SlideShare a Scribd company logo

Postman & API Testing by Amber Race

Postman
Postman

Postman & API Testing by Amber Race, Senior SDET at Big Fish Games

Software
1 of 23
Download to read offline
Postman & API Testing Amber Race Senior SDET at Big Fish Games Up Next
EXPLORING YOUR APIS WITH POSTMAN
 
 Amber Race (@ambertests)
 Senior SDET, Big Fish Games
Get Yer Samples! All code shown in this talk is available on my Github! https://github.com/ ambertests/explore-with- postman
Explorator y Testing Testing without a pre-set script or set of test steps.
Amber Race - @ambertests https://krebsonsecurity.com/2018/05/tracking-firm-locationsmart-leaked-location-data-for-customers-of- all-major-u-s-mobile-carriers-in-real-time-via-its-web-site/ TESTING A PUBLICLY FACING API THROUGH YOUR UI IS NOT ENOUGH!!!!!
Getting the Goods
Import From Chrome
Import From Swagger
Amber Race - @ambertests Service Test Strategy P – Parameters O – Output I – Interop S – Security E – Error Handling D – Data
Amber Race - @ambertests PARAMETERS
 
 • The client is always wrong • Boundaries • Business rules
Amber Race - @ambertests OUTPUT • Status codes • Headers • Logging
Logging and Status Codes
Amber Race - @ambertests INTEROP • Clients • Dependencies
Amber Race - @ambertests SECURITY • Authentication and spoofing • Exposed data • SQL Injection • “Hidden” apis
Amber Race - @ambertests EXCEPTIONS • No unhandled exceptions • Error info, but not too much
Amber Race - @ambertests DATA • Updates and replication • Unicode • Caching
Amber Race - @ambertests More Resources ■ Restful-Booker: https://restful- booker.herokuapp.com/ ■ Danny Dainton’s Postman Tips: https://github.com/DannyDainton/All- Things-Postman ■ Postman Blog: http:// blog.getpostman.com/ ■ Big List of Naughty Strings: https:// github.com/minimaxir/big-list-of-naughty- strings ■ Workshop Materials: https:// github.com/ambertests/explore-with- postman
Amber Race - @ambertests Thank you for attending! ■ Email: amber.race @outlook.co m ■ LinkedIn: https:// www.linkedin.c om/in/amber- race-tests ■ Twitter: @ambertest s

Recommended

RESTful API Testing using Postman, Newman, and Jenkins
RESTful API Testing using Postman, Newman, and JenkinsRESTful API Testing using Postman, Newman, and Jenkins
RESTful API Testing using Postman, Newman, and JenkinsQASymphony
 
Api Testing
Api TestingApi Testing
Api TestingVishwanath KC
 
API Testing. Streamline your testing process.
API Testing. Streamline your testing process.API Testing. Streamline your testing process.
API Testing. Streamline your testing process.Andrey Oleynik
 
Postman. From simple API test to end to end scenario
Postman. From simple API test to end to end scenarioPostman. From simple API test to end to end scenario
Postman. From simple API test to end to end scenarioHYS Enterprise
 
API Test Automation
API Test Automation API Test Automation
API Test Automation SQALab
 
Using Postman to Automate API On-Boarding
Using Postman to Automate API On-BoardingUsing Postman to Automate API On-Boarding
Using Postman to Automate API On-BoardingPostman
 
API Testing
API TestingAPI Testing
API TestingBikash Sharma
 
An Introduction To Automated API Testing
An Introduction To Automated API TestingAn Introduction To Automated API Testing
An Introduction To Automated API TestingSauce Labs
 

Recommended

RESTful API Testing using Postman, Newman, and Jenkins
RESTful API Testing using Postman, Newman, and JenkinsRESTful API Testing using Postman, Newman, and Jenkins
RESTful API Testing using Postman, Newman, and JenkinsQASymphony
 
Api Testing
Api TestingApi Testing
Api TestingVishwanath KC
 
API Testing. Streamline your testing process.
API Testing. Streamline your testing process.API Testing. Streamline your testing process.
API Testing. Streamline your testing process.Andrey Oleynik
 
Postman. From simple API test to end to end scenario
Postman. From simple API test to end to end scenarioPostman. From simple API test to end to end scenario
Postman. From simple API test to end to end scenarioHYS Enterprise
 
API Test Automation
API Test Automation API Test Automation
API Test Automation SQALab
 
Using Postman to Automate API On-Boarding
Using Postman to Automate API On-BoardingUsing Postman to Automate API On-Boarding
Using Postman to Automate API On-BoardingPostman
 
