2. WHAT IS API
API stands for Application Programming Interface.
They are basically collection of functions and procedures, which allow us to communicate two
application or libraries.
API is an interface between programs and services
At the most basic level, an API is a mechanism that enables an application or service to access a
resource within another application or service. The application or service doing the accessing is called
the client, and the application or service containing the resource is called the server.
3. How API Works
Let’s use a simple laymen example to explain how an API works.
Imagine you’re a customer at a restaurant. The waiter (the API) functions as an
intermediary between customers like you (the user) and the kitchen (web server).
You tell the waiter your order (API call), and the waiter requests it from the kitchen.
Finally, the waiter will provide you with what you ordered.
The waiter is the intermediary between you and the kitchen. In this metaphor, the
waiter is effectively an abstraction of the API.
4. WHAT IS API TESTING
API Testing is testing that API’s and its integration with the services.
It is one of the most challenging types of testing. If we miss the certain cases in API
testing then it will cause a very big problem in production environment. And it is
very to debug in production environment.
API testing involves testing the collection of APIs and checking if they meet
expectations for functionality, reliability, performance, and security and returns the
correct response.
5. Why We Perform API Testing
Many of the services that we use everyday rely on different interconnected API’s. If
any of them fail then services will not work.
API testing is used to determine whether the output is well-structured and useful to
another application or not, checks the response on basis of input (request)
parameter, and checks how much time the API is taking to retrieve and authorize
the data too.
Developer sometimes make mistake and created defective API’s.
Validation of API is very important.
6. Role of Tester in API Testing
Validate the keys with the minimum and maximum range.
Has to perform XML, JSON, etc, schema or syntax validation.
Verify the Response status code with the API document.
Verify the error codes and messages.
Verify each key and their expected values.
Create documentation for their tested API’s.
If any bug is found then they have to create a Defect for the issue.
7. Types of API
REST
SOAP
JSON RPC
XML RPC
REST is mostly used then followed by SOAP.
8. REST API
Some APIs, such as SOAP or XML-RPC, impose a strict framework on developers. But REST APIs can
be developed using virtually any programming language and support a variety of data formats. The
only requirement is that they align to the following six REST design principles - also known as
architectural constraints:
Uniform interface. All API requests for the same resource should look the same, no matter where
the request comes from. The REST API should ensure that the same piece of data, such as the name
or email address of a user, belongs to only one uniform resource identifier (URI). Resources
shouldn’t be too large but should contain every piece of information that the client might need.
Client-server decoupling. In REST API design, client and server applications must be completely
independent of each other. The only information the client application should know is the URI of
the requested resource; it can't interact with the server application in any other ways. Similarly, a
server application shouldn't modify the client application other than passing it to the requested
data via HTTP.
9. Statelessness. REST APIs are stateless, meaning that each request needs to include all the
information necessary for processing it. In other words, REST APIs do not require any server-side
sessions. Server applications aren’t allowed to store any data related to a client request.
Cacheability. When possible, resources should be cacheable on the client or server side. Server
responses also need to contain information about whether caching is allowed for the delivered
resource. The goal is to improve performance on the client side, while increasing scalability on the
server side.
Layered system architecture. In REST APIs, the calls and responses go through different layers. As a
rule of thumb, don’t assume that the client and server applications connect directly to each other.
There may be a number of different intermediaries in the communication loop. REST APIs need to
be designed so that neither the client nor the server can tell whether it communicates with the end
application or an intermediary.
Code on demand (optional). REST APIs usually send static resources, but in certain cases, responses
can also contain executable code (such as Java applets). In these cases, the code should only run
on-demand.
10. How REST APIs work
REST APIs communicate via HTTP requests to perform standard database functions
like creating, reading, updating, and deleting records (also known as CRUD) within
a resource. For example, a REST API would use a GET request to retrieve a record, a
POST request to create one, a PUT request to update a record, and a DELETE
request to delete one. All HTTP methods can be used in API calls. A well-designed
REST API is similar to a website running in a web browser with built-in HTTP
functionality.
