API Testing using Postman

Tram Ho

1. Introduction

The API , short for Application Programming Interface , is a defined set of rules, containing well-defined communication methods. APIs help different software components interact with each other.

What is API testing ? It is a test suite to see if the APIs meet expectations in terms of functionality, reliability, performance and security and return accurate responses. Put simply, it is used to determine if the output is well structured and useful for another application, checks the response based on the input (required) parameter and checks whether the API is missing. how much time to retrieve and authorize data

Postman is an application for testing APIs by sending a request to the web server and receiving a response from the server.

  • It allows the user to set all headers and cookies that the API expects and check the response.
  • Productivity can be increased by using some of Postman’s features, listed below.

A test in Postman is basically a piece of JavaScript code, which runs after the request is sent and receives a response from the server.

2. Install and use Postman

This is quite easy, you go to www.getpostman.com to see instructions for downloading and installing offline.

Postman is easy to use with friendly interface, and especially has dark theme (most developers prefer dark theme ? )

The methods that postman supports

Postman supports us to format and beauty the results returned from the server

When using postman, we usually (only) pay attention to two main components, namely:

  1. HTTP Request
  2. HTTP Response

2.1. HTTP Request

The HTTP Request contains information about methods, URLs, headers, Request Body, Pre-request Script and Tests.

Request methods As shown above, postman provides us with quite a few methods. Among them POST, PUT, GET, DELETE are 4 methods that we often use:

  • POST Request – Use for creating or updating data (updating data can be used for post or put)
  • PUT Request – Use for updating data
  • GET Request – Used for retrieving data
  • DELETE Request – Use to delete data

Request URL : The address we sent request Request Headers : contains header information in the form of key-value . In the request header, we have

  • Content-Type : describes the format of the data, for example application/json .
  • Authorization : contains information about authorization, such as authorization token , using user form submissions.

Request Body : Contains the data we want to send to the server:

Pre-request Scrip : Contains a small piece of code that runs before sending a request

For example, we reset a global value before sending a request based on an env

Tests in Postman

In postman we can write and run tests for each request using javascript. For example:

Test Script

Test Result

2.2. HTTP Response

After we send the request, the API returns the results including body, cookie, headers, tests, status code and response time.

There are quite a few status codes that api can return, here are some common status codes during use:

  • 200 – For Successful request.
  • 201 – For successful request and data was created.
  • 204 – For Empty Response.
  • 400 – For Bad Request. The request could not be understood or was missing any required parameters.
  • 401 – For Unauthorized access. Authentication failed or user does not have permissions for the requested operation.
  • 403 – For Forbidden, Access denied.
  • 404 – For data not found.
  • 405 – For Method Not Allowed or Requested method is not supported.
  • 500 – For Internal Server Error.
  • 503 – For Service Unavailable. Please excuse me not to translate these error codes

3. Test Scripts in Postman

As mentioned above, we can write and run tests for each request in javascript. The code added to the Tests tab will be run after receiving the reponse. You can add as many tests as you like. Most tests can be written in one line of js code ?

Some basic tests:

Check status code to 200

Check the response containing the desired text:

Check reponse returned by a text or not:

Check the value in json

Check response time

Check request completed or not

Check the content type of the header

Overview of Postman Behavior Driven Development (Postman BDD)

Postman BDD allows to use BDD syntax to structure tests and fluent Chai-JS syntax to write assertions. So the above test cases could look like as below: Postman BDD allows using BDD syntax to check structure and Chai-JS syntax to write assertions . So the above tests might look like the following:

Check the content type

Check the Status code is 200:

Check response time

Features & Benefits of Postman BDD

  • Easy syntax: as you can see above, with the use of Chai-JS syntax, tests become much easier to learn and write.
  • Error Handling: If an error occurs in some tests, other tests will still work. If written in pure js, then post-test errors with errors will not run.
  • Lots of Assertions: with Chai-JS ‘s assertions , checking data is much easier with manual comparison (pure js code)
  • JSON Schema Validation: you can check the structure of json returned from the server using response.body.should.have.schema(someJsonSchema)
Share the news now

Source : Viblo