API Testing Lecture Notes Katraj 11th March 2023

05/06/2023
Agenda:
- What is Web Service?
- Basic Concept behind web service
- Why we use it?
- Why to test it?
Project Application:
- Front End(UI)
- Backend(Database)
- Service(API’s)
Web Service:
- Service available over the web(Internet)

- Waiter: Who is doing communication between you and kitchen
- Waiter: Waiter is performing the role of web service through an API
- We can say he(Waiter) is communicating between two applications and making sure that
the communication between two applications is proper.
Waiter (API)
You (Service Kitchen (Chef)(Service

Consumer) Provider)
Web Service:
- Service available over the web

- Enables communication between applications over the web
- Platform independent communication
- Provides a standard protocol/format for communication
- Using web services two different applications can talk to each other and exchange
data/information
- An API Stands for Application Programming Interface, which is a software intermediary
that allows two applications to talk to each other.
- Each time you use an APP like Facebook, Send instant message to check weather on your
phone, each time you are using an API.
- Web Service/API is an Application or business Logic
- Web Service allows you to expose the functionality of your existing code over the
network. Once it is exposed on the network, other applications can use the functionality
of your program.
06/06/2023:
What is API?
User Layer or Business Layer (API) Database Layer

Presentation Layer
Request
Client (Service Server (Service

Consumer) Provider)
Response
Medium: HTTP
Format/language: XML/JSON
09/06/2023:
Agenda: Types of Web Services, Components/Specifications/Standards of SOAP Web Service
Types of Web Services:

- SOAP Service(Simple Object Access Protocol): XML Language
- REST Service(Representational State Transfer): JSON Language
SOAP Webservice:
Components/Specifications/Standards of SOAP Web Service: WSDL, UDDI, SOAP
WSDL: Web Service Description Language:

http://www.dneonline.com/calculator.asmx?WSDL
- WSDL stands for Web service description Language
- WSDL is the standard format for describing a web service
- WSDL is pronounced as „wiz-dull‟ and spelled out as „W-S-D-L‟
- WSDL definition describes how to access a web service and what operations it will
perform
- A client program connecting to a web service can read WSDL to determine what
functions are available on the server.
- WSDL is an XML document with a <definitions> element at the root and the child
elements like
<types>,
<message>,
<portType>,
<binding>
- Web service description language is an XML based interface that is used to describe the
functionalities of the web service
<definitions>:
- Element must be the root element of all WSDL documents

- It defines the name of the web service
- The definition element is container for all the other elements
<types>:
- WSDL <types> element takes care of defining the data types that are used by the web
service
- WSDL allows types to be defined in separate elements so that the types are reusable.
<message>:
- The <message> element describes the data being exchanged between the web service
provider and the consumer
- Each Web Service has two message: Input and Output
<portType>:
- <portType> can combine one request and one response message into single request
response operation
- A port Type can define multiple operations
<binding>:
- To combine all operations together

- The <binding> element provides specific details on how a port Type operation will
actually be transmitted over the web
WSDL File: <definitions>,<types>,<message>,<portType>,<binding>
UDDI: Universal Description Discovery Integration

- Universal description discovery Integration is an XML based standard for publishing and finding
web services
- A web service provider publishes his web service (through WSDL) on an online directory from
where consumers can query and search the web service.
- This is online registry/directory called UDDI.
- Its online directory used to store WSDL links
http://www.dneonline.com/calculator.asmx?WSDL
https://ws.footballpool.dataaccess.eu/info.wso?WSDL
WSDL WSDL
UDDI
WSDL WSDL
SOAP: Simple Object Access Protocol

- SOAP is an XML based protocol for exchanging information between web services
- SOAP is Communication Protocol
- SOAP provides data transport for web services
- All information exchange happens over a common format: XML
- XML message has defined structure: SOAP Message
- SOAP Message Consists of: Envelope, Header, Body, Fault
Envelope :( Mandatory)
- The SOAP envelope indicates the start and end of the message so that the receiver knows
when an entire message has transmitted
- The SOAP Envelope solves the problem of knowing when you are done receiving a
message and are ready to process it.
- Every SOAP Message has a root Envelope Element
- Envelope element is mandatory part of SOAP Message.
Header :( Optional)
- Contains any optional attributes of the message used in processing the message, either at
an intermediary point or at the ultimate end point
Body: (Mandatory)
- Contains XML data comprising the message being sent

- The SOAP Body is a mandatory element which contains the application defined XML
data being exchanged in a SOAP Message
- The body must be contained within the envelope and must follow any headers that might
be defined for the message
Fault: (Optional)
- An optional fault element that provides information about errors that occurred while
processing the message
- When an error occurs during processing, the response to a SOAP message is a SOAP
fault element in the body of the message and the fault is returned to the sender of the
SOAP Message.
SOAP Message:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:tem="http://tempuri.org/">
<soapenv:Header/>
<soapenv:Body>
<tem:Add>
<tem:intA>A</tem:intA>
<tem:intB>15</tem:intB>
</tem:Add>
</soapenv:Body>
</soapenv:Envelope>
SOAP Fault:
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Body>
<soap:Fault>
<faultcode>soap:Client</faultcode>
<faultstring>System.Web.Services.Protocols.SoapException: Server was unable to read