The state of a resource at any particular instant, or timestamp, is known as the
resource representation. This information can be delivered to a client in virtually
any format including JavaScript Object Notation (JSON), HTML, XLT, Python, PHP, or
plain text. JSON is popular because it’s readable by both humans and machines—
and it is programming language-agnostic.
11. Difference b/w REST and SOAP
Sr. No. Key REST API SOAP API
1
Implementation Rest API is implemented as it has no official
standard at all because it is an architectural style.
On other hand SOAP API has an official
standard because it is a protocol.
2
Internal
communication
REST APIs uses multiple standards like HTTP,
JSON, URL, and XML for data communication and
transfer.
SOAP APIs is largely based and uses only HTTP
and XML.
3
Resource
requirement
As REST API deploys and uses multiple standards
as stated above, so it takes fewer resources and
bandwidth as compared to SOAP API.
On other hand Soap API requires more resource
and bandwidth as it needs to convert the data
in XML which increases its payload and results
in the large sized file.
4
Description REST API uses Web Application Description
Language for describing the functionalities being
offered by web services.
On other hand SOAP API used Web Services
Description language for the same.
5
Security REST has SSL and HTTPS for security. On other hand SOAP has SSL( Secure Socket
Layer) and WS-security due to which in the
cases like Bank Account Password, Card
Number, etc. SOAP is preferred over REST.
12. HTTP METHODS
1 GET
The GET method is used to retrieve information from the given server using a given URI. Requests
using GET should only retrieve data and should have no other effect on the data.
2 HEAD
Same as GET, but transfers the status line and header section only.
3 POST
A POST request is used to send data to the server, for example, customer information, file upload,
etc. using HTML forms.
4 PUT
Replaces all current representations of the target resource with the uploaded content.
5 DELETE
Removes all current representations of the target resource given by a URI.
6 CONNECT
Establishes a tunnel to the server identified by a given URI.
7 OPTIONS
Describes the communication options for the target resource.
8 TRACE
Performs a message loop-back test along the path to the target resource.
13. HTTP Status Codes
S.N. Code and Description
1 1xx: Information
It means the request has been received and the process is continuing.
2 2xx: Success
It means the action was successfully received, understood, and accepted.
3 3xx: Redirection
It means further action must be taken in order to complete the request.
4 4xx: Client Error
It means the request contains incorrect syntax or cannot be fulfilled.
5 5xx: Server Error
It means the server failed to fulfill an apparently valid request.
14. What is Postman
Postman is a collaboration platform for API development. It is a popular API client
and it enables you to design, build, share, test, and document APIs.
Using the Postman tool, we can send HTTP/s requests to a service, as well as get
their responses. By doing this we can make sure that the service is up and running.
Being originally a Chrome browser plugin, Postman now extends their solution with
the native version for both Mac and Windows.
A test in Postman is fundamentally a JavaScript code, which run after a request is
sent and a response has been received from the server
15. Why Postman
Postman has become a tool of choice for over 8 million users.
Free: It is free to download and use for teams of any size.
Easy: Just download it and send your first request in minutes.
APIs Support: You can make any kind of API call (REST, SOAP, or plain HTTP) and
easily inspect even the largest responses.
Extensible: You can customize it for your needs with the Postman API.
Integration: You can easily integrate test suites into your preferred CI/CD service
with Newman (command line collection runner)
Community & Support: It has a huge community forum
16. Postman Features
Easy-to-use REST client
Rich interface which makes it easy to use
Can be used for both manual and automated API testing
Can be run on Mac, Windows, Linux & Chrome Apps
Has a bunch of integrations like support for Swagger & RAML formats
Has Run, Test, Document and Monitoring Features
Doesn’t require learning a new language
Enable users to easily share the knowledge with the team as they can package up all the
requests and expected responses, then send to their colleagues.
Can be integrated with CI-CD tools like Jenkins, TeamCity etc.,
Comes with a detailed API documentation
API development & Automating API tests execution