API Testing
API TestingAPI Testing
API TestingBikash Sharma
 
An Introduction To Automated API Testing
An Introduction To Automated API TestingAn Introduction To Automated API Testing
An Introduction To Automated API TestingSauce Labs
 
POST/CON 2019 Workshop: Testing, Automated Testing, and Reporting APIs with P...
POST/CON 2019 Workshop: Testing, Automated Testing, and Reporting APIs with P...POST/CON 2019 Workshop: Testing, Automated Testing, and Reporting APIs with P...
POST/CON 2019 Workshop: Testing, Automated Testing, and Reporting APIs with P...Postman
 
Postman
PostmanPostman
PostmanIgor Shubovych
 
API Testing: The heart of functional testing" with Bj Rollison
API Testing: The heart of functional testing" with Bj RollisonAPI Testing: The heart of functional testing" with Bj Rollison
API Testing: The heart of functional testing" with Bj RollisonTEST Huddle
 
How to Automate API Testing
How to Automate API TestingHow to Automate API Testing
How to Automate API TestingBruno Pedro
 
Belajar Postman test runner
Belajar Postman test runnerBelajar Postman test runner
Belajar Postman test runnerFachrul Choliluddin
 
Api testing
Api testingApi testing
Api testingHamzaMajid13
 
Test Design and Automation for REST API
Test Design and Automation for REST APITest Design and Automation for REST API
Test Design and Automation for REST APIIvan Katunou
 
Postman: An Introduction for Testers
Postman: An Introduction for TestersPostman: An Introduction for Testers
Postman: An Introduction for TestersPostman
 
Postman Webinar: Postman 101
Postman Webinar: Postman 101Postman Webinar: Postman 101
Postman Webinar: Postman 101Nikita Sharma
 
B4USolution_API-Testing
B4USolution_API-TestingB4USolution_API-Testing
B4USolution_API-Testingb4usolution .
 
Postman Webinar: “Continuous Testing with Postman”
Postman Webinar: “Continuous Testing with Postman”Postman Webinar: “Continuous Testing with Postman”
Postman Webinar: “Continuous Testing with Postman”Postman
 
API Testing Presentations.pptx
API Testing Presentations.pptxAPI Testing Presentations.pptx
API Testing Presentations.pptxManmitSalunke
 
Postman 101 & Office Hours
Postman 101 & Office HoursPostman 101 & Office Hours
Postman 101 & Office HoursPostman
 
Jmeter Performance Testing
Jmeter Performance TestingJmeter Performance Testing
Jmeter Performance TestingAtul Pant
 
Postman.ppt
Postman.pptPostman.ppt
Postman.pptParrotBAD
 
Advanced API Debugging
Advanced API DebuggingAdvanced API Debugging
Advanced API DebuggingPostman
 
Api Testing
Api TestingApi Testing
Api TestingVishwanath KC
 
Api testing bible using postman
Api testing bible using postmanApi testing bible using postman
Api testing bible using postmanAbhishek Saxena
 
Postman Introduction
Postman IntroductionPostman Introduction
Postman IntroductionRahul Agarwal
 
POSTMAN.pptx
POSTMAN.pptxPOSTMAN.pptx
POSTMAN.pptxRamaKrishna970827
 
Exploring your APIs with Postman
Exploring your APIs with PostmanExploring your APIs with Postman
Exploring your APIs with PostmanAmber Race
 
Eradicate Flaky Tests
Eradicate Flaky TestsEradicate Flaky Tests
Eradicate Flaky TestsAnand Bagmar
 

More Related Content

What's hot

POST/CON 2019 Workshop: Testing, Automated Testing, and Reporting APIs with P...
POST/CON 2019 Workshop: Testing, Automated Testing, and Reporting APIs with P...POST/CON 2019 Workshop: Testing, Automated Testing, and Reporting APIs with P...
POST/CON 2019 Workshop: Testing, Automated Testing, and Reporting APIs with P...Postman
 
API Testing: The heart of functional testing" with Bj Rollison
API Testing: The heart of functional testing" with Bj RollisonAPI Testing: The heart of functional testing" with Bj Rollison
API Testing: The heart of functional testing" with Bj RollisonTEST Huddle
 
How to Automate API Testing
How to Automate API TestingHow to Automate API Testing
How to Automate API TestingBruno Pedro
 
Test Design and Automation for REST API
Test Design and Automation for REST APITest Design and Automation for REST API
Test Design and Automation for REST APIIvan Katunou
 
Postman: An Introduction for Testers
Postman: An Introduction for TestersPostman: An Introduction for Testers
Postman: An Introduction for TestersPostman
 
Postman Webinar: Postman 101
Postman Webinar: Postman 101Postman Webinar: Postman 101
Postman Webinar: Postman 101Nikita Sharma
 
B4USolution_API-Testing
B4USolution_API-TestingB4USolution_API-Testing
B4USolution_API-Testingb4usolution .
 
