LEARN

API TESTING
RAJKUMAR SM
w w w . S o f t w a r eT e s t i n g M a t e r i a l . c o m
API Testing Tutorial                                      www.SoftwareTestingMaterial.com

Table Of Contents

What is an API? 2

What is API Testing? 4

API Testing Types 6

Common Tests on APIs 7

Advantages of API Testing 8

What exactly needs to be veri ed in API Testing? 9

Tools used for API Testing 10

Difference between API testing and Unit Testing? 11

Challenges in API Testing 12

API Testing Best Practices 13

Page 1
API Testing Tutorial                                      www.SoftwareTestingMaterial.com

What is an API?
API is an acronym and it stands for Application Programming Interface. API is a set of

routines, protocols, and tools for building Software Applications. APIs specify how one

software program should interact with other software programs.

Routine: a program that performs a particular task. Routine is also known as procedure,

function, or subroutine.

Protocols: A format for transmitting data between two systems.

In simple words, API stands for Application Programming Interface. API acts as an

interface between two software applications and allows the two software applications to

communicate with each other. API is a collection of software functions that can be

executed by another software program.

Page 2
API Testing Tutorial                                      www.SoftwareTestingMaterial.com

Let’s see some examples of an API in a more approachable way.

Assume an API as a Waiter at a Restaurant.

At a restaurant, you give an order based on the items available on the menu. A waiter in

the restaurant writes down your order and delivers it to the kitchen who prepares your

meal. Once the meal is ready, the waiter picks up your food from the kitchen and serves it

to you at your table.

In this scenario, the waiter’s role is similar to an API. As a waiter, the API takes a request

from a source, takes that request to the database, fetches the requested data from the

database, and returns a response to the source.

Now, let's see another example.

If you are using a ight service engine say Expedia, where you search for ights on a

speci c date. Once you pass the data such as Source, Destination, Onward Date, and

Return Date and click on search. Expedia sends a request to airlines through an API as per

your search details. The API then takes the airline’s response to your request and delivers

it right back to Expedia.

API gets the request from the user and gives the response without exposing internal logic.

API acts like an Abstraction in the OOPs concept. 

Page 3
API Testing Tutorial                                      www.SoftwareTestingMaterial.com

What is API Testing?

API testing is a type of software testing that involves testing APIs directly and also as a

part of integration testing to check whether the API meets expectations in terms of

functionality, reliability, performance, and security of an application. 

Page 4
API Testing Tutorial                                      www.SoftwareTestingMaterial.com

In API Testing our main focus will be on a Business logic layer of the software architecture.

API testing can be performed on any software system which contains multiple APIs. API

testing won’t concentrate on the look and feel of the application. API testing is entirely

different from GUI Testing.

Let’s see how is UI testing is not similar to API testing?

UI (User Interface) testing is to test the graphical interface part of the application. Its main

focus is to test the look and feel of an application. 

On the other hand, API testing enables communication between two different software

systems. Its main focus is on the business layer of the application.

Page 5
API Testing Tutorial                                      www.SoftwareTestingMaterial.com

API Testing Types

 
Unit testing: To test the functionality of individual operation

 
Functional testing: To test the functionality of broader scenarios by using a block of

unit test results tested together

 
Load testing: To test the functionality and performance under load

 
Runtime/Error Detection: To monitor an application to identify problems such as

exceptions and resource leaks

 
Security testing: To ensure that the implementation of the API is secure from

external threats

  testing: It is performed as part of end-to-end integration tests to make sure every

aspect of the user interface functions as expected

 
Interoperability and WS Compliance testing: Interoperability and WS Compliance

Testing is a type of testing that applies to SOAP APIs. Interoperability between SOAP

APIs is checked by ensuring conformance to the Web Services Interoperability

pro les. WS-* compliance is tested to ensure standards such as WS-Addressing, WS-

Discovery, WS-Federation, WS-Policy, WS-Security, and WS-Trust are properly

implemented and utilized

 
Penetration testing: To nd vulnerabilities of an application from attackers

 
Fuzz testing: To test the API by forcibly input into the system in order to attempt a

forced crash

Refer: 100+ Types of Testing

Page 6
API Testing Tutorial                                      www.SoftwareTestingMaterial.com

Common Tests on APIs

 To verify whether the return value is based on the input condition. The response of

the APIs should be veri ed based on the request.