request. ---> System.InvalidOperationException: There is an error in XML document (5, 32). ---
> System.FormatException: Input string was not in a correct format.
at System.Number.StringToNumber(String str, NumberStyles options, NumberBuffer&

number, NumberFormatInfo info, Boolean parseDecimal)
at System.Number.ParseInt32(String s, NumberStyles style, NumberFormatInfo info)
at System.Xml.XmlConvert.ToInt32(String s)
at Microsoft.Xml.Serialization.GeneratedAssembly.XmlSerializationReader1.Read1_Add()
at
Microsoft.Xml.Serialization.GeneratedAssembly.ArrayOfObjectSerializer.Deserialize(XmlSerial
izationReader reader)
at System.Xml.Serialization.XmlSerializer.Deserialize(XmlReader xmlReader, String

encodingStyle, XmlDeserializationEvents events)
--- End of inner exception stack trace ---

encodingStyle, XmlDeserializationEvents events)

encodingStyle)
at System.Web.Services.Protocols.SoapServerProtocol.ReadParameters()
--- End of inner exception stack trace ---
at System.Web.Services.Protocols.SoapServerProtocol.ReadParameters()
at System.Web.Services.Protocols.WebServiceHandler.CoreProcessRequest()</faultstring>
<detail/>
</soap:Fault>
</soap:Body>
</soap:Envelope>
SOAP Web Service:

- A web service that follows soap web service specifications is a SOAP service.
What are these Specifications/Standards/Components?
Basic Standards: WSDL,UDDI,SOAP
12/06/2023:
API Testing-
 2 Types Service
1. SOAP service(SOAP UI tool)
2. REST service(SOAP UI,POSTMAN)
Request
Paytm – UI/ GUI Service Travels- Travels agency/ IRCTC/Travels/Fligh

Parameter Provide-Service/ ts main Server
Values
IRCTC - Service
Response
SOAP service testing using SOAP UI tool:
- Developer will provide WSDL file: http://www.dneonline.com/calculator.asmx?WSDL
- Unit testing document: Screenshots, Tables, Sample Request, Sample Response,
Response Code etc.
- Time taken for the response<5Sec
- Authorization Details: Basic Auth(UserName & Password)
https://www.soapui.org/downloads/soapui/
Test Cases:
1. Validating response
2. Validating Data and count of data in response
3. Validating Tagname/Attributes presents in responses
4. Validating Status code in responses
5. Validating Time taken for responses
6. Applying Assertion for verification
7. Functionality(Re-Testing)
8. NEGATIVE test cases !
Execution:
1. Validating SOAP Response=Pass
2.Validating data and count of data present in SOAP Response=Pass

3. Validating Tagnames/Attributes present in the SOAP responseEC(Expected)=Tagname should
contain AddResult=Pass
4. Validating different status codes present in the responseEC=200-OK=Pass

5.Validating time taken for the responseEC<5Secs=Pass
6.Applying Assertion for Verification(Validation Point)To Compare Actual Vs Expected ResultTo

apply assertion we need to Create Test SuiteTo Create Test Suite Right Click on the folder and select
Generate Test Suite option.
QA/Dev Env(Individually)=>It will be merged to the env where you all code resides==>Regression(To
make sure existing functionality is working as expected)
13/06/2023:
7. Validating the functionality by passing Test data (Re-Testing)
7.1 Verify the SOAP Service by passing one digit numbersEC (Expected) =One digit numbers
should be added=Pass
7.2 Verify the SOAP Service by passing two digit numbersEC=two digit numbers should be
added=Pass
7.3 Verify the SOAP Service by passing Three digit numbersEC=Three digit numbers should
be added=Pass
7.4 Verify the SOAP Service by passing Four/Five digit numbersEC=Four/Five digit numbers
should be added=Pass
7.5 Verify the SOAP Service by passing one digit number at 1st place and two digit numbers at
2nd placeEC= one digit number at 1st place and two digit numbers at 2nd place should be
added=Pass
7.6 Verify the SOAP Service by passing zero numbersEC=should be added=Pass
7.7 Verify by passing both digits as negative numbersEC=should be added=Pass

7.8 Verify by passing one positive number and one negative numberEC=Should be
added=Pass
8.Validating Negative Test cases!

8.1 Verify the SOAP Service by passing decimal digit numbersEC=Should not be added=Pass
8.2 Verify the SOAP Service by passing Character/String digit numbersEC=Should not be added=Pass
8.3 Verify by passing the values beyond integer rangeEC=Should not be added=Pass
8.4 Verify the SOAP Service by passing Null/Blank valuesEC=Should not be added=Pass
8.5 Verify the SOAP Service by passing Wrong WSDLEC=Pass
Few Important Questions:

1. How to create new SOAP Project in SOAP UI tool?
2. How to Create Test Suite in SOAP UI tool?
3. How to Run Test Case or send request?
4. How to add assertions (Validation Points)?
 Contains
 Not Contains
 Valid HTTP Status Code
 Invalid HTTP Status Code
 Response SLA
 Xpath Assertion
 Xquery Match
 SOAP Fault
 SOAP Request
 SOAP Response
 NOT SOAP Fault
 Schema Compliance
 Script Assertion
 JSON Path Count
 JSON Path Existence Match
 JSON Path Match
How to run Test Suite in Parallel and Sequential?