Postman Webinar: “Continuous Testing with Postman”
Postman Webinar: “Continuous Testing with Postman”Postman Webinar: “Continuous Testing with Postman”
Postman Webinar: “Continuous Testing with Postman”Postman
 
API Testing Presentations.pptx
API Testing Presentations.pptxAPI Testing Presentations.pptx
API Testing Presentations.pptxManmitSalunke
 
Postman 101 & Office Hours
Postman 101 & Office HoursPostman 101 & Office Hours
Postman 101 & Office HoursPostman
 
Jmeter Performance Testing
Jmeter Performance TestingJmeter Performance Testing
Jmeter Performance TestingAtul Pant
 
Advanced API Debugging
Advanced API DebuggingAdvanced API Debugging
Advanced API DebuggingPostman
 
Api testing bible using postman
Api testing bible using postmanApi testing bible using postman
Api testing bible using postmanAbhishek Saxena
 
Postman Introduction
Postman IntroductionPostman Introduction
Postman IntroductionRahul Agarwal
 

What's hot (20)

POST/CON 2019 Workshop: Testing, Automated Testing, and Reporting APIs with P...
POST/CON 2019 Workshop: Testing, Automated Testing, and Reporting APIs with P...POST/CON 2019 Workshop: Testing, Automated Testing, and Reporting APIs with P...
POST/CON 2019 Workshop: Testing, Automated Testing, and Reporting APIs with P...
 
Postman
PostmanPostman
Postman
 
API Testing: The heart of functional testing" with Bj Rollison
API Testing: The heart of functional testing" with Bj RollisonAPI Testing: The heart of functional testing" with Bj Rollison
API Testing: The heart of functional testing" with Bj Rollison
 
How to Automate API Testing
How to Automate API TestingHow to Automate API Testing
How to Automate API Testing
 
Belajar Postman test runner
Belajar Postman test runnerBelajar Postman test runner
Belajar Postman test runner
 
Api testing
Api testingApi testing
Api testing
 
Test Design and Automation for REST API
Test Design and Automation for REST APITest Design and Automation for REST API
Test Design and Automation for REST API
 
Postman: An Introduction for Testers
Postman: An Introduction for TestersPostman: An Introduction for Testers
Postman: An Introduction for Testers
 
Postman Webinar: Postman 101
Postman Webinar: Postman 101Postman Webinar: Postman 101
Postman Webinar: Postman 101
 
B4USolution_API-Testing
B4USolution_API-TestingB4USolution_API-Testing
B4USolution_API-Testing
 
Postman Webinar: “Continuous Testing with Postman”
Postman Webinar: “Continuous Testing with Postman”Postman Webinar: “Continuous Testing with Postman”
Postman Webinar: “Continuous Testing with Postman”
 
API Testing Presentations.pptx
API Testing Presentations.pptxAPI Testing Presentations.pptx
API Testing Presentations.pptx
 
Postman 101 & Office Hours
Postman 101 & Office HoursPostman 101 & Office Hours
Postman 101 & Office Hours
 
Jmeter Performance Testing
Jmeter Performance TestingJmeter Performance Testing
Jmeter Performance Testing
 
Postman.ppt
Postman.pptPostman.ppt
Postman.ppt
 
Advanced API Debugging
Advanced API DebuggingAdvanced API Debugging
Advanced API Debugging
 
Api Testing
Api TestingApi Testing
Api Testing
 
Api testing bible using postman
Api testing bible using postmanApi testing bible using postman
Api testing bible using postman
 
Postman Introduction
Postman IntroductionPostman Introduction
Postman Introduction
 
POSTMAN.pptx
POSTMAN.pptxPOSTMAN.pptx
POSTMAN.pptx
 

Similar to Postman & API Testing by Amber Race

Exploring your APIs with Postman
Exploring your APIs with PostmanExploring your APIs with Postman
Exploring your APIs with PostmanAmber Race
 
Eradicate Flaky Tests
Eradicate Flaky TestsEradicate Flaky Tests
Eradicate Flaky TestsAnand Bagmar
 
Super powered API testing
Super powered API testing Super powered API testing
Super powered API testing postmanclient
 
