30 Days of API Testing - Day 1: Define API testing

After a few days researching API testing, I have some general ideas to share to some who are still newbies to it:
1. What is API?
API stands for Application Programming Interface. Talking in technical terms an API is a set of procedures, functions, and other points of access which an application, an operating system, a library etc., makes available to programmers in order to allow it to interact with other software.
Given an analogy to make it more easier to understand:
Let say you went to a restaurant. There is no waiter present, so you need to see the menu lying on the table and then make a request to the kitchen where the chef will prepare the dish for you. But it does not always work that way. What if the dish is not available? You will have to go to your seat again and decide something else. There will be many customers present in the restaurant which will slow the process of the chef since now he will be listening to the orders instead of preparing them. Also how can we forget we live in this multilingual world. What if you do not understand the chef’s language?

image.jpg997×1186 308 KB

In this scenario, a waiter is necessary and he is playing a role like an API that takes a request from a customer, sends it to the chef and in response bring in the food to the customer. If the dish is not available, the waiter will tell the customer.

Meanwhile, the waiter is speaking the language that both customers and chefs understand.
In general,you make the requests while the waiter works as an API who is an intermediary and takes the request to the appropriate server. This server will be processing your request and responding back to you. As said above, your server or application is the chef who is in the kitchen. He will process your request, cook your desired food and present it back to you as a response. This is how API works.

2. What is API testing? Why API testing?
API testing is a type of software testing that involves testing APIs directly and also as a part of integration testing to check whether the API meets expectations in terms of functionality, reliability, performance, and security of an application. In API Testing our main focus will be on Business logic layer of the software architecture.

Why we need to use API testing?
Before, Testing would often take place at the GUI level. This often leads to the facts that enginneers have short time to test their products, critical bugs cannot be detected early which take a lot of efforts to fix.
In the age of agile, to adapt quick releases and versatile needs from customers, testing must happen at the lower level. While GUI is not ready, teams still are able to test their product effectively.

3. What needs to be verified in API testing?

• Data accuracy
• HTTP status codes
• Response time
• Error codes in case API returns any errors
• Authorization checks
• Non functional testing such as performance testing, security testing

For more details, please refer here:

These are my understanding on API testing, what about yours?

API testing in simple way is like moderator between many systems or apps that can exchange the data or info from one app to another for ex (from the server the mobile app ) a web service must be found to get data from the server or data base or anything to another side client , interface .

#30 days of API testing
{ Define API testing }

API Testing is a software testing type that validates Application Programming Interfaces (APIs). The purpose of API Testing is to check the functionality, reliability, performance, and security of the programming interfaces. In API Testing, instead of using standard user inputs(keyboard) and outputs, you use software to send calls to the API, get output, and note down the system’s response.

Hey Guys, I have added my thoughts on Definitive Guide to API Testing

API "Application programming interface ", is a software that helps two applications to interact with each other, by sending calls and receiving responses, and it also provides communication between products and services without a need to know how they are implemented.
API testing:
The main purpose of API testing is to check

• functionality

• reliability

• performance

• security
  of the application interface.

Unlike in GUI testing , API testing doesn’t care for the look and feel of the application, it focus more on the business logic layer of the software architect,.

In API testing the tester send some calls to the API using API testing software’s, and gets output and notes the response of the system for that call, for this the tester needs a tool to make the calls and code to test the API.

Hi all!

I missed the first around of #30DaysOfTesting so, here I am!

There is already so much great text content, so I’m going to fulfil my Day 1 “definition” with a white-board mind map. Enjoy!

api testing mindmap2048×1536 293 KB

If you want to follow my journey, I will be posting on Twitter:

https://twitter.com/dowenb

Love the visual representation Ben

Hope to see some of the journey on here too

I’ll try my best @heather_reid! I need to up my Club game.

Also got inspired with the mindmap
I found this tool online called https://excalidraw.com/ which I will use going forward.

Hi all,

An API is an Application Programming Interface. This is an interface to an application designed for other computer systems to use.