Sequential:
Parallel:
14/06/2023:
Xpath Assertion:
- Xpath is a Query language for selecting nodes(tag names) from an XML document
- To find something is present in the response
- Xpath can also be used to compute values from the content of an XML document.
Ex: https://ws.footballpool.dataaccess.eu/info.wso?WSDL
Count:
Matches:
matches(Arg1,Arg2) ==>Matches(Xpath of the node,Expected Value at that node)

17/06/2023:
Agenda: Testing REST Service using POSTMAN Tool: GET Method/Service
Testing REST Service using POSTMAN Tool: https://www.postman.com/downloads/

What is Collection?
Ans: Group of requests grouped into folder
GET List of Users:
 Returns list of users based on the query parameters
 The Endpoint is secured by authentication Policy and requires authentication token

 Endpoint: Base URL/Domain/Endpoint – https://reqres.in
URI- https://reqres.in/api/users?page=2
Request Headers:
Header Name Required/Optional Description
Accept Required Application/json: it will accept

request and response in JSON
Content-Type Required Application/json: content of

Authorization Required Required basic auth/API

Key/Bearer token
Query Parameters:
Parameter Name Data Type Required/Optional Description
Page Int Required It will fetch the

specific page records
Invoking the Operations:
Operation URLs and Environments:
Environment Method URL
DEV GET https://reqresdev.in/api/users?page=2
INT(Integration or SIT) GET https://reqresint.in/api/users?page=2
UAT GET https://reqresuat.in/api/users?page=2
PRE-PROD GET https://reqrespreprod.in/api/users?page=2
PROD GET https://reqres.in/api/users?page=2
Request Body:
Not required for this operation
Response Attributes/tagnames:
Attribute Name Data Types Comment

page int
per_page int
total int
total_pages int
Data String
Id Int
email String
first_name String
last_name String
avatar String
Response Examle:
{
"page": 2,
"per_page": 6,
"total": 12,
"total_pages": 2,
"data": [
"id": 7,
"email": "michael.lawson@reqres.in",
"first_name": "Michael",
"last_name": "Lawson",
" ": "https://reqres.in/img/faces/7-image.jpg"
},
"id": 8,
"email": "lindsay.ferguson@reqres.in",
"first_name": "Lindsay",
"last_name": "Ferguson",
"avatar": "https://reqres.in/img/faces/8-image.jpg"
},
"id": 9,
"email": "tobias.funke@reqres.in",
"first_name": "Tobias",
"last_name": "Funke",
},
"id": 10,
"email": "byron.fields@reqres.in",
"first_name": "Byron",
"last_name": "Fields",
},
"id": 11,
"email": "george.edwards@reqres.in",
"first_name": "George",
"last_name": "Edwards",
},
"id": 12,
"email": "rachel.howell@reqres.in",
"first_name": "Rachel",
"last_name": "Howell",
],
"support": {
"url": "https://reqres.in/#support-heading",
"text": "To keep ReqRes free, contributions towards server costs are appreciated!"
}
}
GET Method Service:
- GET Method Service URL/URI= https://reqres.in/api/users?page=2

- Username & Password(Basic Auth)/API Key/Bearer Token—sjfefdsfjdbfkjbfajls
- Time taken for the response=5Secs
- Unit Testing document
Sample Response Status Code: 200
Sample Response:
"page": 2,
"per_page": 6,
"total": 12,
"total_pages": 2,
"data": [
"id": 7,
" ": "https://reqres.in/img/faces/7-image.jpg"
},
"id": 8,
},
{
"id": 9,
},
"id": 10,
},
"id": 11,
},
"id": 12,
],
"support": {
}
}
19/06/2023:
{
"page": 2,
"per_page": 6,
"total": 12,
"total_pages": 2,
"data": [
{
"id": 7,
"avatar": "https://reqres.in/img/faces/7-
image.jpg"
},
{
"id": 8,
image.jpg"
},
{
"id": 9,
image.jpg"
},
{
"id": 10,
image.jpg"
},
{
"id": 11,
image.jpg"
},
{
"id": 12,
image.jpg"
}
],
"support": {
"text": "To keep ReqRes free, contributions towa
rds server costs are appreciated!"
}
}
20/06/2023:
7. Validating functionality by passing Test data (Re-Testing)

7.1 Verify by Passing parameter as 1 in GET Method=>EC=Status Code-200-OK & GET Method will show
the response=Pass
the response=Pass
the response=Pass
7.4 Verify by Passing parameter as 10/100/1000 in GET Method=>EC=Status Code-200-OK & GET
Method will show the response=Pass
8. Validating Negative Test Cases!
8.1 Verify by Passing parameter as a decimal values in GET Method=>EC=Status Code-400-Bad Request
& GET Method will not show the response=Fail-Defect
8.2 Verify by Passing parameter as Null/Blank Values in GET Method=>EC=Status Code-400-Bad Request
8.3 Verify by Passing parameter as a Character/String Values in GET Method=>EC=Status Code-400-Bad
Request & GET Method will not show the response= Fail-Defect
8.4 Verify by passing WRONG URL/URI in GET Method=> EC=Status Code-404-Not Found & GET Method
will not show the response=Pass
8.5 Verify by Passing wrong Authorization/Bearer Token/API Key in GET Method=>EC=Status Code-401-
Un-Authorization & GET Method will not show the response.
8.6 Verify by changing GET Method into another Method=>EC=Status Code-405-Method Not Allowed &
GET Method will not show the response=Fail-Defect
POST Register Users:
 This method will register existing users and set password for them
 Endpoint is secured by authentication Policy and requires authentication token
 Endpoint: Base URL/Domain/Endpoint – https://reqres.in