Eradicate Flaky Tests - AppiumConf 2021
Eradicate Flaky Tests - AppiumConf 2021Eradicate Flaky Tests - AppiumConf 2021
Eradicate Flaky Tests - AppiumConf 2021Anand Bagmar
 
AI assisted testing using postman and openAI.pdf
AI assisted testing using postman and openAI.pdfAI assisted testing using postman and openAI.pdf
AI assisted testing using postman and openAI.pdfsivaganeshsivakumar1
 
Behavior Driven Development, Ruby Style
Behavior Driven Development, Ruby StyleBehavior Driven Development, Ruby Style
Behavior Driven Development, Ruby StyleBozhidar Batsov
 
Expanding Your .NET Testing Toolbox - GLUG NET
Expanding Your .NET Testing Toolbox - GLUG NETExpanding Your .NET Testing Toolbox - GLUG NET
Expanding Your .NET Testing Toolbox - GLUG NETMatt Eland
 
Smoke Tests @ DevOps-Hamburg 06.02.2017
Smoke Tests @ DevOps-Hamburg 06.02.2017Smoke Tests @ DevOps-Hamburg 06.02.2017
Smoke Tests @ DevOps-Hamburg 06.02.2017tech.kartenmacherei
 
Selenium 2 - PyCon 2011
Selenium 2 - PyCon 2011Selenium 2 - PyCon 2011
Selenium 2 - PyCon 2011hugs
 
Android application analyzer
Android application analyzerAndroid application analyzer
Android application analyzerSanjay Gondaliya
 
Agile roundabout 2017 01 - keeping your ci-cd system as fast as it needs to be
Agile roundabout 2017 01 - keeping your ci-cd system as fast as it needs to beAgile roundabout 2017 01 - keeping your ci-cd system as fast as it needs to be
Agile roundabout 2017 01 - keeping your ci-cd system as fast as it needs to beAbraham Marin-Perez
 
QA or the Highway 2022.pptx
QA or the Highway 2022.pptxQA or the Highway 2022.pptx
QA or the Highway 2022.pptxPerfecto Mobile
 
Write Antifragile & Domain-Driven tests with ”Outside-in diamond” ◆ TDD
Write Antifragile & Domain-Driven tests with ”Outside-in diamond” ◆ TDDWrite Antifragile & Domain-Driven tests with ”Outside-in diamond” ◆ TDD
Write Antifragile & Domain-Driven tests with ”Outside-in diamond” ◆ TDDThomas Pierrain
 
RESTFul API Design and Documentation - an Introduction
RESTFul API Design and Documentation - an IntroductionRESTFul API Design and Documentation - an Introduction
RESTFul API Design and Documentation - an IntroductionMiredot
 
Sauce Labs Beta Program Overview
Sauce Labs Beta Program OverviewSauce Labs Beta Program Overview
Sauce Labs Beta Program OverviewAl Sargent
 
Socket applications
Socket applicationsSocket applications
Socket applicationsJoão Moura
 
Serverless in production, an experience report (linuxing in london)
Serverless in production, an experience report (linuxing in london)Serverless in production, an experience report (linuxing in london)
Serverless in production, an experience report (linuxing in london)Yan Cui
 
Олексій Павленко. CONTRACT PROTECTION ON THE FRONTEND SIDE: HOW TO ORGANIZE R...
Олексій Павленко. CONTRACT PROTECTION ON THE FRONTEND SIDE: HOW TO ORGANIZE R...Олексій Павленко. CONTRACT PROTECTION ON THE FRONTEND SIDE: HOW TO ORGANIZE R...
Олексій Павленко. CONTRACT PROTECTION ON THE FRONTEND SIDE: HOW TO ORGANIZE R...OdessaJS Conf
 
Expanding APIs beyond the Web
Expanding APIs beyond the WebExpanding APIs beyond the Web
Expanding APIs beyond the WebTim Messerschmidt
 
Salesforce integration options
Salesforce integration optionsSalesforce integration options
Salesforce integration optionsTechforce Services
 

Similar to Postman & API Testing by Amber Race (20)

Exploring your APIs with Postman
Exploring your APIs with PostmanExploring your APIs with Postman
Exploring your APIs with Postman
 
Eradicate Flaky Tests
Eradicate Flaky TestsEradicate Flaky Tests
Eradicate Flaky Tests
 
Super powered API testing
Super powered API testing Super powered API testing
Super powered API testing
 
Eradicate Flaky Tests - AppiumConf 2021
Eradicate Flaky Tests - AppiumConf 2021Eradicate Flaky Tests - AppiumConf 2021
Eradicate Flaky Tests - AppiumConf 2021
 
