⚕️

API testing Base

API Testing 1

API Overview and API Testing

What is an API?
An API (Application Programming Interface) is a set of rules, protocols, and
tools that allow different software applications to communicate with each other.
It specifies how software components should interact and is used to request
and exchange data between systems. APIs are the backbone of modern web
development, enabling functionalities like fetching data from a server, sending
data, or interacting with various services such as payment gateways,
databases, and cloud services.

API Structure: Protocol, Domain, Path, and Query Parameters

When we talk about APIs, particularly in the context of Web APIs (like RESTful
APIs), we often deal with URLs that are structured into various components.
Understanding these components is essential for both API development and
API testing.

1. Protocol (Scheme)
The protocol refers to the communication method used to transfer data over
the web. It defines how the data will be transmitted from the client to the server.

Common Protocols:

HTTP (Hypertext Transfer Protocol): The most common protocol used

in web APIs.

HTTPS (Hypertext Transfer Protocol Secure): A secure version of HTTP,

using encryption (SSL/TLS) to protect data.

Example: https:// in https://api.example.com

API testing Base 1

 2. Domain
The domain represents the server or the host where the API resides. It usually
corresponds to the API's base URL or the service endpoint you are trying to
access.

Example:
api.example.com in https://api.example.com

This domain indicates the server responsible for handling requests for the
API. It's part of the base URL used in all API calls.

3. Path
The path specifies the specific resource or endpoint on the server that the API
is interacting with. It is the part of the URL that comes after the domain and
usually corresponds to a specific functionality or object within the API.

Example:

/users/1234 in https://api.example.com/users/1234

In this example, /users/1234 could represent an API endpoint that provides

information about a specific user with the ID 1234 . Paths are typically
hierarchical, where each segment refers to a more specific resource.

Common Patterns:

/users : Might return a list of users.

/users/{id} : Might return information about a user with a specific id .

/posts/{postId}/comments : Might return comments for a specific post.

4. Query Parameters (After the Question Mark ? )

Query parameters are additional key-value pairs that are added to the URL after
a question mark ( ? ). These parameters help refine the API request by
providing additional information, such as filters, sorting, pagination, etc.

Example:
https://api.example.com/users?age=25&city=NewYork

In this example:

age=25 : A query parameter to filter users based on age.

API testing Base 2

 city=NewYork : A query parameter to filter users based on the city.

Characteristics:

Query parameters are typically optional.

They are used to modify or filter the request.

Multiple query parameters are separated by an ampersand ( & ).

Common Use Cases:

Filtering: https://api.example.com/products?category=electronics

Pagination: https://api.example.com/items?page=2&limit=10

Sorting: https://api.example.com/orders?sort=desc

API Testing
API Testing is the process of testing APIs to ensure they function as expected,
meet business requirements, and are free of bugs. Since APIs are integral to
the functionality of applications, API testing is essential for ensuring data
integrity, security, and performance.

Key Aspects of API Testing:

1. Functionality Testing: Verifying that the API performs the intended function
correctly (e.g., retrieving data, posting data).

2. Security Testing: Ensuring that the API is secure against threats like
unauthorized access or data breaches.

3. Performance Testing: Checking how the API performs under various

conditions, like handling a high number of requests.

4. Load and Stress Testing: Testing the limits of the API to see how it behaves
under heavy load or stress.

5. Error Handling: Ensuring the API returns appropriate error messages when
something goes wrong (e.g., invalid input, resource not found).

6. Data Validation: Ensuring that the API returns the correct data, formatted
properly, and within the expected range.

Types of API Testing:

API testing Base 3

 Manual Testing: Testers manually send requests to an API and inspect the
responses.

Automated Testing: Use of testing tools (like Postman, RestAssured, or

JUnit) to send requests and automatically validate the responses.

Example of an API URL Breakdown:

URL: https://api.example.com/users/1234?age=25&city=NewYork

Protocol: https

Domain: api.example.com

Path: /users/1234

Query: age=25&city=NewYork

API testing Base 4

 Understanding Client, API, and Database
In modern software applications, the Client, API, and Database work together
to deliver functional and dynamic services to users. Let’s break down what
each of these components is, how they interact, and how they contribute to the
overall system.

API testing Base 5

 1. Client

What is a Client?
The client is the front-end or user interface of an application where end users
interact with the system. It is responsible for making requests to a server
(typically via an API), displaying results to the user, and capturing user input.

Types of Clients:

Web Clients: Browsers like Chrome, Firefox, Safari, etc., where users
interact with web applications.

Mobile Clients: Mobile apps for Android and iOS that interact with APIs
over the network.

Desktop Clients: Standalone applications installed on the user's

computer that interact with the API.

Client Responsibilities:
User Interaction: Clients provide a graphical user interface (GUI) where
users can input data and view output.

Data Collection: Clients gather user data (like form submissions, clicks,
etc.).

API Requests: Clients send requests to the API to fetch or modify data from
the server.

Data Display: After receiving data from the API, the client presents it in a
meaningful way to the user.

Example: A user accesses a website (e.g., www.example.com ) via a browser

(client). The browser sends requests to a server (via an API) to fetch
information like user profiles or product listings, which are then displayed on
the webpage.

2. API (Application Programming Interface)

What is an API?
An API (Application Programming Interface) is a set of rules and protocols that
allows software systems to communicate with each other. APIs define the

API testing Base 6

 methods and data formats that systems use to request and exchange data.