URI- https://reqres.in/api/register
Request Headers:
Header Name Required/Optional Description
Accept Required Application/json: it will accept

Content-Type Required Application/json: content of

Authorization Required Required basic auth/API

Key/Bearer token
Query Parameters:
This operation do not require query parameters.
Invoking the Operations:
Operation URLs and Environments:
Environment Method URL
DEV POST https://reqresdev.in/api/register
INT(Integration or SIT) POST https://reqressit.in/api/register
UAT POST https://reqresuat.in/api/register
PRE-PROD POST https://reqrespreprod.in/api/register
PROD POST https://reqres.in/api/register
Request Body:
{
"email": "eve.holt@reqres.in",
"password": "pistol"
}
Response Attributes/tagnames:
Attribute Name Data Types Comment

id int
token String
Response Examle:
{
"id": 4,
"token": "QpwL5tke4Pnpja7X4"
POST Method/Request:
 POST Method Service-URL/URI= https://reqres.in/api/register
 Body/Payload-
}
 Username& Password(Basic Auth)/API Key/Bearer token-tcaabfj bjf lekf lklfl
 Time taken for the response=5sec
 Unit Testing Documents
Sample Response:
"id": 4,
"token": "QpwL5tke4Pnpja7X4"
}
Response Status Code: 200-OK
Test Cases:
Precondition: Only existing Users

1. Validating the REST Response=Pass
2. Validating data and count of data in the response=Pass

3. Validating Tag names/Attributes present in response=Id, Token=Pass
4. Validating different Status Code in the responses=>EC=200=Pass
5. Validating time taken for the response=>EC<5secs=Pass

6. Applying Assertions for Verification (Validation)
7. Verifying the Functionality by passing Test Data(Re-Testing)

7.1 Verify POST method/ request by passing “george.bluth@reqres.in” with password EC= for
these email id password will be inserted in serve=Pass
7.2 Verify POST method/ request by passing “janet.weaver@reqres.in” with password EC=
For these email id password will be inserted in server=Pass
7.3 Verify POST method/ request by passing “emma.wong@reqres.in” with password EC=
For these email id password will be inserted in serve=Pass
7.4 Verify POST method/ request by passing “charles.morris@reqres.in” with password EC=
For these email id password will be inserted in serve=Pass
7.5 Verify POST method/ request by passing “lindsay.ferguson@reqres.in” with password

EC= For these email id password will be inserted in serve=Pass
7.6 Verify POST method/ request by passing “rachel.howell@reqres.in” with password
EC= For these email id password will be inserted in serve=Pass
8. Validating Negative Test Cases
8.1 Verify POST method/ request by passing invalid email id “vctc@reqres.in”  EC= 400-Bad
request=Pass
8.2 Verify POST method/ request by passing null/blank email id  EC= 400-Bad request=Pass
8.3 Verify POST method/ request by passing only email id “rachel.howell@reqres.in” without
password  EC= 400-Bad request=Pass
8.4 Verify POST method/ request by passing invalid email id “rachel.howell@gmail.com” 

EC= 400-Bad request=Pass
8.5 Verify POST method/ request by passing valid id (id= 1) with password EC= 400-Bad
request=Pass
8.6 Verify POST method/ request by passing wrong URL/URI  EC= 404-Not found=Pass
8.7 Verify POST method/ request by passing wrong authorization/ API Key/ barrier token
EC= 401-Un- authorization
8.8 Verify by changing POST method/ request into another method/ request  EC= 405-Not
method=Fail-Defect
21/06/2023:
Practice API: Assignment 1

Google Maps Add API (POST):
This API Will add new place into Server
Complete URL: https://rahulshettyacademy.com/maps/api/place/add/json?key=

qaclick123
Base URL/End Point: https://rahulshettyacademy.com
Resource: /maps/api/place/add/json
Query Parameters: key =qaclick123
Http Method: POST
Sample Body :
{
"location": {
"lat": -38.383494,
"lng": 33.427362
},
"accuracy": 50,
"name": "Frontline house",
"phone_number": "(+91) 983 893 3937",
"address": "29, side layout, cohen 09",
"types": [
"shoe park",
"shop"
],
"website": "http://google.com",
"language": "French-IN"
}
Sample Response:
{
"status": "OK",
"place_id": "928b51f64aed18713b0d164d9be8d67f",
"scope": "APP",
"reference": "736f3c9bec384af62a184a1936d42bb0736f3c9bec384af62a184a1936d42bb0",
"id": "736f3c9bec384af62a184a1936d42bb0"}
Google Maps get Place API (GET):

This API Will get existing place details from Server
Complete URL :
http://rahulshettyacademy.com/maps/api/place/get/json?place_id=xxxx&key=qaclick123
Base URL: https://rahulshettyacademy.com
Resource: /maps/api/place/get/json
Query Parameters: key, place_id //( place_id value comes from Add place(POST) response)
Http request: GET
Note: Key value is hardcoded and it is always qaclick123
Sample Response for the Provided Place_Id