AI assisted testing using postman and openAI.pdf
AI assisted testing using postman and openAI.pdfAI assisted testing using postman and openAI.pdf
AI assisted testing using postman and openAI.pdf
 
Behavior Driven Development, Ruby Style
Behavior Driven Development, Ruby StyleBehavior Driven Development, Ruby Style
Behavior Driven Development, Ruby Style
 
Expanding Your .NET Testing Toolbox - GLUG NET
Expanding Your .NET Testing Toolbox - GLUG NETExpanding Your .NET Testing Toolbox - GLUG NET
Expanding Your .NET Testing Toolbox - GLUG NET
 
Smoke Tests @ DevOps-Hamburg 06.02.2017
Smoke Tests @ DevOps-Hamburg 06.02.2017Smoke Tests @ DevOps-Hamburg 06.02.2017
Smoke Tests @ DevOps-Hamburg 06.02.2017
 
Selenium 2 - PyCon 2011
Selenium 2 - PyCon 2011Selenium 2 - PyCon 2011
Selenium 2 - PyCon 2011
 
Android application analyzer
Android application analyzerAndroid application analyzer
Android application analyzer
 
Agile roundabout 2017 01 - keeping your ci-cd system as fast as it needs to be
Agile roundabout 2017 01 - keeping your ci-cd system as fast as it needs to beAgile roundabout 2017 01 - keeping your ci-cd system as fast as it needs to be
Agile roundabout 2017 01 - keeping your ci-cd system as fast as it needs to be
 
QA or the Highway 2022.pptx
QA or the Highway 2022.pptxQA or the Highway 2022.pptx
QA or the Highway 2022.pptx
 
Write Antifragile & Domain-Driven tests with ”Outside-in diamond” ◆ TDD
Write Antifragile & Domain-Driven tests with ”Outside-in diamond” ◆ TDDWrite Antifragile & Domain-Driven tests with ”Outside-in diamond” ◆ TDD
Write Antifragile & Domain-Driven tests with ”Outside-in diamond” ◆ TDD
 
RESTFul API Design and Documentation - an Introduction
RESTFul API Design and Documentation - an IntroductionRESTFul API Design and Documentation - an Introduction
RESTFul API Design and Documentation - an Introduction
 
Sauce Labs Beta Program Overview
Sauce Labs Beta Program OverviewSauce Labs Beta Program Overview
Sauce Labs Beta Program Overview
 
Socket applications
Socket applicationsSocket applications
Socket applications
 
Serverless in production, an experience report (linuxing in london)
Serverless in production, an experience report (linuxing in london)Serverless in production, an experience report (linuxing in london)
Serverless in production, an experience report (linuxing in london)
 
Олексій Павленко. CONTRACT PROTECTION ON THE FRONTEND SIDE: HOW TO ORGANIZE R...
Олексій Павленко. CONTRACT PROTECTION ON THE FRONTEND SIDE: HOW TO ORGANIZE R...Олексій Павленко. CONTRACT PROTECTION ON THE FRONTEND SIDE: HOW TO ORGANIZE R...
Олексій Павленко. CONTRACT PROTECTION ON THE FRONTEND SIDE: HOW TO ORGANIZE R...
 
Expanding APIs beyond the Web
Expanding APIs beyond the WebExpanding APIs beyond the Web
Expanding APIs beyond the Web
 
Salesforce integration options
Salesforce integration optionsSalesforce integration options
Salesforce integration options
 

More from Postman

Elevating Developer Experiences with AI-Powered API Testing & Documentation
Elevating Developer Experiences with AI-Powered API Testing & DocumentationElevating Developer Experiences with AI-Powered API Testing & Documentation
Elevating Developer Experiences with AI-Powered API Testing & DocumentationPostman
 
Discovering Public APIs and Public API Network with Postman
Discovering Public APIs and Public API Network with PostmanDiscovering Public APIs and Public API Network with Postman
Discovering Public APIs and Public API Network with PostmanPostman
 
Optimizing Teamwork: Harnessing Collections & Workspaces for Collaboration
Optimizing Teamwork: Harnessing Collections & Workspaces for CollaborationOptimizing Teamwork: Harnessing Collections & Workspaces for Collaboration
Optimizing Teamwork: Harnessing Collections & Workspaces for CollaborationPostman
 
API testing Beyond the Basics AI & Automation Techniques
API testing Beyond the Basics AI & Automation TechniquesAPI testing Beyond the Basics AI & Automation Techniques
API testing Beyond the Basics AI & Automation TechniquesPostman
 