API as an Interface: An API acts as a bridge between the client and the
server, allowing the client to access and interact with the server’s data,
functionality, or services without needing to understand the internal
workings of the server.

Types of APIs:

RESTful API: A popular architectural style for designing networked

applications. REST APIs use HTTP requests to perform CRUD (Create,
Read, Update, Delete) operations.

SOAP API: A protocol for exchanging structured information in the

implementation of web services. It’s more rigid and formal than REST.

GraphQL: A newer API standard that allows clients to specify exactly

what data they need, optimizing data transfer and reducing over-
fetching.

API Responsibilities:
Request Handling: APIs receive HTTP requests from the client (e.g., GET ,
POST , PUT , DELETE ).

Business Logic: APIs may perform some business logic or data validation
before sending or updating data in the database.

Data Interaction: APIs interact with the database (or other services) to
retrieve, insert, update, or delete data.

Response to Client: After processing the request, the API sends a response
back to the client in a structured format (usually JSON or XML).

Example: A weather app (client) may use a weather API to fetch the current
weather for a given city. The API processes the request and returns the
weather data (temperature, humidity, etc.) to the client, which then displays it to
the user.

3. Database

What is a Database?
A database is a structured collection of data that is stored and managed in a
way that allows efficient retrieval, insertion, updating, and deletion. Databases

API testing Base 7

 store the information that the application needs, such as user data, product
information, transaction records, etc.

Types of Databases:

Relational Databases (SQL): These databases use tables with

predefined schemas and are accessed via Structured Query Language
(SQL). Examples include MySQL, PostgreSQL, Oracle, and Microsoft
SQL Server.

Non-Relational Databases (NoSQL): These databases store data in

flexible, non-tabular formats, and they allow for scalability and flexibility
in handling various types of data. Examples include MongoDB, Redis,
and Cassandra.

Database Responsibilities:
Data Storage: Databases store the application’s persistent data (e.g., user
accounts, products, order history).

Data Integrity: Ensure that data remains consistent, accurate, and secure.
Databases have mechanisms like constraints and foreign keys to enforce
data integrity.

Data Retrieval: Databases allow for querying data via SQL or other query
languages.

Data Modification: Databases handle the insertion, updating, and deletion

of data.

Example: In an e-commerce application, the database might store information

like product details, customer accounts, orders, and transaction histories. The
API queries the database to retrieve product data when requested by the client.

How Client, API, and Database Interact

1. The Client Sends a Request:

A user interacts with the client (e.g., filling out a form or clicking a button).
The client then makes a request to the API. For example, the client might
send a GET request to fetch user details.

Example Request:

API testing Base 8

 GET https://api.example.com/users/1234

2. The API Handles the Request:

The API receives the client request and processes it. If the request involves
retrieving data, the API will query the database. For instance, if the request
is to get details about user 1234 , the API will need to access the database to
fetch the relevant data.
Example Response:

{
"id": 1234,
"name": "John Doe",
"email": "[email protected]"
}

3. The API Queries the Database:

To fulfill the request, the API communicates with the database. For example,
if the API is requested to provide user data, it will use SQL (in a relational
database) or a query language specific to a NoSQL database to retrieve
that data.
Example SQL Query:

SELECT * FROM users WHERE id = 1234;

4. The API Sends a Response Back to the Client:

After retrieving the required data from the database, the API sends the data
back to the client in a structured format (usually JSON or XML).

5. The Client Displays the Data:

The client then processes the data it receives from the API and presents it
to the user in a friendly interface (e.g., displaying the user’s name and email
on the webpage or app).

Example of Interaction:

Scenario: A User Logs Into an Application

API testing Base 9

 1. Client (User’s Browser or App):

The user enters their login credentials on the client interface (e.g., a
login form on a website or mobile app).

The client sends a POST request to the API with the login credentials.

Example Request:

POST https://api.example.com/login
Content-Type: application/json
Body:
{
"username": "johndoe",
"password": "password123"
}

2. API:

The API receives the request and performs necessary checks (e.g.,
validate the credentials).

The API queries the database to check if the username and password
match any records.

Example SQL Query:

SELECT * FROM users WHERE username = 'johndoe' AND passw

ord = 'password123';

3. Database:

The database retrieves the relevant user data (e.g., user ID, name,
email) from the users table.

4. API Response:

The API returns a success message and user data if the credentials are
valid.

Example Response:

{
"status": "success",

API testing Base 10

 "message": "Login successful",
"user": {
"id": 1234,
"username": "johndoe",
"email": "[email protected]"
}
}

5. Client:

The client displays the user’s details or redirects the user to the main
dashboard, showing the retrieved information.

Conclusion
In summary:

The Client is the interface that users interact with to input data and see
results.

The API acts as the intermediary that processes requests from the client
and interacts with the database or other services to fetch or update data.

The Database stores the application’s data and provides it to the API when
requested.

Together, these components form the core of most modern applications,

ensuring a seamless flow of data from the user to the server and back.

API testing Base 11

API testing Base 12
 URI - google.com
URl=URI + Protocol(https//) - https//www.google.com

URN -

API testing Base 13

 there is tree part -
1.Protocol
2.Domain

3.path
4.Query (After Question mark )

API testing Base 14

 Test Case for API Testing

API testing Base 15