In this article , i will describe that what is API? what is API Testing? and an overview of API.
What is API? (Application Programming Interface)
API is a software intermediary that use to allow two applications to talk to each other,
basically an API specifies how software components should interact.
It consists of a set of routines, protocols and tools for building the Software Application.
OR in simple words
API essentialy a library of functions, data structure and classes used by the developer to perform a specific task such a drawing a window and posting a comment etc.
Example of API :
Each time when you use an app like Twiiter, Facebook, send an instant message, or check the weather on your phone,
you are using an API.
When we use an applicaton on our mobile phone, the application connects to the internet and sends data to a server,
then the server retrives that data, interprets it, perform the necessary actions and sends it back to our phone.
The application then interprets that data and presents you with the information you wanted in a readable way.
This is that an API is - all of this happens via API.
Popular API Examples :
YouTube API : Google's APIs lets developers integrate YouTube videos and functionality into websites or applications.
Twitter APIs: Twitter offers two APIs. The REST API allows developers to access core Twitter data and the Search API provides methods for developers to interact with Twitter Search and trends data.
Amazon Product Advertising API: Amazon's Product Advertising API gives developers access to Amazon's product selection and discovery functionality to advertise Amazon products to monetize a website.
As like other kinds of testing, API testing also is intended to reveal bugs : inconsistencies or deviations from the
Continuous testing is also very important to make sure it continues to work when the public has access to it.
API testing is one of the most challenging parts of the chain of software and QA testing because it works to assure that our digital lives run in an increasingly seamless and efficient manner.
API testing as a part of integration testing to determine if they meet expectations for functionalit, reliability, performance and security.
Presentation layer: This layer contains the user oriented functionality responsible for managing user interaction with the system, and generally consists of components that provide a common bridge into the core business logic encapsulated in the business layer.
Business layer: This layer implements the core functionality of the system, and encapsulates the relevant business logic. It generally consists of components, some of which may expose service interfaces that other callers can use.
Data layer: This layer provides access to data hosted within the boundaries of the system, and data exposed by other networked systems; perhaps accessed through services.
Api testing is mainly exist on the business logic layer of the software architecture.
Remember : Api testing won't focus on the look and feel of an application.
Important Point : API Testing is not either black box or white box basically its both
black and white.
API testing is now considered critical for automation testing because APIs now serve as the
primary interface to application logic and because GUI tests are difficult to maintain with
the shortrelease cycles and frequent changes commonly used with agile Software Development and
API testing typically involves the following practice :
Functional Testing : Incluse test case definition, execution, validation and regression testing.
Runtime error detection : Monitoring an application the execution of automated or manual tests to expose problems such as race conditions, exceptions and resource leaks.
Security testing : Include penetration testing and fuzz testing as well as validation authentication, encryption and access control.
Web UI testing
Interoreability testing -(SOAP only) checking conformance to web services Interoperability profiles.
Compliance testing (SOAP only)
API ArchitectureAPI Call Collector
1). HTTP Header
2). HTTP Request
3). Status code/response code
b) Response Time
Response code like 404 (Not Found), 200(OK) etc.
Types of Web Service
1). SOAP (Simple Object Access Protocol)
2). REST (Representational state transfer)
SWAGGER (Manual API Testing)
Advantage of API Testing
Test of core functionality
Test coverage with application
Access to application without user interface
Protection from malicious code and breakage
Time Efficiency Vs. Functional and Validation testing
Cost Effective/Reduce Testing cost
Technology independent.. etc
Types of bugs expected :
Wrong status code
Components (module) not interacting as expected
HTTPS request are not working.
|UNIT Testing||API Testing|
|Owned by development||Owned by test|
|Limited in Scope||Broader in scope|
|Mocked dependencies||Mocked and real dependencies|
|Does it work by itself||Does it play well with others|
|Usually ran before check-in||Ran after the build created|
API Test Design Principles
Robust automated test cases generally have 5 stages of API test design
1).Setup : Initialize data, create objects, start services etc.
2).Execution : Steps to exercise API or scenario, also logging
3).Verification : Oracles to evaluate execution outcome
Note : Oracles are messages function usally used to compare actual result with expected results
4).Reporting : pass, fail or blocked
5).Clean up : Pre-test state.
API testing benefits both the development and testing organization.
API testing is both a black and white box activity
Find some types of bugs more efficiently but not find all bugs
Doesn't evaluate "look and feel"
Can change focus of GUI automation
Not for everyone.
Approach of API Testing
1).First understand the funcationality of your API program and find the scope of this program.
2). Then simply apply your testing techniques like error guessing, input parameters , boundary value etc.
3). Now time have come to execute your test case & compare the result with expected results.