An Introduction to REST API Testing

Hello everyone, welcome to the world of API testing.

A software is an application that can fulfill the need of a client. We perform different kinds of testing on an application before delivering the product to the customer. There will be a User Interface layer which has all the client side UI logic, there is a middle layer which contains all the business logic and the APIs sit here and the testing is done in this layer and then there will be database layer.

API Testing done in the business layer

API stands for Application Programming Interface.

What is the importance of API?

1. APIs help parallelism in the world of software development

Most of the companies who has adapted agile methodologies are developing the API first and this helps the developers to work independently without waiting for others.

2. Reusability makes reductions in the development cost and increases the speed

APIs can be reused and thus helps to reduce the cost of the software development by saving the sprint timelines and money.

3. It helps to interact with multiple systems and is easy to maintain

Companies can break down complex projects into smaller APIs and these API’s can be interacted with each other. Since breaking down into smaller chunks, it is easy to maintain and test the system.

Why is API testing so important?

1. API testing helps to detect defects at very early stages. When we find the defects early in the software development life cycles, it saves the project cost and defect fixing efforts.
2. When we compare API testing with the UI testing, API testing is time efficient. We can also automate the APIs very inexpensively comparing with UI automation.
3. API testing can help find the security loopholes and performance flaws before even the software is released to the production.

REST API Testing

REST API testing is a technique to test the RESTful APIs for the web applications. These techniques are used to test the JSON and XML based web applications. In the REST API testing, a tester will send HTTP or HTTPS requests and then records the response of the API. Based on the different responses from API, we can determine the efficacy of the API. There are different tools available for the REST API testing, but Postman REST client is the most common one adapted by many companies.

REST (Representational State Transfer) Diagram

HTTP Status Codes in the API responses

There are a bunch of HTTP Status codes available but I am adding only few popular codes below, which are much relevant for API testing and often came up during my API testing career. Full list of HTTP status codes can be found here

• 1xx — informational response (the request was received and continuing process)
  100 — Continue
• 2xx successful (the request was successfully received and accepted)
  200 OK
  201 Created
  204 No Content
• 3xx redirection (further action needs to be taken in order to complete the request)
  301 Moved Permanently
• 4xx client error (the request contains bad syntax /cannot be fulfilled and need to be fixed the syntax by the user)
  400 Bad Request
  401 Unauthorized
  402 Payment Required
  403 Forbidden
  404 Not Found
  405 Method Not Allowed
• 5xx server error (the server failed to fulfill an apparently valid request/server may be down at the time of request)
  500 Internal Server Error
  501 Not Implemented
  502 Bad Gateway
  503 Service Unavailable

Testing the GET, POST, PUT and DELETE methods on the Postman UI

Below are the testing methods in the postman REST client. Let’s take an example and go through these main types of API testing methods. Let’s consider the user API as an example. This sample API implementation can be found here.

Environment File with base url

Working with GET request/method

• GET — This method will give us all the existing users in the User table( from the server). This will give only the list of existing users in the response and it will not alter anything in the existing users

GET Method — Fetching a user of id = 1

Working with POST request/method

• POST — This method is used to create new users. It sends the data to server as well, like username, name, email, address, phone, website and company. The HTTP response is 201 Created.

POST Method — Creating a new user

Working with PUT Request/method

• PUT — This method is used to update an existing record. In the example of userCreation API it will update an existing record and also it will create a new record if there is no existing data matches with the request body. In the below screenshot, we are updating the name of the record with id=2.
• PATCH — This method is considered a set of instructions on how to modify a record. the difference between PUT and PATCH is that, the latter one is not actually modifying any data, but PUT does.

PUT Method — Updating an existing record

Working with DELETE request/method

• DELETE — This method helps to remove a record. In our example this method will remove a requested user from the records. In order to remove the record, we need to pass the id of the respective resource. In this example we are deleting id = 3.

I have covered a quick introduction about the APIs, importance of API testing, and REST API testing using postman in this article. Understanding the basics of API testing is very much required to immerse deep into the ocean of API testing. Please stay tuned for more articles to master the REST API testing using Postman. Thanks