Downloaded 38 times
Uploaded byVishwanath KC
Api Testing
This document provides an overview of API testing tools and methods. It defines APIs and REST, describes how API testing works, lists common API testing tools like Postman, and outlines different types of API tests including functionality, reliability, load, and security testing. Examples are given of the GET, POST, PUT, and DELETE HTTP methods along with response status codes. A live demo of an API is presented at the end.
More Related Content
![Lect 1 Number systems and base conversions. [Autosaved].pptx](https://cdn.slidesharecdn.com/ss_thumbnails/lect1numbersystemsandbaseconversions-260111134109-67c2d865-thumbnail.jpg?width=640&height=640&fit=bounds)
Api Testing
- 1.
- 2. API Testing ToolsSelection Work flow API Methods Advantages Demo API - REST API & API Testing Tools for API testing How API works? & Testing types Different API methods Advantages of API testing Live Demo 2 11/19/2018
- 3. API stands forApplication Programming Interface. API is an software to software interface, not a user interface. With APIs, application talk to each other without any user knowledge or intervention. Implemented by writing function calls in the program. 3 11/19/2018
- 4. 4 REST- stands forRepresentational State Transfer. It is a set of functions to which the developers performs requests and receive responses. In REST API interaction is made via HTTP protocol. REST also allows computers to talk to each other over a network. It involves using HTTP methods to send an receive messages, and does not require a strict message definition, unlike Web Services. REST messages often take the form of XML, or JavaScript Object Notation (JSON). 11/19/2018
- 5. 5 API testing usessoftware to send calls to the API and get the output. API testing treats the component user test as black box. The goal of API testing is to verify correct performance and error handling of the component prior to its integration into an application. 11/19/2018
- 6. 6 Data Tier:Data is retrieved from the database and file system and then stored. Business Logic Tier: This is the brain of the application, this processes the data between the layers, coordinating the application, processing commands, and making logical decisions. This layer is made of the API. Presentation Tier: This top layer of the app is the user interface, which translates tasks into something the user understands. 11/19/2018
- 7.
- 8. 8 SOAPUI Runscope Eclipse SDK tool Curl Cfix Check CTESK dotTEST Postman 11/19/2018
- 9. 9 Postman is aGoogle Chrome app for interacting with HTTP APIs. 11/19/2018 Why Postman 1. Easy to create test suites. 2. Store information for running tests in different environments. 3. Store data for use in other tests. 4. Integrates with build systems, such as Jenkins using the Newman command line tool. 5. Easily move tests and environments to code repositories. 6. On-the-fly testing
- 10. 10 Functionality testing -The API works and does exactly what it’s supposed to do. Reliability testing - The API can be consistently connected to and lead to consistent results. Load testing- The API can handle a large amount of calls Creativity testing -The API can handle being used in different ways. Security testing - The API has defined security requirements including authentication, permissions and access controls. Proficiency testing - The API increases what developers are able to do. API documentation testing – This is also called discovery testing, the API documentation easily guides the user. Negative Testing -Checking for every kind of wrong input the user can possibly supply. 11/19/2018
- 11. 11 4 Commonly UsedMethods- GET- Provides a read only access to a resource. POST- Used to update an existing resource or create a new resource. PUT- Used to create a new resource. DELETE-Used to Remove a resource. RESOURCE GET PUT POST DELETE URL Retrieve the member Create/ Replace a new resource Create new entry Used to remove a resource 11/19/2018
- 12.
- 13.
- 14.
- 15. 15 11/19/2018 www.pmts6currentapi.tpgsi.com:9333/api/Customer/Contract Body - JSON(application/json) { "id": 0, "contractCode": "ASHARAM1945-1945-2015", "contractName": "ASHARAM65487-1945", "fromDate": "2018-01-01T00:00:00", "toDate": "2019-12-31T00:00:00", "isActive": true, "contractDescription": "Materials and properties Being ill 1 intransitive transitive. "projectName": null, "projectContractTypeId": 3, "projectContractTypeName": null } Status- 200Ok
- 16. 16 Response Status CodeMeaning 200 Ok Successful requests other than creations and deletions. 201 Created Successful creation of a queue, topic, temporary queue, temporary topic, session, producer, consumer, listener, queue browser, or message. 204 No Content Successful deletion of a queue, topic, session, producer, or listener. 400 Bad Request The path info doesn't have the right format, or a parameter or request body value doesn't have the right format, or a required parameter is missing, or values have the right format but are invalid in some way (for example, destination parameter does not exist, content is too big, or client ID is in use). 403 Forbidden The invoker is not authorized to invoke the operation. 404 Not Found The object referenced by the path does not exist. 405 Method Not Allowed The method is not one of those allowed for the path. 409 Conflict An attempt was made to create an object that already exists. 500 Internal Server Error The execution of the service failed in some way. 11/19/2018
- 17. 17 Time Effective Language Independent Test core Functionality Reduce Testing Cost Reduced Risks 11/19/2018
- 18.
- 19.
- 20.