Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
SlideShare a Scribd company logo

Do’s and don’ts of api testing

webomates
webomates

API testing is a critical component of the whole testing process. It deals with testing the business logic of an application, which is typically encompassed in the business layer and is instrumental in handling all the transactions between user interface and underlying data. It is deemed as a part of Integration testing that involves verification of functionality, performance and robustness of API’s.

Related slideshows

Automation_testing
Automation_testingAutomation_testing
Automation_testing
 
Top 20 best automation testing tools
Top 20 best automation testing toolsTop 20 best automation testing tools
Top 20 best automation testing tools
 
Just Enough (Automated) Testing
Just Enough (Automated) TestingJust Enough (Automated) Testing
Just Enough (Automated) Testing
 
1 of 10
Download to read offline
Do’s and Don’ts of API Testing WWW.WEBOMATES.COM API testing is a critical component of the whole testing process. It deals with testing the business logic of an application, which is typically encompassed in the business layer and is instrumental in handling all the transactions between user interface and underlying data. It is deemed as a part of Integration testing that involves verification of functionality, performance and robustness of API’s. API’s evolve and develop as and when business and functional requirements change, thus making it even more important to test them on a continuous basis. They also become suitable candidates for automation testing since they need to be tested with every release cycle. Besides checking for the functionality API testing tests for error condition handling, response handling in terms of time and data, performance issues, security issues etc. It is quite evident that API testing is the key to testing
Do’s and Don’ts of API Testing WWW.WEBOMATES.COM the business requirements, thus it is imperative to follow certain best practices in order to achieve good outcome. Following table gives a quick overview of what to do and what not to do while conducting API testing. These points are further elaborated in entailing paragraphs. Do’sDon’tsCategorize the test casesUse static data Prioritize API callsIgnore dependenciesAutomateMiss including response time assertionsChoose suitable automation toolTake security testing slightly positive and Negative testing ignores one time call functions share test results Keeping documentation on low priority reform load tests What to do for successful API Testing • Categorize the test cases
Do’s and Don’ts of API Testing WWW.WEBOMATES.COM An application may involve several APIs which may sometimes run into triple digits. In order to maintain the test cases for quick reference and execution, it is a good idea to categorize them. • Prioritize the API calls Calls made to API’s should be prioritized for ease of testing. • Automate the API testing process
Do’s and Don’ts of API Testing WWW.WEBOMATES.COM API tests are usually deemed stable and major changes are done mainly when business logic is changed. This makes them perfect candidates for test automation. Since API testing is a type of Black-box testing different combinations of inputs can be used to test a scenario, making this a Data driven test approach. The test data, scripts and API endpoints can be saved for execution at a later stage. • Choose a suitable Automation Testing Tool There are several tools, like Parasoft SOATest, POSTMAN, RestAssured, JMeter, Swagger, API
Do’s and Don’ts of API Testing WWW.WEBOMATES.COM Fortress etc that are available in the market for API testing. Choose a suitable tool carefully to leverage the benefits of automation. • Create positive and negative tests For a complete scenario check API testing requires to run both, positive and negative tests. Since API testing is a data driven approach, various combinations of data inputs can be used to test these. In either case, proper care must be taken to ensure that API returns appropriate response to the calling function. • Share the test results
Do’s and Don’ts of API Testing WWW.WEBOMATES.COM API testing failure should be brought to the attention of all the stakeholders involved on a priority basis. Even better approach would be to send out immediate notifications using team notification channels in event of any failure. This will help the team in taking prompt action. • Perform Load Tests
Do’s and Don’ts of API Testing WWW.WEBOMATES.COM An API should handle load tests either by functioning as expected or failing gracefully in a predictable manner. It should be able to handle a variety of input data and manage error conditions, in case of failure. What to avoid during API Testing Following points should be taken care of while performing API testing. • Using static data
Do’s and Don’ts of API Testing WWW.WEBOMATES.COM In a real life scenario, API endpoints rely on inputs from calling code or on the outputs of other API’s. Using static data embedded in code or otherwise will yield incorrect results when the API is called in the live environment. It is prudent to perform a proper Integration testing of API’s by following actual user and data flows. • Ignore dependencies API’s often depend on other API’s and sometimes on external services also. It is vital to test the third party API’s in test
Do’s and Don’ts of API Testing WWW.WEBOMATES.COM environment and then test the dependent API along with those API’s to have a holistic picture. In a nutshell, the whole ecosystem needs to be tested in order to ensure that any changes/upgrades in other API’s does not impact the functioning of dependent API’s. • Missing the response time assertions It is important to keep track of the response time of API calls. While a test may pass functionally, there could be a number of reasons for delayed response. This affects the end user experience. Any application which takes too long to compute or load or give results is not what the end user wishes to use. Hence, it is a good practice to include a time based test to check the response time. If API is taking too long to respond then it should be reported so that the developers can look into the code to understand the delayed response.Click here to read more: Api Automation
Do’s and Don’ts of API Testing WWW.WEBOMATES.COM Tags: API Testing, Postman, REST API, Swagger

