- Trending Categories
Data Structure
Networking
RDBMS
Operating System
Java
MS Excel
iOS
HTML
CSS
Android
Python
C Programming
C++
C#
MongoDB
MySQL
Javascript
PHP
Physics
Chemistry
Biology
Mathematics
English
Economics
Psychology
Social Studies
Fashion Studies
Legal Studies
- Selected Reading
- UPSC IAS Exams Notes
- Developer's Best Practices
- Questions and Answers
- Effective Resume Writing
- HR Interview Questions
- Computer Glossary
- Who is Who
REST API Testing Tutorial - Sample Manual Test Case
API
Application Programming Interface is a computing interface that communicates and helps exchange information between two separate systems. A system that executes an API involves functions that another system can also perform. It defines requests to be made, how to make the requests, formats that can be used, etc. between two different systems.
API Testing
It is a software testing that evaluates APIs. Its purpose is to determine the functionality, dependability, performance, and security of the interfaces. Rather than standard user inputs such as keyboards and outputs, we use software to send calls, obtain output, and record the response of the system. These tests are totally different from GUI tests and do not emphasize business logic layer of the system architecture. Automation testing of API needs an app that can interact through an API.
REST API
REST API also known as RESTful API is an API that conforms the limitations of REST and enables interaction with RESTful web services. REST API testing is an open-source automation technique to test RESTful APIs for web apps. It is commonly used for testing JSON and XML based web apps. It is compatible with all methods: GET, PUT, POST, PATCH and DELETE. REST is a Java library.
The objective of this test is to estimate and record the response of REST API by sending HTTP or HTTPS requests to determine whether REST API is functioning well or not. This testing is done by methods: GET, PUT, POST, PATCH and DELETE.
REST- representational state transfer, is an architectural technique and a way of communication used to develop web services. It is a logical choice to build APIs and allows users to connect and use cloud-based services with efficacy. API is a collection of programming instructions to access a web-based application. That is, its is a set of commands that a program uses to interact with and use one another’s functions to gather information.
An example of APIs is Google’s website can have API for many functions like search, translations, calendars, etc.
There are four main types of API testing methods as follows −
GET − This method is use to collect information from the server through a URI (Uniform Resource Identifier). This method must only extract information and should not affect data in any way.
POST − This method is used for creating new entities, as well as to send data to server, such as customer information, file upload, etc. through HTML forms.
PUT − This method is used to update an entity or create a new one.
DELETE − This method is used to remove existing representations of the target resource provided by a URI.
SOAP Vs REST
SOAP | REST |
---|---|
Protocol | An architectural technique independent of protocols. It can also use SOAP web services. |
Simple Object Access Protocol | Representational State Transfer |
Uses service interfaces for business logic. | Uses URI for business logic. |
Follows a strict standard. | No such strict standard, but few standards can be followed to develop web services. |
Needs more bandwidth. | Lightweight. |
Defines it own security. | Inherits security measures from transport. |
Uses only XML format to send data in request body. | Uses XML, JSON, and other formats to send data in request body. |
Uses HTTP, SMTP, and other protocols. | Only HTTP protocol. |
Rules for binding messages, operation, and others are written in WSDL. | Uses WADL format to describe functionalities offered. |
Standardized. | Non-standardized. |
Needs more time learn due to existing rules, bindings, etc. | Needs less learning time due to its simplicity. |
Different ways of REST API Testing
Manual testing
Automation testing
Procedure of REST API Testing
This testing needs an application to interact with a sample API. API testing requires the following two things −
A tool/framework to operate the API.
Code to test the sample REST API. This code must be written down by the tester.
Tools for REST API test cases −
Advanced REST Client
Postman-REST Client
Curl in LINUX
In this article, we will use Advanced REST Client.
How to get Advanced REST Client
The following steps are followed to get Advanced REST Client −
Open Google Chrome. Go to Web Store.
Search “Advanced REST Client”. OR. Follow the link below, then install the extension. https://chrome.google.com/webstore/detail/advancedrestclient/hgmloofddffdnphfgcell kdfbfbjeloo/
Go to app section. Select “Advanced REST Client”.
