API Testing

API:

API stands for Application Programming Interface. API acts as an interface between two software applications and allows the two software applications to communicate with each other. API is a collection of software functions which can be executed by another software program

API Testing

API testing is a type of software testing that involves testing APIs directly and also as a part of integration testing to check whether the API meets expectations in terms of functionality, reliability, performance, and security of an application. In API Testing our main focus will be on Business logic layer of the software architecture. API testing can be performed on any software system which contains multiple APIs

common API Testing Types

• Unit testing
• Functional testing
• Load testing
• Runtime/ Error Detection
• Security testing
• UI testing
• Interoperability and WS Compliance testing
• Penetration testing
• Fuzz testing

common protocols used in API Testing

• HTTP
• REST
• SOAP
• JMS
• UDDI

Difference between API and Web services?

• Web services:

1. All web services are APIs
2. All web services need to be exposed over web(HTTP)
3. A Web service uses only three styles of use: SOAP, REST and XML-RPC for communication
4. A Web service always needs a network to operate

• APIs:

1. All APIs are not web services
2. All APIs need not be exposed over web(i.e. HTTP)
3. API uses multiple ways for communication e.g. DLL files in C/C++, Jar files/ RMI in java, Interrupts in Linux kernel API etc.
4. APIs don’t need a network for operation

Soap- SOAP stands for Simple Object Access Protocol. It is an XML based messaging protocol. It helps in exchanging information among computers

Rest API REST stands for Representational State Transfer. It is a set of functions helping developers in performing requests and receive responses. Interaction is made through HTTP Protocol in REST API.

Challenges faced in API testing

• Selecting proper parameters and its combinations
• Categorizing the parameters properly
• Proper call sequencing is required as this may lead to inadequate coverage in testing
• Verifying and validating the output
• Due to absence of GUI it is quite difficult to provide input values

commonly used HTTP methods

GET: It enables you to retrieve data from a server
POST: It enables you to add data to an existing file or resource in a server
PUT: It lets you replace an existing file or resource in a server
DELETE: It lets you delete data from a server
PATCH: It is used to apply partial modifications to a resource
OPTIONS: It is used to describe the communication options for the target resource
HEAD: It asks for a response identical to that of a GET request, but without the response body

difference between PUT and POST methods

PUT and POST methods are sometimes confused in regards to when each should be used. Using POST request, our intent is to create a new object on the server whereas with PUT request, our intent is to replace an object by another object

Components of an HTTP request

HTTP request have five components. These are:

1.       Action showing HTTP method like GET, PUT, POST, DELETE.

2.       Uniform Resource Identifier (URI): URI is the identifier for the resource on the server.

3.       HTTP version: Indicate the HTTP version like- HTTP V1.1.

4.       Request Header: Request Header carries metadata for the HTTP request message. Metadata could be a client type, format supported by the client, format of a message body, cache setting etc.

5.       Request Body: Resource body indicates message content or resource representation.

Error codes for request

• 200 ok
• 201 created
• 204 no content
• 400 bad request
• 403 forbidden
• 404 not found
• 405 method not allowed
• 409 conflict
• 500 internal server error

API Testing Tools

·         Postman

·         Tosca

·         SOAP UI

·         UFT

·         Selenium