API Testing Overview

API TESTING OVERVIEW

Hello Friends,

In this article , i will describe that what is API? what is API Testing? and an overview of API.

What is API? (Application Programming Interface)

API is a software intermediary that use to allow two applications to talk to each other,
basically an API specifies how software components should interact.
It consists of a set of routines, protocols and tools for building the Software Application.
OR in simple words
API essentialy a library of functions, data structure and classes used by the developer to perform a specific task such a drawing a window and posting a comment etc.

Example of API :

Each time when you use an app like Twiiter, Facebook, send an instant message, or check the weather on your phone, you are using an API.

When we use an applicaton on our mobile phone, the application connects to the internet and sends data to a server, then the server retrives that data, interprets it, perform the necessary actions and sends it back to our phone.
The application then interprets that data and presents you with the information you wanted in a readable way.
This is that an API is - all of this happens via API.

Popular API Examples :

Google Maps API : Google Maps APIs lets developes embed Google Maps on weboage using a JavaScript or Flash Interface.

YouTube API : Google's APIs lets developers integrate YouTube videos and functionality into websites or applications.

Twitter APIs: Twitter offers two APIs. The REST API allows developers to access core Twitter data and the Search API provides methods for developers to interact with Twitter Search and trends data.

Amazon Product Advertising API: Amazon's Product Advertising API gives developers access to Amazon's product selection and discovery functionality to advertise Amazon products to monetize a website.

What is API Testing ?

As like other kinds of testing, API testing also is intended to reveal bugs : inconsistencies or deviations from the expected behaviour.
Continuous testing is also very important to make sure it continues to work when the public has access to it.
API testing is one of the most challenging parts of the chain of software and QA testing because it works to assure that our digital lives run in an increasingly seamless and efficient manner.
API testing as a part of integration testing to determine if they meet expectations for functionalit, reliability, performance and security.

let's discuss on Three layer Software Architecture :

Presentation layer: This layer contains the user oriented functionality responsible for managing user interaction with the system, and generally consists of components that provide a common bridge into the core business logic encapsulated in the business layer.

Business layer: This layer implements the core functionality of the system, and encapsulates the relevant business logic. It generally consists of components, some of which may expose service interfaces that other callers can use.

Data layer: This layer provides access to data hosted within the boundaries of the system, and data exposed by other networked systems; perhaps accessed through services.

Api testing is mainly exist on the business logic layer of the software architecture.
Remember : Api testing won't focus on the look and feel of an application.

Important Point : API Testing is not either black box or white box basically its both black and white.

API testing is now considered critical for automation testing because APIs now serve as the primary interface to application logic and because GUI tests are difficult to maintain with the shortrelease cycles and frequent changes commonly used with agile Software Development and Devops.

Types of API testing
API testing typically involves the following practice :
Unit Testing
Functional Testing : Incluse test case definition, execution, validation and regression testing.
Load testing
Runtime error detection : Monitoring an application the execution of automated or manual tests to expose problems such as race conditions, exceptions and resource leaks.
Security testing : Include penetration testing and fuzz testing as well as validation authentication, encryption and access control.
Web UI testing
Interoreability testing -(SOAP only) checking conformance to web services Interoperability profiles.
Compliance testing (SOAP only)

API Architecture

API Call Collector
1). HTTP Header
2). HTTP Request
3). Status code/response code

HTTP header
a) Automatization
b) Response Time

HTTP request
a. CONNECT
b. DELETE
c. GET
d. HEAD
e. OPTIONS
f. POST
g. PUT

Response code like 404 (Not Found), 200(OK) etc.


Types of Web Service

1). SOAP (Simple Object Access Protocol)
2). REST (Representational state transfer)
3). XML-RPC
4). JSON-RPC

Popular API Testing Tools :
SOAP UI
SWAGGER (Manual API Testing)
POSTMAN
API Studio
Amazon webServices
KONG
BLOCKSPRING
GALILEO
API GARAGE
SWAGGER
APIBoard

Advantage of API Testing

Test of core functionality
Test Quality
Faster Release
Test coverage with application
Access to application without user interface
Protection from malicious code and breakage
Time Efficiency Vs. Functional and Validation testing
Cost Effective/Reduce Testing cost
Technology independent.. etc

Types of bugs expected :
Wrong status code
API validation
Components (module) not interacting as expected
HTTPS request are not working.


Difference between Unit Testing and API Testing

UNIT Testing	API Testing
Owned by development	Owned by test
Limited in Scope	Broader in scope
Mocked dependencies	Mocked and real dependencies
Does it work by itself	Does it play well with others
Usually ran before check-in	Ran after the build created

API Test Design Principles

Robust automated test cases generally have 5 stages of API test design
1).Setup : Initialize data, create objects, start services etc.
2).Execution : Steps to exercise API or scenario, also logging
3).Verification : Oracles to evaluate execution outcome
Note : Oracles are messages function usally used to compare actual result with expected results
4).Reporting : pass, fail or blocked
5).Clean up : Pre-test state.

Key Points:

API testing benefits both the development and testing organization.
API testing is both a black and white box activity
Find some types of bugs more efficiently but not find all bugs
Doesn't evaluate "look and feel"
Can change focus of GUI automation
Not for everyone.

Approach of API Testing
1).First understand the funcationality of your API program and find the scope of this program.
2). Then simply apply your testing techniques like error guessing, input parameters , boundary value etc.
3). Now time have come to execute your test case & compare the result with expected results.

Click Here for Next Topic

What is API.	Example of API.
what is api testing.	Type of API testing.
Types of webservices.	Advantage of API Testing.
Type of bugs expected.	Difference between Unit Testing and API testing.
API Test Design Principle.	Type of API testing.
Key Points of API Testing.	Approach of API testing.