API TESTING
- vidyamoorthy90
- Oct 1
- 4 min read
Updated: Oct 16
Slide 1: What is API Testing?
API = Application Programming Interface
API Testing = Validating the logic, performance, and reliability of APIs
Usually done with tools like Postman, Newman, REST Assured, etc.
🧪 Slide 2: Types of API Testing
Functional Testing – Does it return the correct output?
Load Testing – Can it handle many requests?
Security Testing – Is it protected from attacks?
Validation Testing – Schema & response validation
Error Handling – Does it fail gracefully?
🔧 Slide 3: Tools Used in API Testing
Postman – GUI-based tool to send and test API requests
Newman – Run Postman collections via CLI (automation)
REST Assured – Java-based API testing library
Swagger – API documentation and testing
JMeter – For performance/load testing
1. API Testing Flow Diagram (Conceptual)
┌────────────────────┐
│ Postman App │
└───────┬────────────┘
│ Sends Request
▼
┌────────────────────┐
│ API Server │
│ (e.g., UserService)│
└───────┬────────────┘
│ Sends Response
▼
┌────────────────────┐
│ Postman Response │
│ (Status, JSON, etc)│
└────────────────────┘
✅ What happens:
Postman sends your request (GET, POST, PUT, DELETE).
The API server processes it.
The server sends back a response (data + status code).
Postman displays the result.
🧠 2. API Testing Lifecycle Diagram
[Design Request]
↓
[Set URL + Method]
↓
[Add Headers / Auth]
↓
[Add Request Body (if needed)]
↓
[Send Request]
↓
[View Response]
↓
[Validate Response]
↓
[Automate Tests]
⚙️ 3. Test Types Diagram
┌─────────────────────┐
│ API Tests │
└─────────┬───────────┘
│
┌────────────┼────────────┐
│ │ │
Functional Performance Security
Testing Testing Testing
Functional: Check if endpoints work (GET, POST, etc.)
Performance: Test speed, load, and response time
Security: Test tokens, authentication, and access control
📄 Slide 4: Common HTTP Methods in API Testing
GET – Retrieve data
POST – Submit new data
PUT – Update existing data
DELETE – Remove data
PATCH – Partial updates
✅ Slide 5: What to Validate in API Testing
Status codes (200, 201, 400, 401, 404, 500, etc.)
Response time
Response body (JSON/XML structure, fields)
Headers (Content-Type, Authorization)
Data consistency (in DB or cache)
🔁 Slide 6: Automation and CI/CD Integration
Use Newman to run collections in CLI
Integrate with Jenkins, GitHub Actions, or GitLab CI
Generate test reports (HTML, JSON)
Schedule automated API monitoring
Sample GET Request in Postman
API Endpoint
How to Set It Up in Postman
Open Postman.
Create a New Request.
Set method to GET.
Paste the URL:https://jsonplaceholder.typicode.com/posts/1
Click Send.
Expected Response
{
"userId": 1,
"id": 1,
"title": "sunt aut facere repellat provident occaecati excepturi optio reprehenderit",
"body": "quia et suscipit\nsuscipit..."
}
Adding a Basic Test Script
Go to the Tests tab and add:
pm.test("Status code is 200", function () {
pm.response.to.have.status(200);
});
pm.test("Response has title", function () {
var jsonData = pm.response.json();
pm.expect(jsonData).to.have.property("title");
});
Sample PUT Request in Postman
API Endpoint
How to Set It Up in Postman
Open Postman.
Create a New Request.
Set method to PUT.
Paste the URL:https://jsonplaceholder.typicode.com/posts/1
Go to the Body tab → Select raw → Choose JSON.
Enter the JSON body:
{
"id": 1,
"title": "Updated Title",
"body": "This is the updated content of the post.",
"userId": 1
}
Click Send.
Expected Response
{
"id": 1,
"title": "Updated Title",
"body": "This is the updated content of the post.",
"userId": 1
}
Adding a Basic Test Script
Go to the Tests tab and add:
pm.test("Status code is 200", function () {
pm.response.to.have.status(200);
});
pm.test("Response title is updated", function () {
var jsonData = pm.response.json();
pm.expect(jsonData.title).to.eql("Updated Title");
});
Sample DELETE Request in Postman
API Endpoint
This endpoint simulates the deletion of a post with ID 1.
🔧 How to Set It Up in Postman
Open Postman.
Create a New Request.
Set the HTTP method to DELETE.
Enter the URL:
Click Send.
✅ Expected Response
Upon successful deletion, the response should indicate that the resource was deleted. The status code is typically 200 OK or 204 No Content, and the response body may be empty or contain a confirmation message.
Example:
{}
🧪 Adding a Basic Test Script
To verify the success of the DELETE request, you can add a test script in the Tests tab:
pm.test("Status code is 200 or 204", function () {
pm.expect(pm.response.code).to.be.oneOf([200, 204]);
});
This script checks that the response status code is either 200 or 204, indicating a successful deletion.
Sample POST Request in Postman
API Endpoint
This endpoint simulates creating a new post.
🔧 How to Set It Up in Postman
Open Postman.
Create a New Request.
Set the HTTP method to POST.
Enter the URL:
Go to the Body tab → Select raw → Choose JSON.
Enter the JSON body:
{ "title": "My New Post", "body": "This is the content of the new post.", "userId": 1 }
Click Send.
✅ Expected Response
Upon successful creation, the response should include the newly created post's details, including an auto-generated id.
Example:
{
"id": 101,
"title": "My New Post",
"body": "This is the content of the new post.",
"userId": 1
}
🧪 Adding a Basic Test Script
To verify the success of the POST request, you can add a test script in the Tests tab:
pm.test("Status code is 201", function () {
pm.response.to.have.status(201);
});
pm.test("Response contains new post id", function () {
var jsonData = pm.response.json();
pm.expect(jsonData).to.have.property("id");
});
This script checks that the response status code is 201 (Created) and that the response contains an id property.