 To verify whether the system is authenticating the outcome when the API is updating

any data structure

 To verify whether the API triggers some other event or request another API

 To verify the behavior of the API when there is no return value

Page 7
API Testing Tutorial                                      www.SoftwareTestingMaterial.com

Advantages of API Testing

requires less code so it can provide faster and better test coverage.

 API Testing helps us to reduce the testing cost. With API Testing we can nd minor

bugs before the GUI Testing. These minor bugs will become bigger during GUI Testing.

So nding those bugs in the API Testing will be cost-effective to the Company.

 API Testing is language independent.

 API Testing is quite helpful in testing Core Functionality. We can test the APIs without

a user interface. In GUI Testing, we need to wait until the application is available to

test the core functionalities.

 API Testing helps us to reduce the risks.

Page 8
API Testing Tutorial                                      www.SoftwareTestingMaterial.com

What exactly needs to be veri ed in API Testing?

Basically, on API Testing, we send a request to the API with the known data and we

analyze the response.

 Data accuracy

 HTTP status codes

 Response time

 Error codes in case API return any errors

 Authorization checks

 Non-functional testing such as performance testing, security testing

Page 9
API Testing Tutorial                                      www.SoftwareTestingMaterial.com

Tools used for API Testing

1. Postman

2. SoapUI

3. Rest-Assured

4. JMeter

5. Karate DSL

6. Assertible

7. Apigee

8. API Fortress

9. Tricentis Tosca

10. Parasoft

Refer to this link to learn more about these API Testing Tools

Page 10
API Testing Tutorial                                      www.SoftwareTestingMaterial.com

Difference between API testing and Unit Testing?

 Unit testing is conducted by the Development Team

 Unit testing is a form of White box testing

 Unit testing is conducted prior to the process of including the code in the build

 Source code is involved in Unit testing

 In unit testing, the scope of testing is limited, so only basic functionalities are

considered for testing

API TESTING:

 API testing is conducted by QA Team

 API testing is a form of Black box testing

 API testing is conducted after the build is ready for testing

 Source code is not involved in API testing

 In API testing, the scope of testing is wide, so all the issues that are functional are

considered for testing

Page 11
API Testing Tutorial                                      www.SoftwareTestingMaterial.com

Challenges in API Testing

 Selecting proper parameters and its combinations

 Categorizing the parameters properly

 Proper call sequencing is required as this may lead to inadequate coverage in testing

 Verifying and validating the output

 Due to the absence of GUI, it is quite dif cult to provide input values

Types of bugs we face when performing API testing:

Issues observed when performing API testing are

 Stress, performance, and security issues

 Duplicate or missing functionality

 Reliability issues

 Improper messaging

 Incompatible error handling mechanism

 Multi-threaded issues

 Improper errors

Page 12
API Testing Tutorial                                      www.SoftwareTestingMaterial.com

API Testing Best Practices

 Add stress to the system by sending a series of API load tests

 Group API test cases by test category

 Create test cases with all possible inputs combinations for complete test coverage

 Prioritize API function calls to make it easy to test

 Create tests to handle unforeseen problems

 Automate API testing wherever it is possible

Don't miss the following articles on our website related to API Testing.

 API Testing Interview Questions

 SOAP Interview Questions

 Postman Tutorial (API Testing using Postman)

Page 13
For more Software Testing Tutorials, please visit

www.SoftwareTestingMaterial.com

THANK YOU!