Postman, which started as a chrome browser plugin, is now a complete GUI-based application and is used by more than 100,000 companies worldwide. Postman is one of the popular applications in the market used to create, test and document APIs. It allows users and testers of APIs to send HTTP requests and read their responses. An Application Programming Interface (API) is a construct in which one can send a request and tells a system what you want to do (usually after appropriate permissions are checked), the system returns a response back to you. An analogy is a waiter who interfaces with a restaurant’s kitchen, which is the system that prepares your order. The critical link is the waiter who delivers your food to the table, playing the role of the API in interacting with the system. For instance, when you book a ride with Uber or Lyft, the app itself doesn’t know how to calculate the route to the destination. The app actually calls the Google Maps or Esri API and waits for a response to provide the information. Hence, in most modern systems, we need independent API testing to validate our interconnected applications to determine if they meet expectations for functionality, accuracy, performance, reliability and security.
The following are different types of API testing:
- Functional testing – Tests the functionality in the system whether the code is doing the right thing.
- Unit Testing – Tests the functionality of an individual part of the system whether the code is doing the right thing.
- Load Testing or Performance Testing – Tests the performance of the system under high load.
- Security Testing – Tests what kind of authentication is required to access the API.
- Runtime Error Testing – Looks for errors detected during the execution of the system.
- WebUI Testing – Validates GUI items in the context of end-to-end integration.
Below, we see how to perform API testing using Postman. Many testers use Postman for its quick workflow that allows the set-up of all the headers and cookies that the API expects, while checking for the response. There are two main aspects to note in API calls:
- HTTP Request – this is the simplest way to make HTTP calls.
The HTTP Request contains the following: Request Method, Request URL, Request Headers, Request Body, Pre-Request Script and Tests.
Request Methods – This defines the variety of methods available to send data to the API. The list of available Request Methods in Postman includes:
The most frequently used Request Methods are:
- POST Request – For Creating or Uploading Data
- GET Request – For Retrieving/Fetching Data
- PUT Request – For Updating Data
- DELETE Request – For Deleting Data
Request URL – The URL is the link that the API communicates with.
Request Headers – The headers contain the key-value pairs sent with the request to the application. It describes the format of the object data for the request and response. It also includes an authorization token to identify the requester by getting new access token.
Request Body – The body is the place to customize details in a request.
Pre-Request Script – These are scripts that will be executed before the request.
Example of a Test Script:
- HTTP Response – When you send a request, the API sends a response which consists of Body, Cookies, Headers, Test Results, Status, Time and Size.
Get Requests in Postman:
Get Requests are used to retrieve information from a given URL
- Set your request method to GET
- Input the link
- Click Send button
- You will see 200 OK response (If the input is valid URL)
Post Requests in Postman:
- Set your request method to POST
- Input the link
- Switch to Body in order to tab and choose the raw JSON format
- Create a simple format in JSON as an input
- Click Send
- Status 201 should be displayed (if the post request has a correct format)
- JSON format should be displayed in the Body tab
In conclusion, using Postman for API testing is very helpful since it boosts productivity and makes testing tasks for APIs much easier and faster. We use Postman to create HTTP requests and validate that a specific API’s response is correct. It allows accessing the application without building a web GUI. Using Postman, we test the core and code-level functionality of the application to catch if there are any errors before the front-end web application is integrated.