API testing is a critical function for most modern web and mobile applications. When interfacing with external applications, API testing is critical, and API testing is becoming a requirement for the internal parts of your application as well. Even when a UI is available, API tests often execute more quickly, break less frequently, and allow for more flexibility in a microservices environment.
As we’ve covered in our other series, Postman is the most popular tool when it comes to API testing. So, we’re going to focus on creating your first API test with Postman. But first, let’s start by understanding what an API is, and how we can best approach testing them, independent of any tool.
Postman Tutorial Chapters
- Overview – The Ultimate Postman Tutorial for API Testing
- You’re here → Chapter 1 – Getting started with Postman for API Testing
- Chapter 2 – Understanding API Authorization Options in Postman
- Chapter 3 – Using Postman for Automation Testing
- Chapter 4 – Using Test Scripts in Postman
- Chapter 5 – Running Postman in CI using Newman
- Chapter 6 – Creating Mocks with Postman
An API, or Application Programming Interface, is a way for programs to talk to each other. Essentially an API is just an interface that defines the ways that scripts or programs can communicate with an application or service.
There are many APIs available and companies provide APIs externally that let you programmatically interact with their services (think Twilio, Stripe, or Plaid for example). The most common type of API you will see when testing modern internet applications is a REST API. These APIs follow a certain set of guidelines. We don’t need to get into what all those guidelines are here, but what these guidelines mean is that we can expect to be able to call REST APIs in certain ways.
For REST API testing we will need to specify an endpoint that we want to use. Endpoints define some kind of resource on a server that we want information about. We also need to define an http method. These methods are things like GET, POST, PUT, DELETE, etc. and they tell the server whether we are trying to retrieve information or what kinds of modifications we would like the application to do.
Testers are used to thinking about the UI or User Interface when they think about software, but APIs are also interfaces that need testing. Because they are programming interfaces, we do need the help of tools in order to test them effectively. One of the tools that work well for this is Postman.
Postman is a powerful API testing tool that enables exploratory and automated API testing. It also has many other features for interacting with and improving APIs. Originally Postman was a simple Chrome extension, but it has become more powerful and has become a full fledged desktop application and so in order to get started with API Testing using Postman you will need to install it.
The easiest way to do that is to go to https://www.postman.com/downloads/ and download the version for the OS you are on. There are versions for Windows, Linux and Mac. Once you have downloaded it simply run the installer as you would any other program and within minutes you will have Postman installed and ready to go on your computer.
Postman setup is straightforward. Simply open the Postman app that you just installed. The first time you open it Postman will ask you to sign in. You can create a free account at this point. The free account is helpful for being able to integrate some of the online capabilities of Postman (like sharing and viewing reports) with the tests that you run locally.
Once you are logged in, you can start creating API requests. Postman provides you with a number of building blocks that you can use to put together various kinds of API testing. Simply click on the New button at the top left hand side of Postman to see the various building blocks available.
We will get into more details about how to use these different building blocks in various aspects of API testing as we work through this tutorial, but for now, let’s start simple by making our first request.
Click on the Request building block and enter in a name for your request. You will also need to specify a place for this request to live. Generally, Postman requests are organized into folders called Collections. For now, we can just create a collection called JsonPlaceHolder by scrolling down a little on the dialog and clicking on the Create Collection button, typing in the collection name you want, and click on the check mark to create a collection with that name.
You can now click on the Save to JsonPlaceHolder button to create a request that will automatically be placed in the JsonPlaceHolder collection.
Now it’s time for that exciting first step – Sending off your first API request! 🎉 To do that, simply type https://jsonplaceholder.typicode.com/users into the Request Url field and then click on the Send button.
Postman will take care of everything else for you automatically. It will add any headers or other information that you might need and send off the request and within a second or two you should see the response in the Body field at the bottom of the page.
In this case, the API has returned json data in the form of a list of dictionaries that include information about various users.
You’ve done it! You’ve sent off an API request with Postman. Let’s take a minute to just review what exactly you’ve done. You might not realize it, but you’ve specified the two things a RESTful API needs. You specified the endpoint of course when you put in the url, but how did you specify the http method? 🤨 Well, if you look closely you can see that there is a drop down beside the url field where you can specify the http method that you want to use. Postman defaults to send GET requests, but you can easily change this to any other http method that your API supports.
API testing with Postman certainly consists of a lot more than just sending off a request or two. We will dive a lot deeper into ways that Postman enables good API testing, but even with what you know right now you can start to do some testing. You can send requests to API endpoints and investigate the responses you get back to see if they make sense and meet the user’s needs. You can even manually compare data between different requests to see if they match. For example, if you look at the first user in the list that we got back from jsonplaceholder it should look like this:
So now let’s modify the url and add /1 to the end of it, and send that request:
This time when the request comes back, instead of having information about all the users, it only has information about that first user (with the id “1”). Looking at the results for that we can see that we get the same information from this route as we do from the full users list which means our test is working as we expect it to.
At this point, you might be thinking that there is a lot of manual testing and verification involved in the API testing process. You’re right, but don’t worry – we will be covering ways that you can leverage automation to doing comparisons like the one we just performed later into this tutorial. For now though, spend a few minutes practicing with what you know. Find an API endpoint in your application and send requests to it. Explore the API of your application a bit and see what you can find. Congratulations, you are doing API testing! 💪