{
"location":{
"lat" : -38.383494,
"lng" : 33.427362
},
"accuracy":50,
"name":"Frontline house",
"phone_number":"(+91) 983 893 3937",
"address" : "29, side layout, cohen 09",
"types": ["shoe park","shop"],
"website" : "http://google.com",
"language" : "French-IN"
Google Maps Put Place API (PUT):

This API Will update existing place in Server with new values
Complete URL :
http://rahulshettyacademy.com/maps/api/place/get/json?place_id=xxxx&key=qaclick123
Base URL : https://rahulshettyacademy.com

Resource: /maps/api/place/update/json
Query Parameters: key
Http Method: PUT -
Note: Key value is hardcoded and it is always qaclick123
Sample Request:
{
"place_id":"8d2573bdf6ceec0e474c5f388fa917fb",
"address":"70 Summer walk, USA",
"key":"qaclick123"
Sample Response for the Provided Place_Id

{
"location":{
"lat" : -38.383494,
"lng" : 33.427362
},
"accuracy":50,
"name":"Frontline house",
"phone_number":"(+91) 983 893 3937",
"address" : "29, side layout, cohen 09",
"types": ["shoe park","shop"],
"website" : "http://google.com",
"language" : "French-IN"
Google Maps Delete API (DELETE):

This API Will delete existing place from Server
Complete URL:
https://rahulshettyacademy.com/maps/api/place/delete/json?key=qaclick123
Base URL: https://rahulshettyacademy.com

Resource: /maps/api/place/delete/json
Query Parameters: key

Http request : DELETE
Sample Body :
{
"place_id":"928b51f64aed18713b0d164d9be8d67f"
}
Sample Response
{
"status": "OK"
}
Real API:
 GET method Service –URL/ URI= api.openweathermap.org/data/2.5/weather?q={city

name}&appid={API key}Weather API
 API Key/ Bearer token - abe5bdb0a984910eb4b5a6a82a0a245d
 Time take to response = 5 sec
 Unit Testing documents
Info Site: https://openweathermap.org/current
1. Verify the Weather API for Pune City =>EC=Weather Information should return and Status Code=200-
OK= Pass
2. Verify the Weather API for Mumbai City=>EC=Weather Information should return and Status
Code=200-OK= Pass
3. Verify the Weather API for Nasik City=>EC=Weather Information should return and Status Code=200-
OK=Pass
4. Verify the Weather API for Delhi City of Delhi=>EC=Weather Information should return and Status
Code=200-OK= Pass
5. Verify the Weather API for Goa City of Goa=>EC=Weather Information should return and Status
Code=200-OK=Pass
6. Verify the Weather API for Deoni Village of Maharashtra=>EC=Weather Information should not return
and Status Code=404-Not Found= Pass
8. Verify the Weather API for Null/Blank city name=>EC=Weather Information should not return and
Status Code=400-Bad Request=Pass
9. Verify the Weather API by passing Country name=>EC=Weather Information should not return and
Status Code=400-Bad Request= Fail-Defect
10. Verify the Weather API by passing Invalid City/State Name=>EC=Weather Information should not
return and Status Code=404-Not Found= Pass
11. Verify the Weather API by passing Invalid URL/URI=>EC=Weather Information should not return and
Status Code=404=Pass
12. Verify the Weather API by passing Invalid API Key=>EC=Weather Information should not return and
Status Code=401-Un-Authorization=Pass
How to Run Collection?
How will you skip any methods in collection?
Miscelleneous:
Variables :(POSTMAN)
2 Types: Global Variables & Environment Variable (Local Variable)
Variables enable you to store and reuse values in your requests and scripts. By storing a value in a
variable, you can reference it throughout your collections, environments, and requests. If you need
to update the value, you only have to change it in one place.
Global variables enable you to access data between collections, requests, test scripts, and
environments. Global variables are available throughout a workspace.
Environment variables enable you to tailor your processing to different environments, for
example local development versus testing or production. Only one environment can be active at a
time.
How to Add Environments?
22/06/2023:
How to Access response from one method into another Method?
Answer: With the help of chaining API Concept (Environment Variables)

How to chain API Requests?
Get data from response of one API and refer it in Another API
Step1: Add requests in POSTMAN
Create new Collection and Add one GET Method: List Users-Gives list of users in the response
URL/URI: https://reqres.in/api/users?page=2
Save and Send
Next Add another Request-PUT Request->>Update USER
URL/URI: https://reqres.in/api/users/2
Body/Payload: Give the below details in body-> raw-Select JSON from dropdown
"name": "morpheus",
"job": "zion resident"
}
Save and Send
Step 2: Use environment variables to Parameterize values to be referred
Fetch users from request 1 and provide it in request 2
Go to new-Add Environment---APIChaining
Variable Initial Value Current Value
Username xyz Xyz

Go to 2nd Method (Put) body & Give Parameter name as Username
"name": "{{Username}}",
}
Send request and Make Sure you are using Mentioned Environment above
Step 3: Add Script to fetch value from response from 1st API
Go to JSON Path Finder and get the JSON Path:
Go to Tests=>>>
bodyData=JSON.parse(responseBody)
value=bodyData.data[0].first_name
console.log(value)
pm.environment.set("Username", value);
nd
Note: The value is nothing but the value which we are getting and we will be using in 2
request.
pm.environment.set("Username", value);This statement is setting Environment Variable and the
value of this environment variable is used in second method(PUT)
Step 4: Value coming from response of 1st method will be fetched in 2nd method.
Step 5: Run the second request and Validate now go to Environment and check if the value is correct
Setting Global Variable in API Chaining:

