Introduction to API Testing

a few months ago

API Testing is one of the most important testing performed in the Software development life cycle. While you are waiting for different teams to collaborate to give you the final UI, meanwhile you can start testing APIs build by different teams to test the logic and finds the bugs earlier in the sprint so as to reduce the cost associated with it. Before digging much deeper into API testing, let us first understand what APIs are and how they are a crucial part of any application.

What is an API?

API stands for Application Programming Interface which helps two independent software to communicate with each other. An API has functions and modules which help one system to communicate with another system which further helps in data exchange.

If you are wondering, where are they implemented?

Take an example of Paytm, you can search and book flights through it. How do Paytm know the airline flights and their schedules? They cannot write their own logic and the airlines cannot expose their own code as this can bring their system down.

API has proved to be the middle layer where airlines have exposed their APIs and Paytm has integrated those API into their system.

Even though the Paytm source code and airline source code can be in different languages and frameworks, but they do not have to worry.

API will serve the purpose of giving back the response from one system to another without considering the language in which the code Is written. Paytm has integrated several airlines API’s to get you a final page with all flight information.

What is API Testing?

API testing helps in validating the response coming from the Application Programming Interface. With API testing, you can validate whether the functionality is working correctly or not.

Just like you do in UI testing, you send responses with the help of user inputs to test the look and feel of the application, the same way you send requests to the APIs in different formats such as JSON or XML following HTTP protocol and then validate the response retrieved from the API.

This way, you do not be able to check the look and feel of the application while you can concentrate on the business logic embedded in the business layer.

An application has generally three layers.

·        Data Layer

·        Presentation Layer

·        Business Layer (Middleware)

The data layer consists of the databases where the data is stored. The presentation layer is the user interface exposed to the user.

The business layer is the layer that connects the data layer and Presentation layer. Think of an example of signing up for LinkedIn. When you click you sign up, you land up to a form where you are asked to provide several inputs such as email, name, phone number, and so on.

Once you enter your details and click on submit button. Your browser (REST client) hits a request to the API with the information you provided. This API hits endpoint which in turn creates a user in a specific database of the application. LinkedIn Interface is the Presentation layer; API is the middleware layer and the database is the data layer.

General Test cases for API Testing

If you are wondering what can be checked as part of API testing, let us have a look at the general test cases which can be part of your API testing.

·        Check response retrieved from the API based on input conditions sent in the request.

·        Equivalence and Boundary Value analysis of the response.

·        Check conditions when there is not any response retrieved from the API.

·        Validate the JSON Schema of the response retrieved.

·        Validate status codes.

·        Tracking of triggering events from one API to another.

·        Checking response time

·        Validate modified resources when API has modified one.

Why is API Testing important?

When an application has to be built, the functionalities have first to be developed as APIs and then integrated with the backend and application layer. If you wait for the integration part to be completed to find bugs in the application, then you will start adding cost to the bugs.

The later the bugs are found in the system, the more cost it adds to the application. In the meanwhile, when the integration part is ongoing, you can start testing the API’s to check if the functionalities are working properly. If the functionalities as per client’s expectations, then there are very few chances that a lot of bugs will be introduced at the time post-development.

·        Early testing is the crux of API testing which will help in finding bugs at a very earlier stage of the software life cycle.

·        Finding bugs earlier will save a lot of time which will be spent by the developers in fixing the bugs later in the life cycle.

·        Post API testing, you will have more confidence in your application’s quality and performance.

·        API testing is very fast as compared to UI testing which saves much of our time. The coverage of testing can be enlarged with the help of API testing.

·        Early detection of bugs will lessen the cost introduced for the bug which might have introduced later in the life cycle.

Difference between Unit Testing and API Testing

Some people usually get confused between unit testing and API testing. Let us see how they are different.

Unit TestingAPI Testing
Developers perform unit TestingQAs perform API Testing
It is done when the build of API is releasedIt is done post the build of API is released
Separate smaller functionality tests are performed
Extensive functionality checks are done to ensure quality.
Unit testing is done by accessing the source codeAccess of source code is not required
Limited in scopeBroader in scope

Tools for API Testing

Let us look at the top 8 tools which are used for API testing.

·        Soap UI

·        Postman

·        Rest Assured

·        Katalon Studio

·        Apigee

·        Tricentis Tosca

·        JMeter

·        Karate DSL

Conclusion

API Testing is useful for the phase when the UI is not yet developed, and you need faster tests to test the functionalities of the application. Parameters combination and selection is a bit tricky job for a tester but seeing the benefits of API testing it is best to use to avoid bugs later in the software cycle and thus has now become an indispensable part of STLC.

If you have any questions or queries or feedback for us, feel free to reach out to us at saurabh@qatechhub.com

Saurabh Dhingra

About the Author

Saurabh Dhingra

Follow Saurabh Dhingra: