Basics of API Testing

Agenda of API Testing

API TESTING TOOL SELECTION WORKFLOW

API and API Testing Right tool for API Testing How API works ?

API Methods ADVANTAGES DEMO

Different API Methods Advantages of API Testing Live Demo

www.tothenew.com
 What is API?
API stands for Application
Programming Interface.

API is an software to
software
interface, not a user
interface.

With APIs, applications talk to

each other without any user
knowledge or intervention.

Implemented by writing
function
calls in the program.
 What is API Testing?
API testing uses software to send
calls to the API and get the
output.

API testing treats the component

under test as a black box.

The goal of API testing is to verify

correct performance and error
handling of the component prior
to its integration into an
application.
API Workflow
API Workflow
Response

Request

Response
 REST API
REST – stands for Representational State Transfer.
 It is a set of functions to which the developers performs requests and receive
responses. In REST API interaction is made via HTTP protocol.
 REST also allows computers to talk to each other over a network.
 It involves using HTTP methods to send and receive messages, and does
not require a strict message definition, unlike Web services.
 REST messages often take the form of XML, or JavaScript Object
Notation (JSON).
 HTTP Methods
4 Commonly Used Methods:-
GET : - Provides a read only access to a resource.
POST :- Used to create a new resource.
PUT :- Used to update an existing resource or create a new resource.
DELETE :- Used to Remove a resource.

RESOUCE GET PUT POST DELETE

URL Retrieve the Create / Replace a Create new Used to remove a
member new resource entry resource
 What is API Testing ?
PUT PUT
REQUEST RESPONSE

GET GET
REQUEST RESPONSE

POST POST
REQUEST RESPONSE

DELETE DELETE
REQUEST RESPONSE
 REST API Inputs

GET POST PUT DELETE

Method - GET Method - POST Method - PUT Method - DELETE

URL URL URL URL

Custom-Header Custom-Header Custom-Header Custom-Header

Input JSON Input JSON

 GET Methods
Request Response

Status : 200 OK
GET {
message: "Beam Detail fetched successfully"
data:
https://restful- {
booker.herokuapp.com/booking name : "name goes here"
eventStatus : "COMPLETED"
startTime : "10 Oct 2015
14:25:00"
viewCount : "2354"
likeCount : 88
disLikeCount : 99
commentCount : 5
duration : 1490
performerId : 10244
}
status: 1
}
 POST Methods
Request Response

Status : 200 OK
POST
•{
•"status": 1,

https://restful- •"message": "Login successfully", "data": {

• "access_token":
booker.herokuapp.com/booki "rcd676up5kit3akd93a",
ng • "email": "[email protected]", "roles":
"email“
{ : "[email protected]", "[ROLE_USER]",
"password“ : "admin", • "userId": "1", "isAccountVerified":
"medium“ : "MANUAL", true,
"apiVersion“ : "1.0", • "timeZoneName": "GMT +05:30 - New
"appKey“ : "myAppKey", Delhi",
• "timeZoneId": 8,
"actionName“ : "login"
• "fameName": "admin.famelive",
}
"imageName": "zsdasdaw",
• "userChannel": "a468784e6e2a9874619e7f",
• },
•"code": 10001
•}
 PUT Methods
Request Response

Status : 200 OK
PUT
•{
•"status": 1,

https://restful- •"message": "Login successfully", "data": {

• "access_token":
booker.herokuapp.com/booki "rcd676up5kit3akd93a",
ng • "email": "[email protected]", "roles":
"email“
{ : "[email protected]", "[ROLE_USER]",
"password“ : "admin", • "userId": "1", "isAccountVerified":
"medium“ : "MANUAL", true,
"apiVersion“ : "1.0", • "timeZoneName": "GMT +05:30 - New
"appKey“ : "myAppKey", Delhi",
• "timeZoneId": 8,
"actionName“ : "login"
• "fameName": "admin.famelive",
}
"imageName": "zsdasdaw",
• "userChannel": "a468784e6e2a9874619e7f",
• },
•"code": 10001
•}
 DELETE Methods
Request Response

Status : 200 OK
DELETE
{
message: "Beam Detail fetched successfully"
https://restful- data:
{
booker.herokuapp.com/booking name: "name goes here"
eventStatus: "COMPLETED"
startTime: "10 Oct 2015 14:25:00"
viewCount: "2354"
likeCount: 88
disLikeCount: 99
commentCount: 5
duration: 1490
performerId: 10244
}
status: 1
}
 HTTP Response Codes
Some HTTP response codes, which are often used with REST:-

200 OK: - Code indicates that the request was successful.

201 Created:- Code indicates that request was successful and a resource was created. It is used
to confirm success of a PUT or POST request.
400 Bad Request :- It happens especially with POST and PUT requests, when the data does not pass
validation, or is in the wrong format.
404 Not Found:- response indicates that the required resource could not be found.
401 Unauthorized:- error indicates that you need to perform authentication before accessing the
resource.
405 Method Not Allowed:- HTTP method used is not supported for this resource.
409 Conflict:- Conflict request to create the same resource twice.
500 Internal Server Error:- Occurs due to some error on Server side.
 Common Types of Tests in API Testing
Common API Bugs:-

 Verify if API doesn’t return any response.

 Based on input request, return request should be checked.
 Verification of the API whether it triggers some other event or calls
another API
 Verification of the API whether it is updating any data structure
 Delayed in API Response time
 Response Data is not structured
 Difficulty in connecting and getting response from API
Advantages of API Testing
Advantages of API Testing:-

 Time Effective
 Language Independent
 Test Core Functionality
 Reduce Testing cost
 Reduced Risks
 Challenges of API Testing
Challenges of API Testing:-

 Main challenges in API testing is Parameter Combination, Parameter

Selection, and Call Sequencing
 There is no GUI available to test the application which makes difficult to
give input values
 Parameters selection and categorization required to be known to the
testers
 Exception handling function needs to be tested
 Basic Inputs
URL : http://qa-api.livfame.com/api/v11_1

Header Method

Input JSON Output Response

Questions