1. Introduction
The API , short for Application Programming Interface , is a defined set of rules, containing well-defined communication methods. APIs help different software components interact with each other.
What is API testing ? It is a test suite to see if the APIs meet expectations in terms of functionality, reliability, performance and security and return accurate responses. Put simply, it is used to determine if the output is well structured and useful for another application, checks the response based on the input (required) parameter and checks whether the API is missing. how much time to retrieve and authorize data
Postman is an application for testing APIs by sending a request to the web server and receiving a response from the server.
- It allows the user to set all headers and cookies that the API expects and check the response.
- Productivity can be increased by using some of Postman’s features, listed below.
A test in Postman is basically a piece of JavaScript code, which runs after the request is sent and receives a response from the server.
2. Install and use Postman
This is quite easy, you go to www.getpostman.com to see instructions for downloading and installing offline.
Postman is easy to use with friendly interface, and especially has dark theme (most developers prefer dark theme )
The methods that postman supports
Postman supports us to format and beauty the results returned from the server
When using postman, we usually (only) pay attention to two main components, namely:
- HTTP Request
- HTTP Response
2.1. HTTP Request
The HTTP Request contains information about methods, URLs, headers, Request Body, Pre-request Script and Tests.
Request methods As shown above, postman provides us with quite a few methods. Among them POST, PUT, GET, DELETE are 4 methods that we often use:
- POST Request – Use for creating or updating data (updating data can be used for post or put)
- PUT Request – Use for updating data
- GET Request – Used for retrieving data
- DELETE Request – Use to delete data
Request URL : The address we sent request Request Headers : contains header information in the form of key-value
. In the request header, we have
- Content-Type : describes the format of the data, for example
application/json
. - Authorization : contains information about authorization, such as
authorization token
, using user form submissions.
Request Body : Contains the data we want to send to the server:
Pre-request Scrip : Contains a small piece of code that runs before sending a request
For example, we reset a global value before sending a request based on an env
Tests in Postman
In postman we can write and run tests for each request using javascript. For example:
Test Script
Test Result
2.2. HTTP Response
After we send the request, the API returns the results including body, cookie, headers, tests, status code and response time.
There are quite a few status codes that api can return, here are some common status codes during use:
- 200 – For Successful request.
- 201 – For successful request and data was created.
- 204 – For Empty Response.
- 400 – For Bad Request. The request could not be understood or was missing any required parameters.
- 401 – For Unauthorized access. Authentication failed or user does not have permissions for the requested operation.
- 403 – For Forbidden, Access denied.
- 404 – For data not found.
- 405 – For Method Not Allowed or Requested method is not supported.
- 500 – For Internal Server Error.
- 503 – For Service Unavailable. Please excuse me not to translate these error codes
3. Test Scripts in Postman
As mentioned above, we can write and run tests for each request in javascript. The code added to the Tests
tab will be run after receiving the reponse. You can add as many tests as you like. Most tests can be written in one line of js code
Some basic tests:
Check status code to 200
1 2 | tests <span class="token punctuation">[</span> “Status code is <span class="token number">200</span> ” <span class="token punctuation">]</span> <span class="token operator">=</span> responseCode <span class="token punctuation">.</span> code <span class="token operator">===</span> <span class="token number">200</span> <span class="token punctuation">;</span> |
Check the response containing the desired text:
1 2 | tests <span class="token punctuation">[</span> <span class="token string">"Body matches string"</span> <span class="token punctuation">]</span> <span class="token operator">=</span> responseBody <span class="token punctuation">.</span> <span class="token function">has</span> <span class="token punctuation">(</span> <span class="token string">"string_you_want_to_search"</span> <span class="token punctuation">)</span> <span class="token punctuation">;</span> |
Check reponse returned by a text or not:
1 2 | tests <span class="token punctuation">[</span> <span class="token string">"Body is correct"</span> <span class="token punctuation">]</span> <span class="token operator">=</span> responseBody <span class="token operator">===</span> <span class="token string">"response_body_string"</span> <span class="token punctuation">;</span> |
Check the value in json
1 2 3 | <span class="token keyword">var</span> data <span class="token operator">=</span> <span class="token constant">JSON</span> <span class="token punctuation">.</span> <span class="token function">parse</span> <span class="token punctuation">(</span> responseBody <span class="token punctuation">)</span> <span class="token punctuation">;</span> tests <span class="token punctuation">[</span> <span class="token string">"Your test name"</span> <span class="token punctuation">]</span> <span class="token operator">=</span> data <span class="token punctuation">.</span> value <span class="token operator">===</span> <span class="token number">100</span> <span class="token punctuation">;</span> |
