Postman: Best Practices for API Testing
API stands for Application Programming Interface. It acts as an intermediary to communicate between two applications or electronic devices over the world wide web (www). API provides interoperability between different kinds of hardware and software platforms. API supports different HTTP methods like GET, POST, PUT, and DELETE in the browser.
There are several API testing tools available, such as POSTMAN, SOAP UI, JMeter, REST-Assured, Katalon Studio, etc, and QAs prefer to use the Postman tool over others.
Why opt for Postman?
- Free, open-source, and easy to install
- Easy to create Collection/Test suite
- Easy to create and maintain requests in the folder structure
- Facility to create multiple environments and maintain test data (Global and Local level)
- Easy to maintain execution order of requests
- Reusability of defined functions
- Easy to export and import collection
- Allows data-driven testing using .csv and .json file
- Easy to run remotely
- Allows integrating with CI tools like Jenkins using the Newman Command line tool
- Allows to collaborate and work with teams
- Supports all platforms
- Wide helping community present
Let’s get started with best practices
Suppose we want to test Google Map API. For this test, we need the below scenarios.
- Add Location in Google Map
- Update existing Google Maps location
- Get/Fetch location from Google Map
- Delete location from Google Map
Now consider best practices to test the above scenarios.
Understand application flow
As per the API specification document, QAs should first understand and analyze end-to-end the flow of the application and decide on the testing scope. Then, define the sequence of requests to be executed.
Consider the scenario where we need to add, view, edit, and delete operations on a Google map location. Then, as per requirement, we need to execute HTTP request methods in the below sequence:
- POST request: To create a new Google map location
- GET request: To fetch created Google map location data
- PUT request: To update/edit created Google map location data
- GET request: To check whether Google map location is updated or not
- DELETE request: To delete Google map location
Set up Postman environments
If we want to execute a created request on different test environments like QA, Dev, Stage, and Prod, we need to create those required environments in Postman. It will help to execute the above-created API requests in the required environment without changing test requests. It will reduce the testing efforts and number of requests.
Create collection to organise requests
Suppose we want to create a Test suite like Smoke, Sanity, and System test requests, then we can create folders under the collection as per suite and Organise the API requests by placing them in their respective folder. It helps to maintain the requests as shown below.
Define local level and global level variables
In the above example, when we send POST requests to create a Google map location, then in the API response, we get “place_id”. The same value we use in other HTTP requests like GET/PUT/DELETE requests to perform CRUD operations.
In that case, we should define the test data in global and local variables based on where they will be used. We can use these variables in the script, making it readable and understandable. Moreover, only when something changes we need to update it in one place to reflect in all tests.
Write tests for each request
For the above scenarios, we need to add requests, and under the Test tab, we need to write tests and validate the response (status code, response time). Run the tests and get the request pass/fail status.
Identify reusable functions
We should identify and list the reusable functions to reduce code repeatability and increase maintainability.
Add pre-request scripts and post request script
We can add pre-request and post-request scripts to be executed before and after each request for the above scenarios. It will help in better readability of the execution report and avoid duplication of requests.
Collection Level Pre-request Script:
These scripts will apply to all requests which are present under the collection.
Folder Level Pre-request Script:
These scripts will apply to all requests which are present under the folder.
This script will apply only to individual requests.
Define tests execution sequence
In the above example, we need to define the test execution sequence like Create Google map location (POST), Update Google map location (UPDATE), retrieve Google map location (GET), and delete Google Map location (DELETE). API sequencing will help to execute the API requests in the expected order. Users can test the end-to-end flow of the application in a single click using this feature.
Prepare test data
In the above example, suppose we want to perform data-driven testing for Create Google Map location API, then we can store test data in CSV or JSON files. And execute N-Number of time requests repeatedly. It's important to identify test data so that it covers positive and negative use cases, and stores them in their respective files.
Share workspace and collaborate
Multiple QA resources can work on the same collection by sharing a workspace, which helps in versioning control. In Postman, we can use the Share option available to allow other team members to collaborate.
Implement continuous integration
With the help of the Newman tool, we can execute exported collections on remote or local machines using a command-line interface. The command is the ‘newman run <collection name>’ command.
With CI tools like Jenkins, we can schedule, trigger, and execute the Postman collection every day, and check application health.
Postman is the must-have tool for effective API testing for any project. By following the above steps, you can easily set up and implement API testing in your project. Additionally, combining manual with automated testing using the CI tool makes API testing more reliable and efficient.