API Testing : Terminology

An overview of the commonly used API terms noted below.

API :

Application Programming Interface, a set of functions that allows an application to interact with external applications, operating systems, microservices, or data.

API Request :

An API request, also known as an API call, is a message sent from an API client to an API server to request data or to perform an action. API requests typically contains Endpoint,Method,Parameters,Headers, Body.

API Response :

API response API Response is a message that is sent by the API server to the API client in response to a request. It includes information such as the status code, headers, and body.API responses are typically formatted using standard protocols, such as HTTP, and often come in formats like JSON or XML and API response contain Status code, headers, Body.

API Endpoint
API Endpoint is a URL that represents a specific resource or action in an API. It is the entry point for making requests and receiving responses. It’s the URL where your API can be accessed.

HTTP Methods :
HTTP Methods are used to indicate the desired actions performed on a resource. In API testing, various methods such as GET, POST, PUT, PATCH, DELETE used for retrieving, creating, updating and deleting resource.

Resource :
Resource in API testing refers to a specific entity or object in the API. It represents a specific entity or piece of data that the API manages and allows access to. Example of resources in different APIs:
Social media API: A user, a post, a comment
E-commerce API: A product, a cart, an order

Mock Servers: In some situations, the mock server behaves like a real server, but it responds with the same set of responses as mocked. It emulates the real server.

Parameters :
Parameters are the inputs that you provide to the API when making requests.they provide specific instructions for the API to process the request. Common Parameters are
1.Authentication Parameters
2.Path parameters
3.Query string parameters
4.Header parameters
5.Body parameters

Payload :
payload is data that is transmitted as part of a request or response. It contains the actual information that is being sent or received between the client and the server. The payload typically contains the data that needs to be processed or manipulated by the server, such as a JSON or XML object, or sometimes binary data like images or videos.

API Gateway :
API gateway is a server that acts as an entry point for clients to access and interact with multiple microservices and backend systems.API gateways typically handle request routing, protocol translation, security, rate limiting, caching, load balancing, and API versioning. They can also provide various features — such as authentication, authorization, and analytics — to monitor and manage the usage of APIs. These capabilities enable developers to create a more scalable, resilient, and efficient system.

API Key :
API Key is a unique identifier or like password that is provided by the API provider to the API consumer. It is used to authenticate and authorize access to the API. An API key is passed along with each API request to identify the client and ensure it has the necessary permissions to interact with the relevant endpoint.

cURL :
cURL — Client for URL is a command-line tool used to make HTTP requests to web servers. It’s widely used for interacting with APIs, testing web services, and performing other network-related tasks. cURL supports a variety of protocols, including HTTP, HTTPS, FTP, FTPS, SCP, LDAP, and more.cURL helps get information from APIs, download web pages, or submit data to an API.

CRUD :
CRUD stands for Create, Read, Update, and Delete, which are the four basic operations that can be performed on data. In the context of APIs CRUD operations refer to the actions that can be taken on resources exposed by the API.

Cache :
Cache in API testing refers to the temporary storage of data or responses from an API in a local storage location. This is done to reduce the number of API requests and to improve performance by reducing the response time of the API.
Client :
Client is a software application or component in application that sends the API request to the server and receives the API response. The client can be a web browser, a mobile application, or any other software that is capable of making HTTP requests.API clients are responsible for making requests to an API, handling the API responses, and incorporating the retrieved data or functionalities into the client application.

JSON :
JSON (JavaScript Object Notation) is a lightweight data interchange format commonly used in APIs for data transmission between a server and a client. JSON is easy for humans to read and write, and it is also easy for machines to parse and generate. JSON represents data as key-value pairs, similar to objects in many programming languages. It supports arrays, objects, strings, numbers, booleans, and null values.

Example JSON Object
{
“name”: “Kumar”,
“age”: 25,
“isStudent”: false,
“hobbies”: [“reading”, “traveling”],
“address”: {
“city”: “Example City”,
“country”: “Example Country”
}
}

XML :
XML (eXtensible Markup Language) is a markup language that provides a way to structure and represent data in a human-readable and machine-readable format. XML is commonly used in APIs for data exchange between systems. XML documents are hierarchical and consist of nested elements. Elements can have attributes and contain text, other elements, or a combination of both.

