API Testing and Development with Postman

Book description

Explore the world of APIs and learn how to integrate them with production-ready applications using Postman and the Newman CLI

Key Features

  • Learn the tenets of effective API testing and API design
  • Gain an in-depth understanding of the various features Postman has to offer
  • Know when and how to use Postman for creating high-quality APIs for software and web apps

Book Description

Postman enables the exploration and testing of web APIs, helping testers and developers figure out how an API works. With Postman, you can create effective test automation for any APIs. If you want to put your knowledge of APIs to work quickly, this practical guide to using Postman will help you get started.

The book provides a hands-on approach to learning the implementation and associated methodologies that will have you up and running with Postman in no time. Complete with step-by-step explanations of essential concepts, practical examples, and self-assessment questions, this book begins by taking you through the principles of effective API testing. A combination of theory coupled with real-world examples will help you learn how to use Postman to create well-designed, documented, and tested APIs. You'll then be able to try some hands-on projects that will teach you how to add test automation to an already existing API with Postman, and guide you in using Postman to create a well-designed API from scratch.

By the end of this book, you'll be able to use Postman to set up and run API tests for any API that you are working with.

What you will learn

  • Find out what is involved in effective API testing
  • Use data-driven testing in Postman to create scalable API tests
  • Understand what a well-designed API looks like
  • Become well-versed with API terminology, including the different types of APIs
  • Get to grips with performing functional and non-functional testing of an API
  • Discover how to use industry standards such as OpenAPI and mocking in Postman

Who this book is for

The book is for software testing professionals and software developers looking to improve product and API quality through API test automation. You will find this book useful if understand APIs and want to build your skills for creating, testing, and documenting APIs. The book assumes beginner-level knowledge of JavaScript and API development.