It is a mechanism that allows the communication between two application, components or computer hardware using a set of rules and protocols

An API can be written and used for

• Web based applications: An HTTP based API is often called a Web API
• Computer operating systems:API written to communicate between computer hardware and keyboard or mouse COM API
• Database systems
• Software library:EX :Selenium

Types of API Testing

1.Functionality testing-** the API works and what it’s supposed to do.
2.Reliability testing –** the API consistently connected to and lead to consistent results
3.Creativity testing –** the API handles used in different ways.
4.Load testing –** the API handles a large number of the call.
5.Security testing –** the API has defined security requirements including authentication, permissions and access controls.
6.Proficiency testing –** the API increases what developers can do.
7.API documentation testing –** also called discovery testing, the API documentation easily guides the user.
8.Negative Testing –** Checking for every kind of wrong input the user can supply.
Some examples of negative tests are –

1. Send a request with the wrong HTTP verb.
2. Send a request with a body that has missing required fields.
3. Send a request with a body that has invalid field values.
4. Send a request without the proper authorization.
5. Send a request with the wrong endpoint.
6. Request data for a record that does not exist.
7. Send a request with missing headers.
8. Send a request with the wrong headers.

So what is an API?

1. API is an Application Programming Interface

That is correct but it is wrong. I mean it is now wrong wrong but I do not think the phrase Application Programming Interface is somenthing a non code, non geek person would understand.

2. API is a way to expose your code to the outside world

I would say this is a bit better but some might say it is still not enough. What do you expose, what do you mean by expose?

3. An API allows you to have access to resources ( text, image, video, sound) which are present on a specific maschine by accessing a specific URL ( link, page). Depending on the API you can create, update or even delete those resources.

This is my view of what an API is. While it may not be the most accurate from a book perspective it does allow me to both understand and explain how to work with API in a more universal way.

API testing is … I would say the below checklist

• Make sure the API is well documented
• Make sure the API returns the defined data
• Make sure that the API data is returned in the defined format
• Make sure that in case an error happends the message is clear and that the API does not crash on errors
• Make sure that it does not take forever to get the data
• Make sure that multiple users can use the API at the same time
• Make sure that only the users who have the access can access the API

• Initially I wanted to google and read more about it, then give an answer, but then I decided to just write what I know (apologies for any mistakes I made). I am relatively new to testing and mostly do exploratory web app testing and not using API testing often. It would be interesting to compare how I see API testing after completion of 30 days of API testing.
  • What is API - Application Programming Interface, set of commands, protocols and interfaces that allow applications to “talk to each other”, send requests and receive responses.
  • Why. API testing can make it easier to find issues/bugs which would be harder or impossible to find when interacting with product using GUI. Some types of testing such as Security, Performance, Load testing, etc heavily rely on interacting with product using API calls. When automated checks are used for testing, in most cases API tests are faster then UI tests.
  • What. Here is my definition of API Testing (influenced by definition of testing in RST): evaluating the product and its underlying API level, by learning about it through exploring, experiencing, experimenting with it.
  • How Unlike other types of testing where tester is interacting with GUI (e.g. in a browser), API testing is probably more technical, since it requires some knowledge of http protocol, json, serialization, REST and SOAP protocols and other concepts. Some of the most popular tools for API testing: Postman, curl, Charles Proxy, Fiddler, SoapUI, developer console in browser.

API711×505 12.3 KB

Here is my Day 1 post of 30 Days of API Testing.

30 Days of Testing api-testing

Even though this post is a bit old, I’m still participating in it to enhance my API testing skills and learn something new every day for the next 30 days.

For me, API testing is about testing API in a tool or framework to verify that the API is working fine and giving results as per the expectation.

Since API is crucial as it is in almost every application, API testing has also become crucial. There are many tools through which we can do the API testing like Postman, swagger, soapUI, strong text, or rest assured framework.

While doing API testing, request and response are the most important components, request is the data that we send to the server and response is the data that we receive from the server. The response contains the actual results on the execution of our API along with that status code also.
So while doing API testing we should check the status code also as most of the time we can find the error in API testing with the help of the status code. For e.g. error code 400 or 404 or 502 or 500, etc.