Agenda: GET Method (Testing REST service using SOAP UI Tool)
Testing REST Service using SOAP UI Tool:

GET Method Service: https://reqres.in/
- GET Method Service URL/URI: https://reqres.in/api/users?page=2

- Username& Password(Basic Auth)/API Key/Bearer Token-asdadbkasdbalsdk
- Time taken for the response=5Secs
- Unit Testing document
Response: 200
Sample Response:
{
"page": 2,
"per_page": 6,
"total": 12,
"total_pages": 2,
"data": [
{
"id": 7,
},
{
"id": 8,
},
{
"id": 9,
},
{
"id": 10,
},
{
"id": 11,
},
{
"id": 12,
}
],
"support": {
}
}
Test Cases:
1. Validating the REST Response=Pass
2. Validating data and count of data present in the REST response=Pass
3. Validating tagnames/attributes present in the responseEC=Tag names should contain

id,email,first_name,last_name,avtar=Pass
4. Validating different status codes present in the responseEC=Status Code=200-Ok=Pass
5. Validating time taken for the responseEC<5Secs=Pass
6. Applying assertion for verification

7. Validating the functionality by passing test data (re-testing)
7.1 Verify by passing parameter as 1 in GET MethodEC=Status Code-200-OK & GET Method will show
response=Pass
response=Pass
response=Pass
8. Validating negative test cases!

8.1 Verify by passing a decimal values in GET MethodEC=Status Code-400-Bad Request & GET Method
will not show the response=Fail-Defect
8.2 Verify by passing parameter as Null/Blank value in GET MethodEC=Status Code-400-Bad Request
8.3 Verify by passing parameter as Character/String values in GET MethodEC=Status Code-400-Bad
Request & GET Method will not show the response=Fail-Defect
8.4 Verify by passing wrong URL/URI in GET MethodEC=Status Code-404-Not Found & GET Method
will not show the response=Pass
8.5 Verify by Passing wrong Authorization/API Key/Bearer Token/Basic Auth(Username & Password) in
GET MethodEC=Status Code-401-UnAuthorized & GET Method will not show the response=
8.6 Verify by changing GET Method into another methodEC=Status Code-405-Not Allowed & We will
not get Response=Pass
REST Terminologies:
End Point/Base URL/Domain: Address where API is hosted on the server.
HTTP Methods which are commonly used to communicate with REST API‟s are: GET, POST,
PUT, PATCH, DELETE
GET: The GET is used to extract information from the given server using a given URI.While
using GET request, it should only extract data and should have no other effect on data.No
Payload/Body required.
How to send input data in GET Method?

Ans: Using Query Parameters
POST: A post request is used to send data to the server, for example,Customer information,File
Upload,etc using HTML forms.
How to send input data in POST/PUT/PATCH Method?

Ans: Using Body Payload
PUT: Replaces all current representations of the target resource with uploaded content
DELETE: Remove the contents from the target resource
23/06/2023:
Resources:
Resources represents API/Collection which can be accessed from the servers

Google.com/maps
Google.com/images
Google.com/search
www.amazon.in/orders
Parameters: Path & Query
Path Parameters: are variable parts of the URL Path.They are typically used to point to a
specific resource within a collection,such as user identified by ID
https://www.google.com/images/1123343
https://www.google.com/docs/1123343
https://www.amazon.com/orders/112
Query Parameters:
Query Parameter is used to sort/filter the resources
Query Parameter is identified with “?”
https://www.amazon.com/orders?sort_by=2/20/2022
End Point Request URL can be constructed as below:
URI=Base URL/Resource/(Query/Path)Parameters
URI= Base URL+Resource+Parameter Value
URL & URI:
URL – Uniform resource locator

URI- Uniform resource identifier
EX.
https://reqres.in/api/users?page=2
where
Base URL/Domain/Endpoint – https://reqres.in
URI- https://reqres.in/api/users?page=2
URI contains: URL & other part
contains
1. Resource/api/users
2. Parameter values/ Query Stringafter ? mark ex. page=2
URI= URL +Resource +Parameter value
POST Method/Request:
 POST Method Service-URL/URI=https://reqres.in/api/register
 Body/Payload
}
 Username& Password/API Key/Barrier Token-dasdakfkfbfsas
 Time taken for the response=60secs
 Unit testing documents
JSON Object:
JSON object literals are surrounded by curly braces {}.
JSON object literals contains key/value pairs.
Keys and values are separated by a colon.
"name": "morpheus",
"job": "leader"
PUT method/ request-

 GET method Service –URL/ URI= https://reqres.in/api/users/2
 Body/ Payload-
{
"name": "morpheus",
}
 Username & Password/ API Key/ Barrier token - tdcgbshdnjhgfvbdhcnd

 Unit Testing documents-
Delete method/ request-

 GET method Service –URL/ URI= https://reqres.in/api/users/2
 Username & Password/ API Key/ Barrier token - tdcgbshdnjhgfvbdhcnd
 Unit Testing documents
JSON Path Assertion: It is used to validate JSON response

