REST API Testing Tutorial - Sample Manual Test Case


Application Programming Interface is a computing interface that communicates and helps exchange information between two separate systems. A system that executes an API involves functions that another system can also perform. It defines requests to be made, how to make the requests, formats that can be used, etc. between two different systems.

API Testing

It is a software testing that evaluates APIs. Its purpose is to determine the functionality, dependability, performance, and security of the interfaces. Rather than standard user inputs such as keyboards and outputs, we use software to send calls, obtain output, and record the response of the system. These tests are totally different from GUI tests and do not emphasize business logic layer of the system architecture. Automation testing of API needs an app that can interact through an API.


REST API also known as RESTful API is an API that conforms the limitations of REST and enables interaction with RESTful web services. REST API testing is an open-source automation technique to test RESTful APIs for web apps. It is commonly used for testing JSON and XML based web apps. It is compatible with all methods: GET, PUT, POST, PATCH and DELETE. REST is a Java library.

The objective of this test is to estimate and record the response of REST API by sending HTTP or HTTPS requests to determine whether REST API is functioning well or not. This testing is done by methods: GET, PUT, POST, PATCH and DELETE.

REST- representational state transfer, is an architectural technique and a way of communication used to develop web services. It is a logical choice to build APIs and allows users to connect and use cloud-based services with efficacy. API is a collection of programming instructions to access a web-based application. That is, its is a set of commands that a program uses to interact with and use one another’s functions to gather information.

An example of APIs is Google’s website can have API for many functions like search, translations, calendars, etc.

There are four main types of API testing methods as follows −

  • GET − This method is use to collect information from the server through a URI (Uniform Resource Identifier). This method must only extract information and should not affect data in any way.

  • POST − This method is used for creating new entities, as well as to send data to server, such as customer information, file upload, etc. through HTML forms.

  • PUT − This method is used to update an entity or create a new one.

  • DELETE − This method is used to remove existing representations of the target resource provided by a URI.


ProtocolAn architectural technique independent of protocols. It can also use SOAP web services.
Simple Object Access ProtocolRepresentational State Transfer
Uses service interfaces for business logic.Uses URI for business logic.
Follows a strict standard.No such strict standard, but few standards can be followed to develop web services.
Needs more bandwidth.Lightweight.
Defines it own security.Inherits security measures from transport.
Uses only XML format to send data in request body.Uses XML, JSON, and other formats to send data in request body.
Uses HTTP, SMTP, and other protocols.Only HTTP protocol.
Rules for binding messages, operation, and others are written in WSDL.Uses WADL format to describe functionalities offered.
Needs more time learn due to existing rules, bindings, etc.Needs less learning time due to its simplicity.

Different ways of REST API Testing

  • Manual testing

  • Automation testing

Procedure of REST API Testing

This testing needs an application to interact with a sample API. API testing requires the following two things −

  • A tool/framework to operate the API.

  • Code to test the sample REST API. This code must be written down by the tester.

Tools for REST API test cases −

  • Advanced REST Client

  • Postman-REST Client

  • Curl in LINUX

In this article, we will use Advanced REST Client.

How to get Advanced REST Client

The following steps are followed to get Advanced REST Client −

Steps to test RESTful API

We are using REST Client extension in Google Chrome. Once you are done with the installation, follow the steps below for testing RESTful API −

  • Open Advanced REST Client. Install Advanced REST Client. Launch it after it has been successfully installed.

  • Enter the URL of the API you wish to test in the textbox.

  • Select HTTP method in API testing, for example POST.

  • Give Headers set in the Headers textbox. Then, click Insert headers set.

  • Click USE THIS SET.

  • Provide body content.

    • Open Body Tab.

    • Select the body content type and Editor view.

    • Select Editor view: Raw input.

    • Go to Payload. Pass request body of the API to test as in key-value pairs. For example: {“key-1”:”value-1”, “key-2”:”value-2”}. For post API, pass body or parameters.

  • Submit the details to start testing.

    • Click Send.

    • To view Response headers, click DETAILS.

Authenticating the results

In web API testing, what is mainly determined is response code, response message, and response body. The response codes one might face during API testing are −

1xx Informational4xx Client Error
100 Continue410 Gone
101 Switching Protocols411 Length Required
102 Processing412 Precondition Failed

413 Request Entity Too Large
2xx Success414 Request-URI Too Long
200 OK415 Unsupported Media Type
201 Created416 Requested Range Not Satisfiable
203 Non-Authoritative Information426 Upgrade Required
204 No Content428 Precondition Required
205 Reset Content429 Too Many Requests
206 Partial Content431 Request Header Fields Too Large
207 Multi-Status (WebDAV)451 Unavailable For Legal Reasons
Already Reported (WebDAV)499 Client Closed Request (Nginx)
226 IM Used

5xx Server Error 
3xx Redirection500 Internal Server Error
300 Multiple Choices501 Not Implemented
301 Moved Permanently502 Bad Gateway
302 Found503 Service Unavailable
303 See Other504 Gateway Timeout
304 Not Modified505 HTTP Version Not Supported
305 Use Proxy506 Variant Also Negotiates (Experimental)
306 (Unused)507 Insufficient Storage (WebDAV)
307 Temporary Redirect508 Loop Detected (WebDAV)
308 Permanent Redirect509 Bandwidth Limit Exceeded

510 Not Extended
4xx Client Error 511 Network Authentication Required
400 Bad Request598 Network Read Timeout Error
401 Unauthorized599 Network Connect Timeout Error
402 Payment Required
403 Forbidden
404 Not Found
405 Method Not Allowed
406 Not Acceptable
407 Proxy Authentication Required
408 Request Timeout
409 Conflict

Challenges in API testing

  • Ensuring that the test changes the parameters of API calls so that it verifies the working and detects failures. It involves exploring edge condition and assigning common parameters.

  • Making parameter value combinations for calls with multiple parameters.

  • Identifying the content in which the API calls are done. It involves setting environment conditions, such as peripheral devices, files etc., and internally storing data that influences the API.

  • Ordering the API calls based on the sequence function is to be executed.

  • To obtain useful results from API from successive calls.

Tool for REST API Test

JMeter − It is a widely used open-source tool used for performance testing. It is developed by Apache and is purely written in Java. It was designed to test functionalities and measuring performance. It can also be used for analysing and measuring performance of web apps and a variety of services. Initially, it was used to test web apps or FTP apps. Today, it is also used in functional testing, database server testing, and many more.

This tool enables loading web servers, websites and web apps by simulating real-world behaviours and testing environments. It offers a user-friendly GUI, is easy to install, provides testing strategies, simulation, and other performance testing features. It eases performance testing tasks.


API is a set of programming instructions to access a web-based application. There are four main methods in REST API testing: GET, POST, DELETE and PUT. In API testing, response code, response message and response body are checked. API testing prevents issues in the API application as well as in the calling application.

Updated on: 22-Sep-2021

14K+ Views

Kickstart Your Career

Get certified by completing the course

Get Started