An API (Application Programming Interface) is a collection of software functions and procedures, called API calls, that can be executed by other software applications.
Application developers code that links to existing APIs to make use of their functionality. This link is seamless and end-users of the application are generally unaware of using a separately developed API.
API testing is different from GUI testing and mainly concentrates on the business logic of the software. This testing won’t concentrate on the look and feel of an application.
Instead of using standard user inputs and outputs, in API Testing, you use software to send calls to the API, get output, and note down the system’s response.
Tests performed in API Testing
Return Value based on input condition – The return value from the API’s are checked based on the input condition.
Verify if the API’s does not return anything.
Verify if the API triggers some other event or calls another API. The Events output should be tracked and verified.
Verify if the API is updating any data structure.
Best Practices of API Testing
- Prioritize API function calls so that it will be easy for testers to test.
- Each test case should be as self-contained and independent from dependencies.
- Avoid “test chaining” in your development.
- To ensure complete test coverage, create test cases for all possible input combinations of the API.
Types of Bugs that API testing detects
- Unused flags.
- Missing or duplicate functionality.
- Security Issues.
- Multi-threading issues.
- Performance Issues. API response time is very high.
- Incorrect handling of valid argument values.
- Response Data is not structured correctly (JSON or XML).