Check response time
1 2 | tests <span class="token punctuation">[</span> <span class="token string">"Response time is less than 200ms"</span> <span class="token punctuation">]</span> <span class="token operator">=</span> responseTime <span class="token operator"><</span> <span class="token number">200</span> <span class="token punctuation">;</span> |
Check request completed or not
1 2 | tests <span class="token punctuation">[</span> <span class="token string">"Successful POST request"</span> <span class="token punctuation">]</span> <span class="token operator">=</span> responseCode <span class="token punctuation">.</span> code <span class="token operator">===</span> <span class="token number">201</span> <span class="token operator">||</span> responseCode <span class="token punctuation">.</span> code <span class="token operator">===</span> <span class="token number">202</span> <span class="token punctuation">;</span> |
Check the content type of the header
1 2 | tests <span class="token punctuation">[</span> ‘The Content <span class="token operator">-</span> Type is <span class="token constant">JSON</span> ’ <span class="token punctuation">]</span> <span class="token operator">=</span> postman <span class="token punctuation">.</span> <span class="token function">getResponseHeader</span> <span class="token punctuation">(</span> ‘Content <span class="token operator">-</span> Type’ <span class="token punctuation">)</span> <span class="token operator">===</span> ‘application <span class="token operator">/</span> json’ <span class="token punctuation">;</span> |
Overview of Postman Behavior Driven Development (Postman BDD)
Postman BDD allows to use BDD syntax to structure tests and fluent Chai-JS
syntax to write assertions. So the above test cases could look like as below: Postman BDD allows using BDD syntax to check structure and Chai-JS syntax to write assertions
. So the above tests might look like the following:
Check the content type
1 2 3 4 5 6 | <span class="token function">it</span> <span class="token punctuation">(</span> ‘should <span class="token keyword">return</span> <span class="token constant">JSON</span> ’ <span class="token punctuation">,</span> <span class="token punctuation">(</span> <span class="token punctuation">)</span> <span class="token operator">=></span> <span class="token punctuation">{</span> response <span class="token punctuation">.</span> should <span class="token punctuation">.</span> be <span class="token punctuation">.</span> json <span class="token punctuation">;</span> response <span class="token punctuation">.</span> should <span class="token punctuation">.</span> have <span class="token punctuation">.</span> <span class="token function">header</span> <span class="token punctuation">(</span> ‘Content <span class="token operator">-</span> Type’ <span class="token punctuation">,</span> ‘application <span class="token operator">/</span> json’ <span class="token punctuation">)</span> <span class="token punctuation">;</span> response <span class="token punctuation">.</span> type <span class="token punctuation">.</span> should <span class="token punctuation">.</span> <span class="token function">equal</span> <span class="token punctuation">(</span> ‘application <span class="token operator">/</span> json’ <span class="token punctuation">)</span> <span class="token punctuation">;</span> <span class="token punctuation">}</span> <span class="token punctuation">)</span> <span class="token punctuation">;</span> |
Check the Status code is 200:
1 2 3 4 | <span class="token function">it</span> <span class="token punctuation">(</span> ‘should be a <span class="token number">200</span> response’ <span class="token punctuation">,</span> <span class="token punctuation">(</span> <span class="token punctuation">)</span> <span class="token operator">=></span> <span class="token punctuation">{</span> response <span class="token punctuation">.</span> should <span class="token punctuation">.</span> have <span class="token punctuation">.</span> <span class="token function">status</span> <span class="token punctuation">(</span> <span class="token number">200</span> <span class="token punctuation">)</span> <span class="token punctuation">;</span> <span class="token punctuation">}</span> <span class="token punctuation">)</span> <span class="token punctuation">;</span> |
Check response time
1 2 3 4 | <span class="token function">it</span> <span class="token punctuation">(</span> ‘should respond <span class="token keyword">in</span> a timely manner’ <span class="token punctuation">,</span> <span class="token punctuation">(</span> <span class="token punctuation">)</span> <span class="token operator">=></span> <span class="token punctuation">{</span> response <span class="token punctuation">.</span> time <span class="token punctuation">.</span> should <span class="token punctuation">.</span> be <span class="token punctuation">.</span> <span class="token function">below</span> <span class="token punctuation">(</span> <span class="token number">200</span> <span class="token punctuation">)</span> <span class="token punctuation">;</span> <span class="token punctuation">}</span> <span class="token punctuation">)</span> <span class="token punctuation">;</span> |
Features & Benefits of Postman BDD
- Easy syntax: as you can see above, with the use of
Chai-JS
syntax, tests become much easier to learn and write. - Error Handling: If an error occurs in some tests, other tests will still work. If written in pure js, then post-test errors with errors will not run.
- Lots of Assertions: with
Chai-JS
‘sassertions
, checking data is much easier with manual comparison (pure js code) - JSON Schema Validation: you can check the structure of json returned from the server using
response.body.should.have.schema(someJsonSchema)