Not Your Grandma’s Rate Limiting (slides)
Not Your Grandma’s Rate Limiting (slides)Not Your Grandma’s Rate Limiting (slides)
Not Your Grandma’s Rate Limiting (slides)Postman
 
Five Ways to Automate API Testing with Postman
Five Ways to Automate API Testing with PostmanFive Ways to Automate API Testing with Postman
Five Ways to Automate API Testing with PostmanPostman
 
How to Scale APIs-as-Product for Future Success
How to Scale APIs-as-Product for Future SuccessHow to Scale APIs-as-Product for Future Success
How to Scale APIs-as-Product for Future SuccessPostman
 
Revolutionizing API Development: Collaborative Workflows with Postman
Revolutionizing API Development: Collaborative Workflows with PostmanRevolutionizing API Development: Collaborative Workflows with Postman
Revolutionizing API Development: Collaborative Workflows with PostmanPostman
 
Everything You Always Wanted to Know About AsyncAPI
Everything You Always Wanted to Know About AsyncAPIEverything You Always Wanted to Know About AsyncAPI
Everything You Always Wanted to Know About AsyncAPIPostman
 
Elevating Event-Driven World: A Deep Dive into AsyncAPI v3
Elevating Event-Driven World: A Deep Dive into AsyncAPI v3Elevating Event-Driven World: A Deep Dive into AsyncAPI v3
Elevating Event-Driven World: A Deep Dive into AsyncAPI v3Postman
 
Five Things You SHOULD Know About Postman
Five Things You SHOULD Know About PostmanFive Things You SHOULD Know About Postman
Five Things You SHOULD Know About PostmanPostman
 
Integration-, Snapshot- and Performance-Testing APIs
Integration-, Snapshot- and Performance-Testing APIs Integration-, Snapshot- and Performance-Testing APIs
Integration-, Snapshot- and Performance-Testing APIs Postman
 
How ChatGPT led OpenAPI's Recent Spike in Popularity
How ChatGPT led OpenAPI's Recent Spike in PopularityHow ChatGPT led OpenAPI's Recent Spike in Popularity
How ChatGPT led OpenAPI's Recent Spike in PopularityPostman
 
Exploring Postman’s VS Code Extension
Exploring Postman’s VS Code ExtensionExploring Postman’s VS Code Extension
Exploring Postman’s VS Code ExtensionPostman
 
2023 State of the API Report: Key Findings and Trends
2023 State of the API Report: Key Findings and Trends2023 State of the API Report: Key Findings and Trends
2023 State of the API Report: Key Findings and TrendsPostman
 
Nordic- APIOps is here What will you build in an API First World
Nordic- APIOps is here What will you build in an API First World Nordic- APIOps is here What will you build in an API First World
Nordic- APIOps is here What will you build in an API First World Postman
 
Testing and Developing gRPC APIs
Testing and Developing gRPC APIsTesting and Developing gRPC APIs
Testing and Developing gRPC APIsPostman
 
Testing and Developing GraphQL APIs
Testing and Developing GraphQL APIsTesting and Developing GraphQL APIs
Testing and Developing GraphQL APIsPostman
 
Introduction to API Security - Intergalactic
Introduction to API Security - IntergalacticIntroduction to API Security - Intergalactic
Introduction to API Security - IntergalacticPostman
 
Unboxing What's New in Postman Q2
Unboxing What's New in Postman Q2Unboxing What's New in Postman Q2
Unboxing What's New in Postman Q2Postman
 

More from Postman (20)

Elevating Developer Experiences with AI-Powered API Testing & Documentation
Elevating Developer Experiences with AI-Powered API Testing & DocumentationElevating Developer Experiences with AI-Powered API Testing & Documentation
Elevating Developer Experiences with AI-Powered API Testing & Documentation
 
Discovering Public APIs and Public API Network with Postman
Discovering Public APIs and Public API Network with PostmanDiscovering Public APIs and Public API Network with Postman
Discovering Public APIs and Public API Network with Postman
 
Optimizing Teamwork: Harnessing Collections & Workspaces for Collaboration
Optimizing Teamwork: Harnessing Collections & Workspaces for CollaborationOptimizing Teamwork: Harnessing Collections & Workspaces for Collaboration
Optimizing Teamwork: Harnessing Collections & Workspaces for Collaboration
 
API testing Beyond the Basics AI & Automation Techniques
API testing Beyond the Basics AI & Automation TechniquesAPI testing Beyond the Basics AI & Automation Techniques
API testing Beyond the Basics AI & Automation Techniques
 
