{"id":46502,"date":"2017-02-24T16:12:38","date_gmt":"2017-02-24T10:42:38","guid":{"rendered":"http:\/\/www.tothenew.com\/blog\/?p=46502"},"modified":"2017-02-24T16:19:29","modified_gmt":"2017-02-24T10:49:29","slug":"5-things-to-know-before-you-start-api-testing","status":"publish","type":"post","link":"https:\/\/www.tothenew.com\/blog\/5-things-to-know-before-you-start-api-testing\/","title":{"rendered":"5 Things To Know Before You Start API Testing"},"content":{"rendered":"<p><span style=\"font-weight: 400\">As you might be aware, API \u00a0stands for <\/span><b>Application Program Interface<\/b><span style=\"font-weight: 400\">. As the name suggests, it acts like an interface between the user and the application. APIs are mainly responsible for the data exchange services between the two different software.<\/span><\/p>\n<p><a title=\"software testing services\" href=\"http:\/\/www.tothenew.com\/blog\/best-practices-in-testing\/\">Software testing<\/a> is complicated and challenging. It is therefore essential to understand best practices and considerations before jump starting testing.<\/p>\n<p><b>Outlined below are the 5 key considerations before you kick start API testing:<\/b><\/p>\n<p><span style=\"text-decoration: underline\"><b>1) <\/b><b>REST vs SOAP<\/b><\/span><\/p>\n<p><b>REST <\/b><span style=\"font-weight: 400\">stands for <\/span><b>Representational state transfer<\/b><span style=\"font-weight: 400\">. These are web services that provide interoperability between computer systems over the internet. RESTful Web services provide a predefined set of stateless operations and allow requesting systems to access and manipulate textual representations of web resources<\/span><span style=\"font-weight: 400\">.<\/span><\/p>\n<p><b>SOAP <\/b><span style=\"font-weight: 400\">\u00a0stands for <\/span><b><a title=\"SOAP API Testing\" href=\"http:\/\/www.tothenew.com\/blog\/how-to-test-soap-api-with-different-functionalities-of-jmeter\/\">Simple Object Access Protocol<\/a>. \u00a0<\/b><span style=\"font-weight: 400\">It helps in exchanging structured information between computer networks. SOAP allows communication between different operating systems using XML.<\/span><\/p>\n<p><span style=\"font-weight: 400\">Nowadays, <\/span><i><span style=\"font-weight: 400\">RESTful API <\/span><\/i><span style=\"font-weight: 400\">is preferred over <\/span><i><span style=\"font-weight: 400\">SOAP<\/span><\/i><span style=\"font-weight: 400\"> because of the following reasons :<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">REST uses Json architecture which is comparatively easier than the XML architecture used in SOAP<\/span><\/li>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">REST can use <a title=\"Web services testing using SOAP API\" href=\"http:\/\/www.tothenew.com\/blog\/testing-webservice-using-soapui\/\">SOAP web services<\/a> as it is an architecture and not a protocol like SOAP<\/span><\/li>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">Speed of REST API is faster as compared to SOAP<\/span><\/li>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">REST is not that strict and inherits security measures while SOAP has its own strict standards and defined security measures<\/span><\/li>\n<\/ul>\n<p><span style=\"text-decoration: underline\"><b>2)<\/b> <b>Commonly used HTTP Methods<\/b><\/span><\/p>\n<p><span style=\"font-weight: 400\">There are 4 main HTTP methods that are\u00a0frequently used during API testing :<\/span><\/p>\n<ul>\n<li><b><b>GET Method<\/b><\/b><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400\">The HTTP GET method is used to retrieve data. It is a read only call and data cannot be modified. If it is a successful request, without any errors, then a status of code of 200(OK) will be received along with the data requested in the particular format which is generally JSON or XML.<\/span><\/p>\n<p>GET method is considered a safe method to call as no corruption or modification of data will be done. It gives the same response everytime called.<\/p>\n<ul>\n<li><b><b>POST Method<\/b><\/b><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400\">The HTTP POST method is\u00a0a write method. It is mainly used to create a new resource by providing the input in Json or XML format. When a POST request is made, a new resource is created with the values provided along with it. If it is an error free call, the status returned will be 201.<\/span><\/p>\n<p><span style=\"font-weight: 400\">POST methods are responsible for modification of data and should be carefully handled. <\/span><\/p>\n<p><span style=\"font-weight: 400\">These methods are not idempotent and thus can result in errors or duplicate records if called more than one time.<\/span><\/p>\n<ul>\n<li><b><b>PUT Method<\/b><\/b><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400\">The HTTP PUT method is more like an update command. It is used to change the value of any resource whose original value was something else. <\/span><\/p>\n<p><span style=\"font-weight: 400\">PUT methods can also be used to create resources but only if the the request is from the client and not the server.<\/span><\/p>\n<p><span style=\"font-weight: 400\">PUT methods are also not safe as these are responsible for resource modification but if we call the same PUT request again then no changes are made i.e it is idempotent.<\/span><\/p>\n<ul>\n<li><b><b>DELETE Method<\/b><\/b><\/li>\n<\/ul>\n<p>The HTTP DELETE method, as the name suggests, is used to delete a resource. \u00a0If the request is made successfully then the status code returned is 200 (OK). These are also idempotent as if a resource is deleted once it cannot affect it. At times, the resource is not deleted completely and in such cases it is not a safe method and can cause modification of resources if called again.