- JSON Path Count
- JSON Path Existance Match
- JSON Path Match
Ex: https://reqres.in/api/users/2
Sample Response:
"data": {
"id": 2,
"email": "janet.weaver@reqres.in",
"first_name": "Janet",
"last_name": "Weaver",
},
"support": {
}
}
Status Code: 200-OK
JSON Path Existence Match:
JSON Path Match:
What is idempotent?
Idem potency means that multiple identical requests will have the same outcome. So it does not matter
if a request is sent once or multiple times. The following HTTP methods are idempotent: GET, HEAD,
OPTIONS, TRACE, PUT and DELETE
PUT Patch
PUT is a method of modifying resource where PATCH is a method of modifying resources

the client sends data that updates the entire where the client sends partial data that is to be
resource . updated without modifying the entire data.
HTTP PUT is said to be idempotent, So if you HTTP PATCH is basically said to be non-
send retry a request multiple times, that idempotent. So if you retry the request N
should be equivalent to a single request times, you will end up having N resources
modification with N different URIs created on the server.
It has High Bandwidth Since Only data that need to be modified if

send in the request body as a payload , It has
Low Bandwidth
Questions-
1. How much experience you have in web service testing/API?
2. What is difference between SOAP & REST service?
3. How you have tested web service/API ? Tell the Process?
4. What are different status code & meaning?
5. What are different type of method as GET, POST, PUT, PATCH, DELETE
6. What is procedure for testing web services in POSTMAN Tool?
7. What is difference between URI & URL
8. What is difference between Authorization& authentication
9. What is RestAssured?-
Ans - API service then I will use RestAssured library for doing API Automation.
1. What are the Problems you facing in API Testing?
A. Understanding the functionality of API

B. Status Code is not Standard (becoz developers are putting random status codes)
C. Expected result should know as a Tester
1. What is Collection? How to run Collection?
2. In Collection if one requests you want to skip .So how will you do it?
3. What is difference between WebService& API?
4. How to Access response from one method into another Method?
5. Difference between HTTP and HTTPs?
6. Client/server Error Codes
7. Success codes
8. Use of GET, PUT, POST, PATCH, DELETE
9. Difference between Put and Patch

10. Difference between Put and Post
11. How to handle authentication
12. Json/xml structure format
13. How to validate json response
14. Use of JsonPath
15. How to construct json body for Put, Post, Patch request.
16. Use of JsonObject.
17. What's is URI
18. What's a resource
19. What are the common headers used.
20. Common content types
Websites:
https://reqres.in/
https://gorest.co.in/
----------------------------------------Thank You & ALL THE BEST for Preparations----------------------------------------
Project-Database Testing-
Tables Name in your Project-
Stk.Contract_info - end user/ investor details will store, CustID, Fname, PAN no., mobile,
Email id, Address, etc
Stk.BOQ_chagre- Brokerage charge
Stk.RDOS table- Buy, Sell stock/share, holding information & Stock name
Stk.ACCTRANS- Transaction related/ order place information- TrasnctionID
Stk.TransDate – Transaction related to bank related date
Q. Where you have used join quires?

 Answer- In project, I have two table
 Stk .Contract_info - end user/ investor details will store (Cust_ID= PK)
 Stk.ACCTRANS - Customer Transaction related/ order place information- TrasnctionID
(Cust_No =FK)
 Join commands used for –
o Ex. Select T1.CN1, T1.CN2, T2.CN1, T2.CN2
From stk .Contract_info T1
Inner join stk.ACCTRANS T2
ON T1.Cust_ID = T2.Cust_No;
API Testing-
Kite- Front end / End User API Testing- Services Kite Main Server-
 Service Services
Analyst Estimates
Analyst Estimates Graph Values 3 month Buy/ Sell/
Hold data
1. User story- Analyst Estimates values for Stock module form method
Description- Analyst estimation chart will show data for user. User will use for suggestion how
it is stock moving. Take a holistic view of all the weekly/monthly options and their movement
for indices and equities. Real time market movement to help you trade faster with ease.
Extremely easy to use with real time tracking of Profit/Loss. Excellent features to help you trade
easily in any segment you like.
Accept criteria-
1. Estimates values present for NITFY 100 (top 100 in share market)
2. Estimates values generated depending on Buyer & seller – analysis of last 3 month
3. Estimates values is not present for another stock (other than NITFY 100)
4. Estimates values will shows in % format, Tagname- Buy, Sell & Hold
Developer provide-
1. URL/URI- GET method/ Request-
172.10.21.130:8080/kite.com/api/estimate_graph?StockName= TCS
2. API Key- sgfdggdsdfgjhgfgbn
3. Unit Testing – Tables, Screenshot, etc.
{
“StockName” : “TCS”,
“BUY” : “88%”,
“SELL” : “10%”,
“HOLD” : “2%”
}
1. Verify Rest response 
2. Verify data and count  EC= Data should be comes in only one
3. Verify Tagname present in GET method  EC= Get method will shows Tagname as
Buy, Sell and Hold
4. Verify different status code in GET method  EC= Get method will shows 200-ok
5. Verify time takes into response GET method  EC= Response < 5 sec
6. Verify GET method by passing different Stockname (TCS)  EC= Response should
shows data for Buy, Sell & Hold for stockname & Status code = 200-ok
7. Verify GET method by passing different Stockname (HDFC)  EC= Response should
8. Verify GET method by passing different Stockname (Coil india)  EC= Response
should shows data for Buy, Sell & Hold for stockname & Status code = 200-ok
9. Verify GET method by passing different Stockname (Apllo Hospita)  EC= Response
should shows data for Buy, Sell & Hold for stockname & Status code = 200-ok
10. Verify GET method by passing different Stockname (SBI)  EC= Response should
11. Verify GET method by passing different Stockname other than NIFFT 100 (IRCTC) 
EC= Response should not shows & Status code = 400-Bad request
12. Verify GET method by passing different Stockname other than NIFFT 100 (Trident) 
EC= Response should not shows & Status code = 400-Bad request
13. Verify GET method by passing null/blank data  EC= Response should not shows &
Status code = 400-Bad request
14. Verify GET method by passing wrong URL/URI  EC= Response should not shows &
Status code = 404-Not found
15. Verify GET method by passing wrong API Key EC= Response should not shows &
Status code = 401-Un-authorized
16. Verify by changing method GET method into another method EC= Response should
not shows & Status code = 405-Mentod not allowed
2. Service - Portfolio updates notification