Not Your Grandma’s Rate Limiting (slides)
Not Your Grandma’s Rate Limiting (slides)Not Your Grandma’s Rate Limiting (slides)
Not Your Grandma’s Rate Limiting (slides)
 
Five Ways to Automate API Testing with Postman
Five Ways to Automate API Testing with PostmanFive Ways to Automate API Testing with Postman
Five Ways to Automate API Testing with Postman
 
How to Scale APIs-as-Product for Future Success
How to Scale APIs-as-Product for Future SuccessHow to Scale APIs-as-Product for Future Success
How to Scale APIs-as-Product for Future Success
 
Revolutionizing API Development: Collaborative Workflows with Postman
Revolutionizing API Development: Collaborative Workflows with PostmanRevolutionizing API Development: Collaborative Workflows with Postman
Revolutionizing API Development: Collaborative Workflows with Postman
 
Everything You Always Wanted to Know About AsyncAPI
Everything You Always Wanted to Know About AsyncAPIEverything You Always Wanted to Know About AsyncAPI
Everything You Always Wanted to Know About AsyncAPI
 
Elevating Event-Driven World: A Deep Dive into AsyncAPI v3
Elevating Event-Driven World: A Deep Dive into AsyncAPI v3Elevating Event-Driven World: A Deep Dive into AsyncAPI v3
Elevating Event-Driven World: A Deep Dive into AsyncAPI v3
 
Five Things You SHOULD Know About Postman
Five Things You SHOULD Know About PostmanFive Things You SHOULD Know About Postman
Five Things You SHOULD Know About Postman
 
Integration-, Snapshot- and Performance-Testing APIs
Integration-, Snapshot- and Performance-Testing APIs Integration-, Snapshot- and Performance-Testing APIs
Integration-, Snapshot- and Performance-Testing APIs
 
How ChatGPT led OpenAPI's Recent Spike in Popularity
How ChatGPT led OpenAPI's Recent Spike in PopularityHow ChatGPT led OpenAPI's Recent Spike in Popularity
How ChatGPT led OpenAPI's Recent Spike in Popularity
 
Exploring Postman’s VS Code Extension
Exploring Postman’s VS Code ExtensionExploring Postman’s VS Code Extension
Exploring Postman’s VS Code Extension
 
2023 State of the API Report: Key Findings and Trends
2023 State of the API Report: Key Findings and Trends2023 State of the API Report: Key Findings and Trends
2023 State of the API Report: Key Findings and Trends
 
Nordic- APIOps is here What will you build in an API First World
Nordic- APIOps is here What will you build in an API First World Nordic- APIOps is here What will you build in an API First World
Nordic- APIOps is here What will you build in an API First World
 
Testing and Developing gRPC APIs
Testing and Developing gRPC APIsTesting and Developing gRPC APIs
Testing and Developing gRPC APIs
 
Testing and Developing GraphQL APIs
Testing and Developing GraphQL APIsTesting and Developing GraphQL APIs
Testing and Developing GraphQL APIs
 
Introduction to API Security - Intergalactic
Introduction to API Security - IntergalacticIntroduction to API Security - Intergalactic
Introduction to API Security - Intergalactic
 
Unboxing What's New in Postman Q2
Unboxing What's New in Postman Q2Unboxing What's New in Postman Q2
Unboxing What's New in Postman Q2
 

Recently uploaded

SpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at RuntimeSpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at Runtimeandrehoraa
 
Introduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdfIntroduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdfFerryKemperman
 
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEEVICTOR MAESTRE RAMIREZ
 
A healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdfA healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdfMarharyta Nedzelska
 
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024StefanoLambiase
 
MYjobs Presentation Django-based project
MYjobs Presentation Django-based projectMYjobs Presentation Django-based project
MYjobs Presentation Django-based projectAnoyGreter
 
Ahmed Motair CV April 2024 (Senior SW Developer)
Ahmed Motair CV April 2024 (Senior SW Developer)Ahmed Motair CV April 2024 (Senior SW Developer)
Ahmed Motair CV April 2024 (Senior SW Developer)Ahmed Mater
 
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)jennyeacort
 
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...Natan Silnitsky
 
Unveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesUnveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesŁukasz Chruściel
 
Buds n Tech IT Solutions: Top-Notch Web Services in Noida
Buds n Tech IT Solutions: Top-Notch Web Services in NoidaBuds n Tech IT Solutions: Top-Notch Web Services in Noida
Buds n Tech IT Solutions: Top-Notch Web Services in Noidabntitsolutionsrishis
 
