DEV Community

Cover image for Build strong foundation to API Testing in 5 mins
Qaiser Abbas
Qaiser Abbas

Posted on

Build strong foundation to API Testing in 5 mins

Brief Introduction

Generally we conduct software testing to find bugs in an application, to offer an error free product to our clients. The performance of API is also important considering that it is responsible for processing user requests. An important dimension to API testing is security as well. If an API is vulnerable to security threats, the product as a whole may suffer and as a result we may lose out on our client base. If API fails to offer an edge, then irrespective of how easily an application is available, it won't gain acceptance among people.

API Testing Benefits

  1. Coverage and Speed of Testing: It could take up to 30 hours to run over 300 UI tests, while 300 API tests can be run in under 3 minutes. Users will be able to find more bugs in a shorter amount of time, so that they can be fixed immediately.
  2. Faster Resolution Time: Whenever an API test fails, users usually know where the issue is in the system. This reduces time triaging bugs between different team members, integrations, and builds.
  3. Efficient Test Maintenance: UIs are always moving and changing, based on their accessibility through browsers, screen orientation, or devices, which creates a scenario where tests must be rewritten in order to keep up with the code that’s currently in production. API changes are more infrequent and controlled.
  4. Early Testing: Tests can be performed to validate accuracy in data and responses with API testing. Users no longer have to wait for their teams to complete their work or for entire applications to be created, as test cases are isolated and can be built right away.

How is testing the API different from GUI testing?
1) It requires knowledge of inner workings.
2) Access to source code - The availability of the source code would help tester to understand and analyze the implementation mechanism used

Types of Bugs API Testing Can Detect

  • Incorrectly structured response data (XML or JSON)
  • Improper management of valid argument values
  • High API response times and performance issues
  • Multi-threading issues
  • Security issues
  • Difficulty with getting responses from API or connecting to API (reliability issues)
  • Duplicate or missing functionality
  • Unused flags
  • Doesn’t handle error conditions properly

Test scenarios for Api Testing:
Normally test cases fall into the following general test scenarios:

  • Basic positive tests (happy paths)
  • Extended positive testing with optional parameters
  • Negative testing with valid input
  • Negative testing with invalid input
  • Destructive testing is a deeper form of negative testing where we intentionally attempt to break the API to check its robustness (for example, sending a huge payload body in an attempt to overflow the system).
  • Security, authorization, and permission tests

Follow me : Qaiser Abbas


Discussion (0)