Test an API: A Complete Guide Using Postman

Test an API: A Complete Guide Using Postman

API Testing using Postman

What is an API- Examples of API

An API (Application Programming Interface) is a mechanism used for communication between two applications. It acts as a messenger which sends the request from the requester to the provider and gets back the response from it.

The API architecture is a client server architecture where the requester of the service is called the client and the provider is called the server. It helps to build a specific functionality using very little code and with the help of reusable components (APIs). With this reuse, you can reduce time required for developing repetitive but complex processes.

Examples of API-

  1. Flight booking websites use the APIs provided by the various flight companies. Using these APIs, the sites are able to provide updated data of various flights.
  2. Google Maps API: these can be used in various ride booking applications.
  3. Weather forecast APIs
  4. YouTube APIs: using these developers can integrate YouTube videos into their websites.

API Architecture, Protocol and Methods

Protocols is a set of rules defined for API Calls. There are different API architectures like REST, RPC, SOAP which define different set of protocols.

  • REST (Representational state transfer)- It is a client server based architectural protocol which uses XML or JSON to send and receive data.
  • RPC (Remote Procedural Calls): These are designed to call methods. Two types are – XML RPC and JSON RPC.
  • SOAP (Simple Object Access Protocol): It is an XML based protocol and uses WSDL for client server communication.

REST API Methods:

  • GET: it is a HTTP method used to retrieve the data from the server.
  • POST: it is a HTTP method to send data to the server to create or update a resource.
  • PUT: it is a HTTP method to used to completely update data at the resource.
  • PATCH: it is a HTTP method to partially update data at the resource.
  • DELETE: it is a HTTP method to delete the data at the resource.

POST request always creates data at the resource (does not matter if it was duplicated). PUT request checks if resource exists then updates, else creates new resource. PATCH request always updates data at the resource.

API Testing: Is a type of testing used to determine if the developed APIs meet the expectations.

API Testing Tools: some of the top API Testing tools available in market are as below:

  • Katalon Studio
  • Postman
  • Apigee
  • JMeter
  • REST Assured
  • Assertible
  • Soap UI etc

How to Pick an API Testing Tool?

We must consider below points for selection of an API Tool:

  • Requirements
  • Complexity
  • CI/CD Integration
  • Interoperability
  • Easy to use Interface (User friendly GUI)

Postman

Postman is a complete platform to develop, test and manage API Services.

Features:

  • Open-Source Tool. (Paid version available for additional features).
  • User friendly GUI.
  • Runs on MAC, Linux, and Windows.
  • Provides features like collections, workspaces, built in tools, scripting etc.
  • It allows to create, save, and send REST requests.
  • It provides support for multiple authorization protocols
  • Provides built in support for Variables
  • Pre request scripts and Test scripts
  • Allows to create personal, team, private workspaces.

Installing Postman:

  • Visit google.com
  • Search for postman.
  • Click on download for Windows/ Mac/Linux.
  • Choose OS bits (32bit or 64 bit).
  • Double click on the downloaded .exe file and follow the steps to install. Postman

UI:

It is divided in 4 main sections:

  • Header section
  • Sidebar section
  • Builder section
  • Status bar section

Workspaces in Postman:

Workspaces help to organize your APIs and helps in collaboration across the team/organization/world. Postman provides 4 types of workspaces: Personal, Private, Team, Public.

#

Collections in Postman

Collections help to group multiple requests of similar type in one group. We can run collections manually, or we can schedule collection runs (useful for automation testing).

#

Running Collections:

#

Select the requests to run, the option how you want to run the collection (Manually/scheduled), the number of iterations and click on run new collection button. The results of the run will be displayed.

#

How to use Postman to Test an API

Sending Request in Postman

Using postman we can create a request, send the request to the server, get the response, and verify the response.

We need to enter the URL of Endpoint, the HTTP method, the body of request (if any) and the click on the send button at the right corner.

#

We can either create a standalone new HTTP request (Clicking the “New” button besides Workspace), or create a new request inside a collection.

#
#

Get Request:

It retrieves data from the URL. It is a read-only request and will not do any changes to the endpoint URL.

Example: https://simple-books-api.glitch.me/Status Steps:

  • Select request type as GET
  • Provide request URL.
  • Click on send button.
  • We get 200 OK message

#

Post request:

It is used to post data at the specified URL. Example:

https://simple-books-api.glitch.me/orders Steps:

  • Select request type as POST.
  • Provide request URL.
  • Provide Authorization (Bearer Token).
  • In body select raw and format as JSON and enter the order details as:
    {
    “bookId”: 1, “customerName”: “test”
    }
  • Provide request URL.
  • We get 200 OK message

#

Put request:

It is used to completely update the data at the resource.

Example: reqres.in/api/users/2

Steps:

Select request type as PUT.

  • Provide request URL.
  • In body select raw and format as JSON and enter the order details as:
    {
    “name”: “test”, “job”: “developer”
    }
  • Provide request URL.
  • We get 200 OK message

#

Delete request:

It is used to delete the data at the specified resource. Example:

https://simple-books-api.glitch.me/orders/orderId Steps:

  • Select request type as DELETE
  • Provide request URL.
  • Provide Authorization (Bearer Token).
  • In the request URL mention the order id to be deleted
  • We get 204 no content response

#

Creating new APIs

We can also create new APIs in the workspace. You must sign in to postman account to create an API.

Steps:

  • Name the API
  • Select option for creating API (with or without repository)
  • For the new API, create new definition/add collection and start working by adding requests

#
#

Scripting in Postman

Postman allows you to add codes which will execute at specific points thereby adding dynamic behaviour to the requests and this can be done using scripting. In postman we can add scripts at different levels like collection level, folder level, request level.

There are two types of scripting:

  • Pre-request scripts: these run before executing the request.
  • #

  • Test Script: these run after the
  • #

Disadvantages of Postman

  • Postman is good for testing RESTful APIs but not for SOAP APIs and other APIs.
  • Users will probably not be able to reuse their pre-written scripts.
  • Postman does not provide more integration capabilities
  • Postman is highly recommended for manual API testing but has limitations when it comes to advance and in-depth APIs tests.