Table of contents

  1. API Testing and Development with Postman
  2. Contributors
  3. About the author
  4. About the reviewer
  5. Preface
    1. Who this book is for
    2. What this book covers
    3. To get the most out of this book
    4. Download the example code files
    5. Download the color images
    6. Conventions used
    7. Get in touch
    8. Reviews
  6. Section 1: API Testing Theory and Terminology
  7. Chapter 1: API Terminology and Types
    1. What is an API?
    2. Types of API calls
    3. Installing Postman
      1. Starting Postman
      2. Setting up a request in Postman
    4. The structure of an API request
      1. API endpoints
      2. API actions
      3. API parameters
      4. API headers
      5. API body
      6. API response
      7. Learning by doing – making API calls
    5. Considerations for API testing
      1. Beginning with exploration
      2. Looking for business problems
      3. Trying weird things
    6. Different types of APIs
      1. REST APIs
      2. SOAP APIs
      3. GraphQL APIs
      4. GraphQL API example
    7. Summary
  8. Chapter 2: Principles of API Design
    1. Technical requirements
    2. Start with the purpose
      1. Figuring out the purpose
    3. Creating usable APIs
      1. Usable API structure
      2. Good error messages
    4. Document your API
      1. Documenting with Postman
      2. Good practices for API documentation
      3. RESTful API Modeling Language
    5. Designing an API
      1. Case study – Designing an e-commerce API
      2. Modeling an existing API design
    6. Summary
  9. Chapter 3: OpenAPI and API Specifications
    1. Technical requirements
    2. What are API specifications?
      1. API specification terminology
      2. Types of API specifications
    3. Creating OASes
      1. Parts of an OAS
      2. Defining API schema
    4. Using API specifications in Postman
      1. Creating mocks from an OAS
      2. Creating tests from an OAS
    5. Summary
  10. Chapter 4: Considerations for Good API Test Automation
    1. Technical requirements
    2. Exploring and automating
      1. Exercise – considerations for good API test automation
      2. Writing good automation
      3. Types of API tests
    3. Organizing and structuring tests
      1. Creating the test structure
      2. Organizing the tests
    4. Creating maintainable tests
      1. Using logging
      2. Test reports
    5. Summary
  11. Section 2: Using Postman When Working with an Existing API
  12. Chapter 5: Understanding Authorization Options
    1. Understanding API security
      1. Authorization in APIs
      2. Authentication in APIs
    2. API security in Postman
      1. Getting started with authorization in Postman
      2. Using Basic Auth
      3. Using Bearer Tokens
      4. Using API keys
      5. Using AWS Signature
      6. Using OAuth
      7. Using Digest auth and Hawk authentication
      8. Using NTLM authentication
      9. Using Akamai EdgeGrid
    3. Security testing with Postman
      1. Fuzzing
      2. Command injection
      3. Authorization testing
      4. Integrating with Burp Suite
    4. Summary
  13. Chapter 6: Creating Test Validation Scripts
    1. Technical requirements
    2. Checking API responses
      1. Checking the status code in a response
      2. Checking the body of a response
      3. Checking headers
      4. Custom assertion objects in Postman
      5. Creating your own tests
      6. Creating folder and collection tests
      7. Cleaning up after tests
    3. Setting up pre-request scripts
      1. Using variables in pre-request scripts
      2. Passing data between tests
      3. Building request workflows
    4. Using environments in Postman
      1. Managing environment variables
      2. Editing environment variables
    5. Summary
  14. Chapter 7: Data-Driven Testing
    1. Technical requirements
    2. Defining data-driven testing
      1. Setting up data-driven inputs
      2. Thinking about the outputs for data-driven tests
    3. Creating a data-driven test in Postman
      1. Creating the data input
      2. Adding a test
      3. Comparing responses to data from a file
    4. Challenge – data-driven testing with multiple APIs
      1. Challenge setup
      2. Challenge hints
    5. Summary
  15. Chapter 8: Running API Tests in CI with Newman
    1. Technical requirements
    2. Getting Newman set up
      1. Installing Newman
      2. Running Newman
    3. Understanding Newman run options
      1. Using environments in Newman
      2. Running data-driven tests in Newman
      3. Other Newman options
    4. Reporting on tests in Newman
      1. Using Newman's built-in reporters
      2. Using external reporters
      3. Creating your own reporter
    5. Integrating Newman into CI builds
      1. General principles for using Newman in CI builds
      2. Example of using Travis CI
    6. Summary
  16. Chapter 9: Monitoring APIs with Postman
    1. Technical requirements
    2. Setting up a monitor in Postman
      1. Creating a monitor
      2. Using additional monitor settings
      3. Adding tests to a monitor
    3. Viewing monitor results
      1. Cleaning up the monitors
    4. Summary
  17. Chapter 10: Testing an Existing API
    1. Technical requirements
    2. Finding bugs in an API
      1. Setting up a local API for testing
      2. Testing the API
      3. Finding bugs in the API
      4. Resetting the service
      5. Example bug
    3. Automating API tests
      1. Reviewing API automation ideas
      2. Setting up a collection in Postman
      3. Creating the tests
    4. An example of automated API tests
      1. Setting up a collection in Postman
      2. Creating the tests
    5. Sharing your work
      1. Sharing a collection in Postman
    6. Summary
  18. Section 3: Using Postman to Develop an API
  19. Chapter 11: Designing an API Specification
    1. Technical requirements
    2. Creating an API specification
      1. Starting the file
      2. Defining the endpoints
      3. Defining parameters
      4. Adding additional responses
      5. Describing request bodies
      6. Using examples
    3. Adding the API to Postman
      1. Contract testing
    4. Understanding API versioning
      1. Thinking through when to create a new API version
    5. Summary
  20. Chapter 12: Creating and Using a Mock Server in Postman
    1. Technical requirements
    2. Different approaches to testing with mocks
    3. Setting up a mock server
      1. Creating a mock server from a specification file
      2. Creating a mock server from a collection
      3. Creating a new mock server from scratch
    4. Creating good mock responses
      1. Using default examples
      2. Creating custom examples
      3. Using dynamic variables in examples
      4. Responding based on parameters
      5. Understanding example matching
    5. Using mock servers
      1. Developing against a mock server
      2. Continuous planning with a mock server
      3. Testing with a mock server
    6. Summary
  21. Chapter 13: Using Contract Testing to Verify an API
    1. Understanding contract testing
      1. What is contract testing?
      2. How to use contract testing
      3. Who creates the contracts?
    2. Setting up contract tests in Postman
      1. Creating a contract testing collection
      2. Adding tests to a contract test collection
    3. Running and fixing contract tests
      1. Fixing contract test failures
      2. Sharing contract tests
    4. Summary
  22. Chapter 14: Design and Create an API
    1. Technical requirements
    2. Designing an API
      1. Setting up the challenge
      2. Challenge – Design a usable API
      3. Solution – Design a usable API
      4. Challenge 2 – Create an API specification file
      5. Solution 2 – Create an API specification file
    3. Setting up the API in Postman
      1. Challenge – Add an API and mock server in Postman
      2. Solution – Add an API and mock server in Postman
    4. Creating tests and documentation for the API
      1. Challenge – Add tests to the API
      2. Solution – Add tests to the API
    5. Sharing what you have done
    6. Summary
    7. Why subscribe?
  23. Other Books You May Enjoy
    1. Packt is searching for authors like you
    2. Leave a review - let other readers know what you think

Product information

  • Title: API Testing and Development with Postman
  • Author(s): Dave Westerveld
  • Release date: May 2021
  • Publisher(s): Packt Publishing
  • ISBN: 9781800569201