<\/p>\n<p><span style=\"text-decoration: underline\"><b>3) <\/b><b>HTTP Response codes<\/b><\/span><\/p>\n<p><span style=\"font-weight: 400\">The HTTP response codes are divided broadly in five categories :<\/span><\/p>\n<ul>\n<li><b><b>1xx &#8211; Informational codes<\/b><\/b><\/li>\n<\/ul>\n<ul>\n<li><b>2xx &#8211; Success codes<\/b><\/li>\n<\/ul>\n<ul>\n<li><b>3xx &#8211; Redirect codes<\/b><\/li>\n<\/ul>\n<ul>\n<li><b>4xx &#8211; Client error codes<\/b><\/li>\n<\/ul>\n<ul>\n<li><b>5xx &#8211; Server error codes<\/b><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400\">Some of the most common HTTP response codes used with REST are as follows :<\/span><\/p>\n<p><b>200 (OK)<\/b><span style=\"font-weight: 400\">: This code indicates that the request was made successfully.<\/span><\/p>\n<p><b>201 (Created)<\/b><span style=\"font-weight: 400\">: This response code indicates that request was successful and a resource was created. It is used to confirm success of a PUT or POST request.<\/span><\/p>\n<p><b>400 (Bad Request)<\/b><span style=\"font-weight: 400\"> : This code indicates that the data is in incorrect format.<\/span><\/p>\n<p><b>401 (Unauthorized)<\/b><span style=\"font-weight: 400\"> : This code indicates an authentication error.<\/span><\/p>\n<p><b>405 (Method Not Allowed)<\/b><span style=\"font-weight: 400\"> : This code indicates that HTTP method used is not supported for this resource.<\/span><\/p>\n<p><b>409 (Conflict) <\/b><span style=\"font-weight: 400\">: This code indicates that there is a conflict request to create the same resource twice.<\/span><\/p>\n<p><b>404 (Not Found)<\/b><span style=\"font-weight: 400\"> :This code indicates that the required resource could not be found.<\/span><\/p>\n<p><b>500 (Internal Server Error)<\/b><span style=\"font-weight: 400\"> : This code indicates that there is some error on Server side.<\/span><\/p>\n<p><span style=\"text-decoration: underline\"><b>4) <\/b><b>What kind of tests are performed using API testing?<\/b><\/span><\/p>\n<p><span style=\"font-weight: 400\">Following things can be tested using an API :<\/span><\/p>\n<ol>\n<li style=\"font-weight: 400\"><b>Discovery Testing : <\/b><span style=\"font-weight: 400\">API testing helps in identifying APIs where the resources are not exposed.<\/span><\/li>\n<li style=\"font-weight: 400\"><b>Functional Testing<\/b><span style=\"font-weight: 400\"> : In API testing, by giving input parameters(in Json) it is very easy to test the functionalities. It gives a response code within a few milliseconds which makes it fast and efficient.<\/span><\/li>\n<li style=\"font-weight: 400\"><b>Usability Testing<\/b><span style=\"font-weight: 400\"> : It is easy to hit the APIs on different platforms and <a title=\"usability testing\" href=\"http:\/\/www.tothenew.com\/blog\/usability-testing-a-better-user-experience\/\">test the usability<\/a> of a software.<\/span><\/li>\n<li style=\"font-weight: 400\"><b>Security Testing<\/b><span style=\"font-weight: 400\"> : This helps to know whether the data is encrypted in HTTP and requiring any <a title=\"application authentication\" href=\"http:\/\/www.tothenew.com\/blog\/getting-started-with-application-authentication-via-kong-api-gateway\/\">authentication<\/a>. It also includes penetration testing.<\/span><\/li>\n<li style=\"font-weight: 400\"><b>Load Testing<\/b><span style=\"font-weight: 400\"> : This includes validating functionality and <a title=\"load testing\" href=\"http:\/\/www.tothenew.com\/blog\/performing-heavy-load-testing-on-your-website-using-python-based-tool-locust\/\">performance under load<\/a>, often by reusing functional test cases.<\/span><\/li>\n<\/ol>\n<p><span style=\"text-decoration: underline\"><b>5) <\/b><b>Different tools available for API Testing<\/b><\/span><\/p>\n<p><span style=\"font-weight: 400\">Different tools available for API testing are :<\/span><\/p>\n<ol>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">SOAPUI<\/span><\/li>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">Runscope<\/span><\/li>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">Postman with jetpacks<\/span><\/li>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">Postman with Newman<\/span><\/li>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">Curl<\/span><\/li>\n<\/ol>\n<p><span style=\"font-weight: 400\"><a title=\"automation testing services\" href=\"http:\/\/www.tothenew.com\/testing\/automated-independent-manual-testing\">Testing <\/a>is really crucial. We hope this blog is able to provide you a lot of knowledge about API testing. API testing is certainly more helpful as compared to UI testing. Moreover, API testing is also advantageous as it is easy and quick. The applicability of API testing is again one more aspect that makes it all the more attractive. Hope you will now be able to perform API testing easily.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>As you might be aware, API \u00a0stands for Application Program Interface. As the name suggests, it acts like an interface between the user and the application. APIs are mainly responsible for the data exchange services between the two different software. Software testing is complicated and challenging. It is therefore essential to understand best practices and [&hellip;]<\/p>\n","protected":false},"author":980,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"iawp_total_views":37},"categories":[1818,3429,1817,3917,1994,1,1816],"tags":[4468,1561,14,698,2654,3786,2566,4469,4467,3210],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/posts\/46502"}],"collection":[{"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/users\/980"}],"replies":[{"embeddable":true,"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/comments?post=46502"}],"version-history":[{"count":0,"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/posts\/46502\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/media?parent=46502"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/categories?post=46502"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/tags?post=46502"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}