How to Do API Testing?
API endpoint example http://dzone.com/getuserDetails/{username} when you send the get request to that URL it returns the JSON response.
Join the DZone community and get the full member experience.
Join For FreeNowadays API testing is an integral part of testing. There are a lot of tools like postman, insomnia, etc. There are many articles that ask what is API, What is API testing, but the problem is How to do API testing? What I need to validate.
Note: In this article, I am going to use postman assertions for all the examples since it is the most popular tool. But this article is not intended only for the postman tool.
Let's directly jump to the topic.
Let's consider you have an API endpoint example http://dzone.com/getuserDetails/{{username}} when you send the get request to that URL it returns the JSON response.
My API endpoint is http://dzone.com/getuserDetails/{{username}}
The response is in JSON format like below
xxxxxxxxxx
{
"jobTitle": "string",
"userid": "string",
"phoneNumber": "string",
"password": "string",
"email": "user@example.com",
"firstName": "string",
"lastName": "string",
"userName": "string",
"country": "string",
"region": "string",
"city": "string",
"department": "string",
"userType": 0
}
In the JSON we can see there are properties and associated values.
Now, For example, if we need details of the user with the username 'ganeshhegde' we need to send a GET request to http://dzone.com/getuserDetails/ganeshhegde
Now there are two scenarios.
1. Valid Usecase: User is available in the database and it returns user details with status code 200
2. Invalid Usecase: User is Unavailable/Invalid user in this case it returns status with code 404 with not found message.
API Tests for Valid Requests
We are sending a request like below.
And Response is JSON is likeblow.
{
"userId": "aaqere1d0d3d478d7d2e6s",
"jobTitle": "Test Engineer",
"phoneNumber": 0000006987,
"email": "example@live.com",
"firstName": "Ganesh",
"lastName": "Hegde",
"userName": "example@live.com",
"country": "India",
"city": "Bangalore",
"department": null,
"region": "APAC",
"userType": 0
}
Expected STATUS :200 OK
How To Write API Tests for the Above Request and Response, What We Need To Validate?
Let's consider one by one
1. Verify Status
First, you need to test whether response status is expected, In our case, we are expecting 200
Let's see how to validate
x
pm.test("Verify Reponse Status 200", function() {
pm.response.to.have.status(200);
});
2. Verify Response format
You need to think what is your expected response format, whether it is JSON, Text, or HTML file
In our case, it's a JSON file we can validate like below
xxxxxxxxxx
pm.test("Verify Response Format", function() {
pm.response.to.be.json;
});
3. Verify API Properties
In the above example, we have properties like "userId", "jobTitle", "email" etc. we need to validate whether all properties, that are returned as a response.
Note: There can be some dynamic properties, you can add if and else block for those properties.
xxxxxxxxxx
pm.test('Verify Properties', () => {
response = pm.response.json();
pm.expect(response).to.own.property("userId");
pm.expect(response).to.own.property("jobTitle");
pm.expect(response).to.own.property("phoneNumber");
pm.expect(response).to.own.property("email");
pm.expect(response).to.own.property("firstName");
pm.expect(response).to.own.property("lastName");
pm.expect(response).to.own.property("userName");
pm.expect(response).to.own.property("country");
pm.expect(response).to.own.property("city");
pm.expect(response).to.own.property("department");
pm.expect(response).to.own.property("region");
pm.expect(response).to.own.property("userType");
});
4. Verify Data Type of Property Values
Consider the above example, We have a property called phone number where we are expecting only numbers, not a string, If it returns a string then something is wrong, when we have assertions for these, errors can be caught easily at an early stage
Let's see how to do it.
x
pm.test('Verify data type of property values', () => {
response = pm.response.json();
pm.expect(response.userId).to.be.a('string');
pm.expect(response.jobTitle).to.be.a('string');
pm.expect(response.phoneNumber).to.be.a('number');
pm.expect(response.email).to.be.a('string');
pm.expect(response.firstName).to.be.a('string');
pm.expect(response.lastName).to.be.a('string');
pm.expect(response.userName).to.be.a('string');
pm.expect(response.country).to.be.a('string');
pm.expect(response.city).to.be.a('string');
pm.expect(response.department).to.be.a('string');
pm.expect(response.region).to.be.a('string');
pm.expect(response.userType).to.be.a('number');
});
5. Verify for Empty String Values, Null, 0
This is the common error we get in API response. due to some internal code changes. Most often API response of some property values adds default values either null, 0, or ' ' (empty string). This needs to be validated.
xxxxxxxxxx
pm.test('Verify Empty string, null, 0 or Default Values', () => {
response = pm.response.json();
pm.expect(response.userId,'Invalid UserID').to.be.not.oneOf([null,'',0]);
pm.expect(response.jobTitle,'Invalid Job Title').to.be.not.oneOf([null,'',0]);
pm.expect(response.phoneNumber,'Invalid Phonenumber').to.be.not.oneOf([null,'',0]);
pm.expect(response.email,'Invalid Email').to.be.not.oneOf([null,'',0]);
pm.expect(response.firstName,'Invalid First Name').to.be.not.oneOf([null,'',0]);
pm.expect(response.lastName,'Invalid Last Name').to.be.not.oneOf([null,'',0]);
pm.expect(response.userName,'Invalid User Name').to.be.not.oneOf([null,'',0]);
pm.expect(response.country,'Invalid Country').to.be.not.oneOf([null,'',0]);
pm.expect(response.city,'Invalid City').to.be.not.equal(null);
pm.expect(response.department,'Invalid Department').to.be.not.oneOf([null,'',0]);
pm.expect(response.region,'Invalid Region').to.be.not.oneOf([null,'',0]);
pm.expect(response.userType,'Invalid User Type').to.be.not.oneOf([null,'']);
});
6. Verify Static Values for the Particular Request (Optional)
If your request has static values, then you can assert that too.
For example in our case userType is always 1 you can assert that.
x
pm.test('Verify Static Values', () => {
response = pm.response.json();
pm.expect(response.userType).to.equal(1);
});
We have created API Tests for Valid Request, It is equally important to have a negative test case.
Create Tests for Invalid Data
It is important to write negative tests, what happens if I pass an invalid user name
Let's consider scenarios again.
1. Validate Response Status
In the above, since it is an invalid request, we are expecting 404
We can write tests like below.
x
pm.test("Verify Reponse Status 404", function() {
pm.response.to.have.status(404);
});
2. Validate Reponse Format
In the above case, it will be not JSON, rather it returns string just "Not Found"
x
pm.test('Verify Response Format',()=>{
pm.response.to.be.not.json;
pm.expect(pm.response.text()).to.be.a('string');
})
3. Verify Response String
Unlike, Valid Request we know what will be response text in most of the cases we can directly assert the response string.
xxxxxxxxxx
pm.test('Verify Response Text',()=>{
pm.expect(pm.response.text()).to.equal('Not Found');
})
Hope this article helps you in getting the context of API Tests
Opinions expressed by DZone contributors are their own.
Comments