Steps to test RESTful API
We are using REST Client extension in Google Chrome. Once you are done with the installation, follow the steps below for testing RESTful API −
Open Advanced REST Client. Install Advanced REST Client. Launch it after it has been successfully installed.
Enter the URL of the API you wish to test in the textbox.
Select HTTP method in API testing, for example POST.
Give Headers set in the Headers textbox. Then, click Insert headers set.
Click USE THIS SET.
Provide body content.
Open Body Tab.
Select the body content type and Editor view.
Select Editor view: Raw input.
Go to Payload. Pass request body of the API to test as in key-value pairs. For example: {“key-1”:”value-1”, “key-2”:”value-2”}. For post API, pass body or parameters.
Submit the details to start testing.
Click Send.
To view Response headers, click DETAILS.
Authenticating the results
In web API testing, what is mainly determined is response code, response message, and response body. The response codes one might face during API testing are −
1xx Informational | 4xx Client Error |
100 Continue | 410 Gone |
101 Switching Protocols | 411 Length Required |
102 Processing | 412 Precondition Failed |
413 Request Entity Too Large | |
2xx Success | 414 Request-URI Too Long |
200 OK | 415 Unsupported Media Type |
201 Created | 416 Requested Range Not Satisfiable |
203 Non-Authoritative Information | 426 Upgrade Required |
204 No Content | 428 Precondition Required |
205 Reset Content | 429 Too Many Requests |
206 Partial Content | 431 Request Header Fields Too Large |
207 Multi-Status (WebDAV) | 451 Unavailable For Legal Reasons |
Already Reported (WebDAV) | 499 Client Closed Request (Nginx) |
226 IM Used | |
5xx Server Error | |
3xx Redirection | 500 Internal Server Error |
300 Multiple Choices | 501 Not Implemented |
301 Moved Permanently | 502 Bad Gateway |
302 Found | 503 Service Unavailable |
303 See Other | 504 Gateway Timeout |
304 Not Modified | 505 HTTP Version Not Supported |
305 Use Proxy | 506 Variant Also Negotiates (Experimental) |
306 (Unused) | 507 Insufficient Storage (WebDAV) |
307 Temporary Redirect | 508 Loop Detected (WebDAV) |
308 Permanent Redirect | 509 Bandwidth Limit Exceeded |
510 Not Extended | |
4xx Client Error | 511 Network Authentication Required |
400 Bad Request | 598 Network Read Timeout Error |
401 Unauthorized | 599 Network Connect Timeout Error |
402 Payment Required | |
403 Forbidden | |
404 Not Found | |
405 Method Not Allowed | |
406 Not Acceptable | |
407 Proxy Authentication Required | |
408 Request Timeout | |
409 Conflict |
Challenges in API testing
Ensuring that the test changes the parameters of API calls so that it verifies the working and detects failures. It involves exploring edge condition and assigning common parameters.
Making parameter value combinations for calls with multiple parameters.
Identifying the content in which the API calls are done. It involves setting environment conditions, such as peripheral devices, files etc., and internally storing data that influences the API.
Ordering the API calls based on the sequence function is to be executed.
To obtain useful results from API from successive calls.
Tool for REST API Test
JMeter − It is a widely used open-source tool used for performance testing. It is developed by Apache and is purely written in Java. It was designed to test functionalities and measuring performance. It can also be used for analysing and measuring performance of web apps and a variety of services. Initially, it was used to test web apps or FTP apps. Today, it is also used in functional testing, database server testing, and many more.
This tool enables loading web servers, websites and web apps by simulating real-world behaviours and testing environments. It offers a user-friendly GUI, is easy to install, provides testing strategies, simulation, and other performance testing features. It eases performance testing tasks.
Conclusion
API is a set of programming instructions to access a web-based application. There are four main methods in REST API testing: GET, POST, DELETE and PUT. In API testing, response code, response message and response body are checked. API testing prevents issues in the API application as well as in the calling application.