Today I am pouring my thoughts on API testing. API testing really differs from GUI or UI testing. So, we may want to strategize our testing methodology a bit. If we need to modify our test strategy then first question would arise what is an API and how & in what perspective it is different than GUI/UI and why anything extra needs to be done/ learn for performing API testing.
An API, as most of you already know, is an application programming interface (API) and is a set of programming instructions or set of rules and specifications for accessing web based applications/ tools. An API can communicate with other APIs or GUIs or UIs. It is a kind of interface between different software programs and facilitates their interaction, similar to the way the phones facilitates interaction between one person to another
Why an API is different than GUI/UI
There could be many more reasons. However First and foremost reason would be an API is basically an interface for accessing the application but UI is the interface of an application.
To get started for performing the API testing, following points need to be followed.
1.Setup initial environment – The settings could be configuring database, creating / managing jobs for server start/ stop or the test environment set up etc.
2.Invoke API with required set of parameters – Invoking could happen may be via database triggers or an action.
3.Finally analyze the result. – At this point final data or the status, depending upon the type of API, is analyzed.
Though not all the scenarios could be tested for an API or the set of API. However, we could test the following
a. Return value based on input condition : Let’s say the input is 2 integer values int a , int b and we need to get the addition result in another API. So both the positive / negative scenario could be tested out of it. I mean here input might be ‘2’ and ‘3’ and output would be ‘5’. Tester, in this case, won’t have any visibility to see the code.
b. Does not return anything: When API does not return anything unlike the above case, then we need to find some mechanism to check the data or the outcome. For ex test case for delete function. We need to check if the delete function has deleted a particular object or file from the UI /database etc.
c. Trigger some event/API/interrupt: For testing APIs which triggers other APIs, we need to keep a check on the trigger and see the outcome.
d. Update data structure: APIs also update the data structure. So for checking that we need to get to know the data structure in advance before executing the test case and then validate the data structure later on.
So to summarize, we should take care of the following things.
- Some knowledge to identify or write the code is required.
- Equivalent class and boundary value analysis is needed.
- Focus on most likely scenarios