SDET Unicorns

What is API Testing?

Table of Content

API testing focuses on testing the business logic or the functionality of the application, using API testing you are also validating the data responses, as well as ensuring whether your APIs are performant and secure.

So you are testing the core functionality of the application without touching the UI or worrying about the look and feel of the application. With API testing you can either test a single request or the integration between multiple requests and validate the response that’s being returned by the server.

Validate an API response:

Let’s say you are testing this ‘users’ API – https://jsonplaceholder.typicode.com/users. You’ll see a response similar to this on a GET call:

{
  id: 1,
  name: "Leanne Graham",
  username: "Bret",
  email: "Sincere@april.biz",
  ...
},

You can validate the following scenarios:

  • Ensure the value of the required properties are not empty such as username or email
  • Verify email is in the right format
  • The name should take ‘x’ number of max characters

Similarly, you can create and verify many such scenarios per your business requirement.


Types of API Testing:

  • Functionality Testing – Testing the business logic of the application. For example, if I make an API call to the signup route, I expect it to create a new user for me and provide the details of that new user in the response.
  • Load Testing: Basically, making sure if our APIs can handle the application load. For example, if 1000 users are hitting the API at the same time, our APIs should be able to handle that load meaning it should not break or take lots of time to return the response
  • Security Testing: Checking if the APIs are secure. For example, we don’t want someone to be able to access the application data without going through the proper authentication process and having the correct token. Another example would be, we don’t want one user to be able to access the data of other users, etc..
  • Penetration Testing: Basically going one level deeper and making sure hackers or attackers cannot break your application or access your company’s sensitive data
  • Negative Testing: Ensuring that the APIs are able to handle wrong or invalid input. For example – users should not be able to enter an invalid email format, or register without entering email or password, etc…

Advantages of API Testing:

  • Early app access: In most cases, your APIs will get created first and then UI will integrate with the API. This way u have early access to the application functionality and you can validate if the business logic is working as expected. Also, you’ll be able to catch bugs earlier in the development process instead of waiting for all the way until the end when UI will be ready
  • Test speed and coverage: API testing can be performed a lot quicker than browser testing. Specifically, when you get to automation, API tests run a lot faster than browser tests as you are skipping the entire UI layer and jumping directly to the API layer. At the same time, you are also increasing your test coverage by testing your APIs
  • Language independent: API testing is language independent as the data is exchanged via JSON or XML, so you can use pretty much any language for test automation that can handle JSON or XML data
  • Easier to maintain: API tests are much easier to maintain as they are less flaky and more reliable since you don’t typically change your business logic or APIs as often compared to the UI

Check out the video below to see how to perform API Testing using a REST API console:


To learn more about API testing, check out my free tutorial series here –

JavaScript API Automation Testing Tutorial Series

My Resources

Thrive Suite: The all-in-one WordPress theme I used to create my blog.
Jasper AI: My favorite AI writing tool.
Surfer SEO:  A tool to help you rank your content on the first page of Google.

Write Content Faster

5/5

Write blog posts that rank for affiliate terms!

Join our mailing list

Unlock the Secrets to Becoming a SDET Pro in the Industry!

Stay ahead of the curve! Join our mailing list for exclusive insights, tips, and the latest industry updates delivered straight to your inbox

Table of Content

Related Post

equivalence and boundary value

Understanding Equivalence Partitioning and Boundary Value Analysis in Software Testing

Software testing techniques help ensure software quality and reliability, by helping us select test cases intelligently from the collection of test cases, such that all test scenarios are covered.

Boundary Value Analysis and Equivalence Partitioning are two testing techniques that help testers select a subset of test cases that covers all important test scenarios, even under time and budget constraints. By testing all the equivalence classes and boundary values, testers can reduce the risk of releasing software with defects.

Read More »