Postman-Slide No 1
Postman-Slide No 1
Postman
Postman is a popular API testing tool designed to simplify API
development and testing
FatimaBharwana
What is an API?
FatimaBharwana
Types of APIs
Web APIs (HTTP APIs)Definition: These Open APIs (Public APIs):
APIs allow applications to communicate
over the internet using the HTTP/HTTPS These are publicly available APIs that
protocol. anyone can use.
Examples:
➢ REST APIs (Representational State
Transfer):Used for simple, ▪ Google Maps API: Developers use this
lightweight communication. to embed maps in their apps or
▪ Example: A weather app fetching the websites.
current temperature from a server. ▪ OpenWeather API: Fetch weather
data for any city.
➢ SOAP APIs (Simple Object Access
Protocol):Used for more complex
systems requiring high security and
structure.
▪ Example: Payment processing in
banking systems.
FatimaBharwana
Types of APIs
Internal APIs (Private APIs): Partner APIs:
These are designed for use within an These are shared with specific
organization to improve its internal business partners to allow limited
operations. access to systems.
Examples: Examples:
FatimaBharwana
Types of APIs
Composite APIs: GraphQL APIs:
These combine multiple API calls into a Allows clients to request exactly the
single request, reducing the number of data they need, reducing over-fetching
round trips between client and server. or under-fetching data.
Examples: Examples:
▪ An e-commerce website fetching Facebook's GraphQL API: Fetch a user's
product details, reviews, and seller posts and friends list in a single,
information in one request. customized query.
▪ A travel app retrieving flight options,
hotels, and car rentals
simultaneously.
FatimaBharwana
Types of APIs- Real-Life Analogy
Open API: Like a restaurant menu—anyone can order.
Internal API: Like the chef’s recipe—only kitchen staff can
access it.
Partner API: Like a special menu for VIP customers—only
certain people get access.
Composite API: Like ordering a combo meal—one request
gives you everything you need.
GraphQL API: Like customizing your meal order—ask for
exactly what you want (e.g., burger without pickles, fries,
and soda).
FatimaBharwana
Collections Multiple Request Types
➢ What it Means: You can group similar ➢ What it Means: Postman supports
API requests into folders for easy different API actions like:
organization.
➢ GET: Fetch data
➢ Example: For a shopping app, you
can group the APIs for login, product ➢ POST: Send data
search, and checkout into one ➢ PUT: Update data
collection. It’s like putting related
files into one folder for quick access. ➢ DELETE: Remove data
➢ HEAD:A HEAD request is similar to a
GET request, but it only fetches the
headers (metadata) of the response,
not the actual data (body).It’s useful
to check if a resource exists or to get
details like size or type without
downloading the full content.
➢ OPTIONS: An OPTIONS request asks
the server what actions are allowed
for a resource.
It’s often used to check which HTTP
methods (like GET, POST, etc.) are
FatimaBharwana supported by the server for that
resource.
Test Development Environment Support
➢ What it Means: Add tests to check if ➢ What it Means: You can test the
APIs work correctly, like verifying same APIs on different setups
they give the expected output or (development, testing, or live)
show a "200 OK" status. without making new requests for
each.
➢ Example: You’re testing an API to
check your bank balance. A test ➢ Example: Test your app on:
ensures it shows your balance
▪ A testing server:
correctly and doesn’t display an
test.myapp.com
error.
▪ The live server: myapp.com
By switching environments, you
use the same test requests
without changes.
FatimaBharwana
CI/CD Integration Debugging
➢ What it Means: Postman works with ➢ What it Means: Postman has a
tools that automate testing every console to find and fix issues in APIs.
time you update your app or add new
➢ Example: If the login API gives an
features.
error, you check the console to see
➢ Example: When you release a new the problem (e.g., you forgot to
feature for your app, Postman include the password).
automatically runs all API tests to
check that everything still works.
FatimaBharwana
FatimaBharwana
Header
The header section contains key tools for creating and managing API requests and
environments.
FatimaBharwana
FatimaBharwana
Response Section
This area displays the results of an API request after you hit "Send." It includes:
Response Body: The actual data returned by the API (e.g., JSON, XML).
Status Code: Indicates the success or failure of the request (e.g., 200 OK, 404
Not Found).
Time: How long it took for the server to respond.
FatimaBharwana
FatimaBharwana
Sidebar
The sidebar organizes your API requests, collections, and history for easy navigation.
FatimaBharwana
FatimaBharwana
Builder Section
This is the central workspace where you create and execute API requests.
Request Tab: Contains the request type (GET, POST, PUT, DELETE, etc.) and
the API URL.
Send Button: Executes the API request.
Save Button: Saves the request for future use.
FatimaBharwana
FatimaBharwana
Tabs in Builder:
Params (Query Parameters)
➢ What it is:Query parameters are extra pieces of information added to the URL
to filter or modify a request. They look like ?key=value in the URL.
➢ Example:
▪ Scenario: You want to search for "laptops" on an e-commerce site.
▪ URL: https://example.com/search?query=laptops&page=2query=laptops is
the parameter saying, "Search for laptops."page=2 specifies which page of
results to display.
➢ Usage:
When calling an API to get user details:
https://api.example.com/users?userId=123
The userId=123 tells the API to fetch data for user 123.
FatimaBharwana
Tabs in Builder:
Authorization
What it is:This ensures only authorized users can access a resource. It
involves tokens, API keys, or login credentials.
Example:
▪ Scenario: You use a food delivery app. The app needs your login token to
confirm who you are.
▪ Authorization Header:
Authorization: Bearer your-token-here
Usage:
For secure APIs:
API Key: Authorization: API-Key abc123xyz
OAuth Token: Authorization: Bearer token123
FatimaBharwana
Tabs in Builder:
Headers
What it is:Metadata sent along with a request to give the server more
information about what you're sending.
Example:
▪ Scenario: When uploading an image, the server needs to know the file type.
▪ Header: Content-Type: image/png
Usage:
To tell the server you're sending JSON data:
Content-Type: application/json
Example: Adding headers for language preferences:Accept-Language: en-US
FatimaBharwana
Tabs in Builder:
Body
What it is:The actual data sent in a request, typically used in POST or PUT
requests
Example:
▪ Scenario: You sign up for a service and send your details.
▪ Body (JSON format):
▪ { "name": "John Doe", "email": "[email protected]", "password": "123456"}
Usage:
For creating a new blog post via an API:
{ "title": "My First Blog", "content": "This is the body of my blog post."}
FatimaBharwana
Tabs in Builder:
Pre-req. (Pre-request Scripts)
What it is:Code that runs before sending the API request to set or modify data
dynamically.
Example:
▪ Scenario: Generating a unique user ID for each signup request.
▪ Script:
pm.test("Status code is 200", function () { pm.response.to.have.status(200);});
Usage:
pm.test("User ID is correct", function () {
pm.expect(pm.response.json().userId).to.eql("12345");});
FatimaBharwana