API testing using Postman
As a tester of mobile apps, I often test the API of an app. There are several ways to test an API and an easy way to get started is using a tool like Postman.
I will start this workshop by explaining what an API is and how it works. Next, I’ll explain how Postman works and give you some exercises to practice with Postman and API’s. Enjoy this little workshop to get started using Postman.
What is an API?
API stands for Application Programming Interface, and it provides a way for the head
, in my case the app, to interact with the backend. A metaphor I like to use to explain what an API is, is that of a waiter in a restaurant. You tell the waiter
what you would like to eat or drink, and the waiter talks to the kitchen and comes back with your order.
You could use the API to log in on a server, or to get you specific data, for instance the weather forecast of a city. The API calls have clear rules that need to be followed in order to provide the data that is required. To log in, you will need a username and password, but also an APP-Token that tells the backend what head
is being used.
To make things a little clearer I created this visual:
The API is used to offer a collection of functions offered by the backend, and provides a uniform set of rules to communicate.
API CALLS
The API uses calls to the backend to provide the functionality. These calls consist of http requests and http responses, for example status codes, 200, 400 and 500. Here’s an example of a request could to log in to a service.
- Email address
- Password
- URL: https://accounts.myapp.com/login
And the response:
- 200 = login OK
- 403 = incorrect username and password
- 500 = server error
The same call in Postman:
The top red box shows the call and the method that is being used. Beneath that are the parameters, like the username. The Send button is used to fire the call to the backend. The response is in the bottom, showing a status 200, so the login has succeeded.
You can use Postman to test the login, instead of checking the response manually you can write JavaScript tests as shown below. The test pm.response.to.have.status(200)
checks if the status is 200, which means OK.
As you can see in the screenshots, there is the word POST. The API calls use verbs to define what type of call is being used, for instance:
- POST — to post data on a server
- GET — to receive data from a server
- PUT — to update data on a server
- DELETE — to delete data from a server
There are other verbs, but these are the most important.
POSTMAN
Postman is a collaboration platform for API development. It’s a tool to:
- Send requests and view responses
- Streamline Development and QA with a CI/CD Pipeline
- Design and Mock APIs
- Quickly Create Custom API Documentation
- Improve Visibility of Your API Performance
- Collaborate in workspaces
Download and install Postman
https://www.getpostman.com/downloads/
When you open Postman this is the screen you’ll see this screen
Let’s have a look at what we see on the screen
We’ll start with an API called BACON IPSUM, it’s an API that generates Lorem ipsum text, but bacon flavoured.
Fill in this URL https://baconipsum.com/api/?type=meat-and-filler in the URL bar, and hit send.
The response will show you some paragraphs filled with bacon ipsum:
Congratulations, you’ve executed your first API call!
Let’s move on to the parameters. The first one is already filled in for you, the type with a value of meat-and-filler we can change it to all-meat to see a different result. The default number of paragraphs is 5, we can change it to a different number, like 1 or 20. Just try it out and also these different parameters below:
type: all-meat for meat only or meat-and-filler for meat mixed with miscellaneous ‘lorem ipsum’ filler.
paras: optional number of paragraphs, defaults to 5.
sentences: number of sentences (this overrides paragraphs)
start-with-lorem: optional pass 1 to start the first paragraph with ‘Bacon ipsum dolor amet’.
format: ‘json’ (default), ‘text’, or ‘html’
Exercise 1 First Test
For our first exercise we’re going to look at a new API, the OpenWeather API. Read the documentation here:
You’re going to use Postman to find the weather forecast for the city you live in. You need to register to receive an Appid
which you need to receive data.
Or you can use mine: 969437dd660b6c2251c86d58ae2458c5
The call you’re looking for is this api.openweathermap.org/data/2.5/weather?q={city name}&appid={API key}
The city name for instance is London and the API key you’ve received from openweather. If you call the API the result is like this:
Next we’re going to write a test. Click on the test tab under the URL bar, you can write your own tests in JavaScript or use the handy snippets on the right side. In the snippets you see Status code: code is 200
let’s try that one first.
Now try to find the weather forecast for the city of London, UK. Use the snippets to write a test that checks that the name of the city that is returned is actually London. (hint; use a snippet like json value check)
Solution:
call: api.openweathermap.org/data/2.5/weather?q=London,uk}}u&appid=969437dd660b6c2251c86d58ae2458c5
test: pm.test("City name is London", function(){ var jsonData = pm.response.json(); pm.expect(jsonData.name).to.eql("London"); });
Exercise 2 Variables
Postman uses variables, variables allow you to store and reuse values in your requests and scripts. By storing a value in a variable, you can reference it throughout your collections, environments, and requests — and if you need to update the value, you only have to change it in one place.
Postman provides two types of variables, environment and global variables. environment variables are to edit the context of your request, the global variables are available trough the entire workspace.
If you’ll only use one environment you can just use the global environment variables, but if you will test different API services or different environments like dev, test and acceptance you will want to create different environments for each.
In this exercise we’ll use global environments, hit the eye in the top right corner of Postman and add a variable named city
with an initial value London,uk
. In the parameters, replace London,uk
with {{city}}
Now change the test to check for Amsterdam.
You’ll notice you still have to change the city name manually in a couple of places, let’s make that easier. Update your test as below:
Head over to the Pre-request Script. The script you write here will be executed before the actual call. This is where we will define the city that we are going to test. Look in the snippets for Set a global variable
the key is city and let’s set the value to Rotterdam
. Execute the call and check the results!
Your next assignment is to add a test that will check for the id
that is unique for each city. (hint; use a snippet like json value check)
Save the call if you haven’t done so already.
Exercise 3 Collection Runner
Postman allows you to execute individual calls, it’s also possible to execute multiple calls or several call several times using the collection runner. The collection runner can be found by the Runner button in the top left corner.
In the top left corner you can select the collection you want to use, you can use different environments, change the iterations, add delay, log responses and make use of a data file, which we will do next.
create a csv file and fill it with the following data:
city,id
London,2643743
Amsterdam,2759794
Rotterdam,2747891
Rome,4219762
Now we’re going to prepare the test to use a datafile instead of global environment variables. where previously you used pm.globals.get(“city”)
you will now use data.city
and the id variable also needs to be changed
Head back to the runner, select the call, add the csv file, and execute the test.
Lastly
Postman offers a lot more possibilities than I’ve showed you in this workshop, but if you’re new to Postman and API testing this should help you get started.