More Related Content

Do’s and don’ts of api testing

  • 1. Do’s and Don’ts of API Testing WWW.WEBOMATES.COM API testing is a critical component of the whole testing process. It deals with testing the business logic of an application, which is typically encompassed in the business layer and is instrumental in handling all the transactions between user interface and underlying data. It is deemed as a part of Integration testing that involves verification of functionality, performance and robustness of API’s. API’s evolve and develop as and when business and functional requirements change, thus making it even more important to test them on a continuous basis. They also become suitable candidates for automation testing since they need to be tested with every release cycle. Besides checking for the functionality API testing tests for error condition handling, response handling in terms of time and data, performance issues, security issues etc. It is quite evident that API testing is the key to testing
  • 2. Do’s and Don’ts of API Testing WWW.WEBOMATES.COM the business requirements, thus it is imperative to follow certain best practices in order to achieve good outcome. Following table gives a quick overview of what to do and what not to do while conducting API testing. These points are further elaborated in entailing paragraphs. Do’sDon’tsCategorize the test casesUse static data Prioritize API callsIgnore dependenciesAutomateMiss including response time assertionsChoose suitable automation toolTake security testing slightly positive and Negative testing ignores one time call functions share test results Keeping documentation on low priority reform load tests What to do for successful API Testing • Categorize the test cases
  • 3. Do’s and Don’ts of API Testing WWW.WEBOMATES.COM An application may involve several APIs which may sometimes run into triple digits. In order to maintain the test cases for quick reference and execution, it is a good idea to categorize them. • Prioritize the API calls Calls made to API’s should be prioritized for ease of testing. • Automate the API testing process
  • 4. Do’s and Don’ts of API Testing WWW.WEBOMATES.COM API tests are usually deemed stable and major changes are done mainly when business logic is changed. This makes them perfect candidates for test automation. Since API testing is a type of Black-box testing different combinations of inputs can be used to test a scenario, making this a Data driven test approach. The test data, scripts and API endpoints can be saved for execution at a later stage. • Choose a suitable Automation Testing Tool There are several tools, like Parasoft SOATest, POSTMAN, RestAssured, JMeter, Swagger, API
  • 5. Do’s and Don’ts of API Testing WWW.WEBOMATES.COM Fortress etc that are available in the market for API testing. Choose a suitable tool carefully to leverage the benefits of automation. • Create positive and negative tests For a complete scenario check API testing requires to run both, positive and negative tests. Since API testing is a data driven approach, various combinations of data inputs can be used to test these. In either case, proper care must be taken to ensure that API returns appropriate response to the calling function. • Share the test results
  • 6. Do’s and Don’ts of API Testing WWW.WEBOMATES.COM API testing failure should be brought to the attention of all the stakeholders involved on a priority basis. Even better approach would be to send out immediate notifications using team notification channels in event of any failure. This will help the team in taking prompt action. • Perform Load Tests
  • 7. Do’s and Don’ts of API Testing WWW.WEBOMATES.COM An API should handle load tests either by functioning as expected or failing gracefully in a predictable manner. It should be able to handle a variety of input data and manage error conditions, in case of failure. What to avoid during API Testing Following points should be taken care of while performing API testing. • Using static data
  • 8. Do’s and Don’ts of API Testing WWW.WEBOMATES.COM In a real life scenario, API endpoints rely on inputs from calling code or on the outputs of other API’s. Using static data embedded in code or otherwise will yield incorrect results when the API is called in the live environment. It is prudent to perform a proper Integration testing of API’s by following actual user and data flows. • Ignore dependencies API’s often depend on other API’s and sometimes on external services also. It is vital to test the third party API’s in test
  • 9. Do’s and Don’ts of API Testing WWW.WEBOMATES.COM environment and then test the dependent API along with those API’s to have a holistic picture. In a nutshell, the whole ecosystem needs to be tested in order to ensure that any changes/upgrades in other API’s does not impact the functioning of dependent API’s. • Missing the response time assertions It is important to keep track of the response time of API calls. While a test may pass functionally, there could be a number of reasons for delayed response. This affects the end user experience. Any application which takes too long to compute or load or give results is not what the end user wishes to use. Hence, it is a good practice to include a time based test to check the response time. If API is taking too long to respond then it should be reported so that the developers can look into the code to understand the delayed response.Click here to read more: Api Automation
  • 10. Do’s and Don’ts of API Testing WWW.WEBOMATES.COM Tags: API Testing, Postman, REST API, Swagger