Get Method/URI-
172.20.30.120:8080/account.kite.com/Portfolio/apl/notification/cust_id=101356
Kite = Front end - Kite server  End user

application  buy, sell data stored
Order placed
1. Verify Portfolio updates notification API by sent valid cust_id=101356

 POSTMAN tool hit Get Method/URI
 We got data in JSON in POSTMAN tool console/ body
 Data return from API, for validation we throw database quires (Select * from
Stk.Contract_info where cust_id = 101356)
1. Verify GET metod by passing different cust_id  EC = response should shows data for
cust_id and statues code = 200-ok

API Testing Lecture Notes Katraj 11th March 2023

Uploaded by

Copyright:

Available Formats

API Testing Lecture Notes Katraj 11th March 2023

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

API Testing Lecture Notes Katraj 11th March 2023

Uploaded by

Copyright:

Available Formats

05/06/2023

- Service available over the web(Internet)

You (Service Kitchen (Chef)(Service

- Service available over the web

User Layer or Business Layer (API) Database Layer

Client (Service Server (Service

Agenda: Types of Web Services, Components/Specifications/Standards of SOAP Web Service

Types of Web Services:

Components/Specifications/Standards of SOAP Web Service: WSDL, UDDI, SOAP

WSDL: Web Service Description Language:

- Element must be the root element of all WSDL documents

- To combine all operations together

WSDL File: <definitions>,<types>,<message>,<portType>,<binding>

UDDI: Universal Description Discovery Integration

SOAP: Simple Object Access Protocol

- Contains XML data comprising the message being sent

<faultstring>System.Web.Services.Protocols.SoapException: Server was unable to read

at System.Number.StringToNumber(String str, NumberStyles options, NumberBuffer&amp;

at System.Number.ParseInt32(String s, NumberStyles style, NumberFormatInfo info)

at System.Xml.Serialization.XmlSerializer.Deserialize(XmlReader xmlReader, String

--- End of inner exception stack trace ---

at System.Xml.Serialization.XmlSerializer.Deserialize(XmlReader xmlReader, String

--- End of inner exception stack trace ---

SOAP Web Service:

What are these Specifications/Standards/Components?

Basic Standards: WSDL,UDDI,SOAP

Paytm – UI/ GUI Service Travels- Travels agency/ IRCTC/Travels/Fligh

2.Validating data and count of data present in SOAP Response=Pass

4. Validating different status codes present in the responseEC=200-OK=Pass

6.Applying Assertion for Verification(Validation Point)To Compare Actual Vs Expected ResultTo

7. Validating the functionality by passing Test data (Re-Testing)

7.7 Verify by passing both digits as negative numbersEC=should be added=Pass

8.Validating Negative Test cases!

8.5 Verify the SOAP Service by passing Wrong WSDLEC=Pass

Few Important Questions:

How to run Test Suite in Parallel and Sequential?

matches(Arg1,Arg2) ==>Matches(Xpath of the node,Expected Value at that node)

Agenda: Testing REST Service using POSTMAN Tool: GET Method/Service

Testing REST Service using POSTMAN Tool: https://www.postman.com/downloads/

 Returns list of users based on the query parameters

 The Endpoint is secured by authentication Policy and requires authentication token

Header Name Required/Optional Description

Accept Required Application/json: it will accept

Content-Type Required Application/json: content of

Authorization Required Required basic auth/API

Parameter Name Data Type Required/Optional Description

Page Int Required It will fetch the

Invoking the Operations:

Operation URLs and Environments:

Environment Method URL

DEV GET https://reqresdev.in/api/users?page=2

INT(Integration or SIT) GET https://reqresint.in/api/users?page=2

UAT GET https://reqresuat.in/api/users?page=2

PRE-PROD GET https://reqrespreprod.in/api/users?page=2

PROD GET https://reqres.in/api/users?page=2

Not required for this operation

Attribute Name Data Types Comment

" ": "https://reqres.in/img/faces/7-image.jpg"

GET Method Service:

- GET Method Service URL/URI= https://reqres.in/api/users?page=2

at System.Number.StringToNumber(String str, NumberStyles options, NumberBuffer&