GraphQL APIs:
Allows clients to request exactly the
data they need, reducing over-fetching
or under-fetching data.
Examples:
Facebook's GraphQL API: Fetch a user's
posts and friends list in a single,
customized query.
Types of APIs- Real-Life Analogy
 Open API: Like a restaurant menu—anyone can order.
 Internal API: Like the chef’s recipe—only kitchen staff can
access it.
 Partner API: Like a special menu for VIP customers—only
certain people get access.
 Composite API: Like ordering a combo meal—one request
gives you everything you need.
 GraphQL API: Like customizing your meal order—ask for
exactly what you want (e.g., burger without pickles, fries,
and soda).

FatimaBharwana
Collections
➢ What it Means: You can group similar
API requests into folders for easy
organization.
➢ Example: For a shopping app, you
can group the APIs for login, product
search, and checkout into one
collection. It’s like putting related
files into one folder for quick access.
FatimaBharwana
Multiple Request Types
➢ What it Means: Postman supports
different API actions like:
➢ GET: Fetch data
➢ POST: Send data
➢ PUT: Update data
➢ DELETE: Remove data
➢ HEAD:A HEAD request is similar to a
GET request, but it only fetches the
headers (metadata) of the response,
not the actual data (body).It’s useful
to check if a resource exists or to get
details like size or type without
downloading the full content.
➢ OPTIONS: An OPTIONS request asks
the server what actions are allowed
for a resource.
It’s often used to check which HTTP
methods (like GET, POST, etc.) are
supported by the server for that
resource.
Test Development
➢ What it Means: Add tests to check if
APIs work correctly, like verifying
they give the expected output or
show a "200 OK" status.
➢ Example: You’re testing an API to
check your bank balance. A test
ensures it shows your balance
correctly and doesn’t display an
error.
FatimaBharwana
Environment Support
➢ What it Means: You can test the
same APIs on different setups
(development, testing, or live)
without making new requests for
each.
➢ Example: Test your app on:
▪ A testing server:
test.myapp.com
▪ The live server: myapp.com
By switching environments, you
use the same test requests
without changes.
CI/CD Integration
➢ What it Means: Postman works with
tools that automate testing every
time you update your app or add new
features.
➢ Example: When you release a new
feature for your app, Postman
automatically runs all API tests to
check that everything still works.
Debugging
➢ What it Means: Postman has a
console to find and fix issues in APIs.
➢ Example: If the login API gives an
error, you check the console to see
the problem (e.g., you forgot to
include the password).

FatimaBharwana
FatimaBharwana
Header
The header section contains key tools for creating and managing API requests and
environments.

 New: Create a new request, collection (group of requests), or environment

(test setup).
 Import: Import environments or collections from files, links, or code
repositories.
 Runner: Run multiple API tests using the Collection Runner tool.
 Workspace Name: Displays the active workspace (e.g., My Workspace) and
allows you to share it with team members.

FatimaBharwana
FatimaBharwana
Response Section
This area displays the results of an API request after you hit "Send." It includes:

 Response Body: The actual data returned by the API (e.g., JSON, XML).
 Status Code: Indicates the success or failure of the request (e.g., 200 OK, 404
Not Found).
 Time: How long it took for the server to respond.

FatimaBharwana
FatimaBharwana
Sidebar
The sidebar organizes your API requests, collections, and history for easy navigation.

 Collections: Group API requests into folders for better management.

 History: View past requests and re-run them if needed.

FatimaBharwana
FatimaBharwana
Builder Section
This is the central workspace where you create and execute API requests.

 Request Tab: Contains the request type (GET, POST, PUT, DELETE, etc.) and
the API URL.
 Send Button: Executes the API request.
 Save Button: Saves the request for future use.

FatimaBharwana
FatimaBharwana
Tabs in Builder:
Params (Query Parameters)
➢ What it is:Query parameters are extra pieces of information added to the URL
to filter or modify a request. They look like ?key=value in the URL.
➢ Example:
▪ Scenario: You want to search for "laptops" on an e-commerce site.
▪ URL: https://example.com/search?query=laptops&page=2query=laptops is
the parameter saying, "Search for laptops."page=2 specifies which page of
results to display.
➢ Usage:
When calling an API to get user details:
https://api.example.com/users?userId=123
The userId=123 tells the API to fetch data for user 123.
FatimaBharwana
Tabs in Builder:
Authorization
 What it is:This ensures only authorized users can access a resource. It
involves tokens, API keys, or login credentials.
Example:
▪ Scenario: You use a food delivery app. The app needs your login token to
confirm who you are.
▪ Authorization Header:
Authorization: Bearer your-token-here
 Usage:
For secure APIs:
API Key: Authorization: API-Key abc123xyz
OAuth Token: Authorization: Bearer token123

FatimaBharwana
Tabs in Builder:
Headers
 What it is:Metadata sent along with a request to give the server more
information about what you're sending.
 Example:
▪ Scenario: When uploading an image, the server needs to know the file type.
▪ Header: Content-Type: image/png
 Usage:
To tell the server you're sending JSON data:
Content-Type: application/json
Example: Adding headers for language preferences:Accept-Language: en-US

FatimaBharwana
Tabs in Builder:
Body
 What it is:The actual data sent in a request, typically used in POST or PUT
requests
 Example:
▪ Scenario: You sign up for a service and send your details.
▪ Body (JSON format):
▪ { "name": "John Doe", "email": "[email protected]", "password": "123456"}
 Usage:
For creating a new blog post via an API:
{ "title": "My First Blog", "content": "This is the body of my blog post."}

FatimaBharwana
Tabs in Builder:
Pre-req. (Pre-request Scripts)
 What it is:Code that runs before sending the API request to set or modify data
dynamically.
 Example:
▪ Scenario: Generating a unique user ID for each signup request.
▪ Script:
pm.test("Status code is 200", function () { pm.response.to.have.status(200);});
Usage:
pm.test("User ID is correct", function () {
pm.expect(pm.response.json().userId).to.eql("12345");});

FatimaBharwana