Ex: XML Document
<user>
<username>user123</username>
<password>securepassword</password>
</user>

GET :
GET method is to request data from a specified resource on the server. It should be a safe and idempotent operation, meaning that making multiple identical requests should have the same effect as making a single request, and it should not have any side effects on the server.
Ex : GET request
GET /api/books?genre=mystery
Status code : 200OK

POST :
POST method is used to submit data to the server to create a new resource, submitting forms, or performing other data-related operations on the server. It is one of the standard HTTP methods defined by the HTTP protocol and is commonly used for creating new resources, submitting forms, or performing other data-related operations on the server.
Ex: POST Request
POST /api/users Content-Type: application/json
{
“username”: “new_user”,
“email”: “new_user@example.com”,
“password”: “securepassword”
}

PUT :
PUT method is used to update or create a resource on the server.commonly used for updating existing resources with new data.
Ex : PUT Request
PUT /api/users/123
Content-Type: application/json
{
“username”: “updated_user”,
“email”: “updated_user@example.com”,
“password”: “new_secure_password”
}

PATCH :
PUT method is used to update or create a resource on the server.commonly used for updating existing resources with new data.
Ex : PATCH Request
PATCH /api/users/123
Content-Type: application/json

{
“email”: “updated_email@example.com”
}

DELETE :
DELETE method is used to request the removal or deletion of a resource on the server. It is one of the standard HTTP methods defined by the HTTP protocol and is commonly used for deleting resources that are no longer needed.
Ex : DELETE Request
DELETE /api/users/123

REST :
REST stands for Representational state transfer.
These are web services that provide interoperability between computer systems over the internet. RESTful Web services provide a predefined set of stateless operations and allow requesting systems to access and manipulate textual representations of web resources. APIs rely on an industry-standard set of architectural principles to guide the creation and use of the API. These include having stateless calls, returning standard error codes, and supporting endpoints for GET, POST, PUT, and DELETE operations. RESTful APIs power approximately 70% of the web.

SOAP :
SOAP (Simple Object Access Protocol) is a type of API protocol that allows communication between devices that run Windows or Linux via XML popular in the enterprise space. SOAP is an older and stricter protocol than REST. Dispatch does NOT currently support a SOAP API.

Authentication :
Authentication in API refers to the process of verifying the identity of a client before allowing access to the API’s resources . It ensures that only authorized and authenticated entities can interact with the API, maintaining security and control over sensitive data and operations. Authentication methods like API Key, OAuth, Basic Authentication and JWT and more.

API Documentation :
API Documentation is a set of instructions and information that describes the functionality, parameters, and usage of an API. It can be in the form of a user guide, reference manual, or API Blueprint. In API testing, API Documentation can be used to understand how the API works and to create test cases.

API Security :
API Security is the process of protecting an API from unauthorized access, attacks, and misuse. It includes tasks such as authentication, authorization, encryption, and threat detection. API Security can be tested to ensure that the API is properly secured and that it is not vulnerable to attacks.

Environment :
Environment in API testing refers to the combination of hardware, software, and network configurations that an API is deployed in. API testing should be performed in various environments to ensure that the API functions correctly in different configurations.
Ex: Dev Environment , Test/ Staging Environment and production environments.

CI/CD :
CI/CD, which stands for Continuous Integration and Continuous Deployment (or Continuous Delivery), is a set of practices aimed at automating and streamlining the software development and release processes. When applied to API development, CI/CD helps ensure the reliability, quality, and efficient delivery of API updates and releases.

Webhook APIs:

A webhook is a lightweight API that powers one-way data sharing triggered by events. Webhooks are also called reverse APIs. They help send messages, alerts, and notifications from the server to the client.

YAML (Yet Another Markup Language) in API Testing :

YAML in API testing is a human readable data serialization format that is commonly used for configuration files and data exchange. YAML is often used to define test data and test scenarios in a structured, easy-to-read format. YAML is also used in API documentation to provide examples and sample requests and responses. YAML is similar to JSON but has a simpler syntax and can be easier to read and write.

References : Terminology in APIs by …..