Cyber security and its impact on E commerce
Cyber security and its impact on E commerceCyber security and its impact on E commerce
Cyber security and its impact on E commercemanigoyal112
 
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...confluent
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfAlina Yurenko
 
How to Track Employee Performance A Comprehensive Guide.pdf
How to Track Employee Performance A Comprehensive Guide.pdfHow to Track Employee Performance A Comprehensive Guide.pdf
How to Track Employee Performance A Comprehensive Guide.pdfLivetecs LLC
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityNeo4j
 
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样umasea
 
What is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWhat is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWave PLM
 
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte GermanySuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte GermanyChristoph Pohl
 

Recently uploaded (20)

SpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at RuntimeSpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at Runtime
 
Introduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdfIntroduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdf
 
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEE
 
A healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdfA healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdf
 
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
 
MYjobs Presentation Django-based project
MYjobs Presentation Django-based projectMYjobs Presentation Django-based project
MYjobs Presentation Django-based project
 
Ahmed Motair CV April 2024 (Senior SW Developer)
Ahmed Motair CV April 2024 (Senior SW Developer)Ahmed Motair CV April 2024 (Senior SW Developer)
Ahmed Motair CV April 2024 (Senior SW Developer)
 
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
 
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
 
Unveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesUnveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New Features
 
Buds n Tech IT Solutions: Top-Notch Web Services in Noida
Buds n Tech IT Solutions: Top-Notch Web Services in NoidaBuds n Tech IT Solutions: Top-Notch Web Services in Noida
Buds n Tech IT Solutions: Top-Notch Web Services in Noida
 
Cyber security and its impact on E commerce
Cyber security and its impact on E commerceCyber security and its impact on E commerce
Cyber security and its impact on E commerce
 
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
 
How to Track Employee Performance A Comprehensive Guide.pdf
How to Track Employee Performance A Comprehensive Guide.pdfHow to Track Employee Performance A Comprehensive Guide.pdf
How to Track Employee Performance A Comprehensive Guide.pdf
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered Sustainability
 
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
 
What is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWhat is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need It
 
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort ServiceHot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
 
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte GermanySuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
 

Postman & API Testing by Amber Race

  • 1. Postman & API Testing Amber Race Senior SDET at Big Fish Games Up Next
  • 2. EXPLORING YOUR APIS WITH POSTMAN
 
 Amber Race (@ambertests)
 Senior SDET, Big Fish Games
  • 3. Get Yer Samples! All code shown in this talk is available on my Github! https://github.com/ ambertests/explore-with- postman
  • 4. Explorator y Testing Testing without a pre-set script or set of test steps.
  • 5. Amber Race - @ambertests https://krebsonsecurity.com/2018/05/tracking-firm-locationsmart-leaked-location-data-for-customers-of- all-major-u-s-mobile-carriers-in-real-time-via-its-web-site/ TESTING A PUBLICLY FACING API THROUGH YOUR UI IS NOT ENOUGH!!!!!
  • 9. Amber Race - @ambertests Service Test Strategy P – Parameters O – Output I – Interop S – Security E – Error Handling D – Data
  • 10. Amber Race - @ambertests PARAMETERS
 
 • The client is always wrong • Boundaries • Business rules
  • 11.
  • 12. Amber Race - @ambertests OUTPUT • Status codes • Headers • Logging
  • 14. Amber Race - @ambertests INTEROP • Clients • Dependencies
  • 15.
  • 16. Amber Race - @ambertests SECURITY • Authentication and spoofing • Exposed data • SQL Injection • “Hidden” apis
  • 17.
  • 18. Amber Race - @ambertests EXCEPTIONS • No unhandled exceptions • Error info, but not too much
  • 19.
  • 20. Amber Race - @ambertests DATA • Updates and replication • Unicode • Caching
  • 21.
  • 22. Amber Race - @ambertests More Resources ■ Restful-Booker: https://restful- booker.herokuapp.com/ ■ Danny Dainton’s Postman Tips: https://github.com/DannyDainton/All- Things-Postman ■ Postman Blog: http:// blog.getpostman.com/ ■ Big List of Naughty Strings: https:// github.com/minimaxir/big-list-of-naughty- strings ■ Workshop Materials: https:// github.com/ambertests/explore-with- postman
  • 23. Amber Race - @ambertests Thank you for attending! ■ Email: amber.race @outlook.co m ■ LinkedIn: https:// www.linkedin.c om/in/amber- race-tests ■ Twitter: @ambertest s