What is API testing?

  • Presentation Layer or user interface
  • Business Layer or application user interface for business logic processing
  • Database Layer for modeling and manipulating data
  • Language Independent: Data is exchanged via XML and JSON, so any language can be used for automation, independent from the languages used to develop the application.
  • GUI Independent: API testing can be done to check the core functionality of the application to expose small errors and to evaluate a build’s strength. Also, we can test the APIs without a user interface.
  • Faster Releases: The test cases that take about 8–10 hrs when executing UI regression testing take only about 1–2 hrs with API testing. This allows companies to release builds faster with API testing.
  • Improved Test Coverage: Most API’s have features, that allow a tester to create automated test with high test coverage including functional testing and non-functional testing. We can rarely find test cases that can’t be automated.
  • Reduce Testing Cost: With API testing we can find minor bugs before the GUI testing. Usually, these minor bugs will become bigger during GUI testing. So finding those bugs while performing API testing will be cost effective.
  • Functionality Testing — Functional testing is simply a test of specific functions within the codebase. These functions in turn represent specific scenarios to ensure that the API functions within expected parameters, and that errors are handled well when the results are outside of the expected parameters.
  • Reliability Testing — To check if API can be consistently connected to and lead to consistent result.
  • Validation Testing — Helps verify the aspects of product, behavior, and efficiency of an API
  • Load Testing — Load testing generally occurs after a specific unit or the whole codebase has been completed. This technique checks if the theoretical solutions work as planned. Load testing monitors the app’s performance at both normal and peak conditions.
  • UI Testing — It involves testing the user interface for the API and other integral parts
  • Security Testing — To test that the API is secure against all possible external threats; consists of authentication, permission, access control and validation of encryption methodologies.
  • Penetration Testing — To detect vulnerabilities of an application from an attackers perspective
  • Fuzz Testing — In fuzz testing, a vast amount of random data (referred to as “noise” or “fuzz”) will be input into the system to detect any forced crashes or negative behaviors. This technique tests the API’s limits to prepare for the “worst-case scenarios.”
  • Integration Testing — Ensure all the APIs connected to each other and communication properly by validating the flow of data and information between the API connection.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store