API testing using Postman

Robert Gorter
7 min readJan 28, 2021

--

As a tester of mobile apps, I often test the API of an app. There are several ways to test an API and an easy way to get started is using a tool like Postman.

I will start this workshop by explaining what an API is and how it works. Next, I’ll explain how Postman works and give you some exercises to practice with Postman and API’s. Enjoy this little workshop to get started using Postman.

What is an API?

API stands for Application Programming Interface, and it provides a way for the head, in my case the app, to interact with the backend. A metaphor I like to use to explain what an API is, is that of a waiter in a restaurant. You tell the waiter what you would like to eat or drink, and the waiter talks to the kitchen and comes back with your order.

You could use the API to log in on a server, or to get you specific data, for instance the weather forecast of a city. The API calls have clear rules that need to be followed in order to provide the data that is required. To log in, you will need a username and password, but also an APP-Token that tells the backend what head is being used.

To make things a little clearer I created this visual:

On the left you see the different heads, an app on a phone, or a website on a desktop or phone. The head communicates trough the API to the server or database.

The API is used to offer a collection of functions offered by the backend, and provides a uniform set of rules to communicate.

API CALLS

The API uses calls to the backend to provide the functionality. These calls consist of http requests and http responses, for example status codes, 200, 400 and 500. Here’s an example of a request could to log in to a service.

And the response:

  • 200 = login OK
  • 403 = incorrect username and password
  • 500 = server error

The same call in Postman:

The top red box shows the call and the method that is being used. Beneath that are the parameters, like the username. The Send button is used to fire the call to the backend. The response is in the bottom, showing a status 200, so the login has succeeded.

You can use Postman to test the login, instead of checking the response manually you can write JavaScript tests as shown below. The test pm.response.to.have.status(200) checks if the status is 200, which means OK.

As you can see in the screenshots, there is the word POST. The API calls use verbs to define what type of call is being used, for instance:

  • POST — to post data on a server
  • GET — to receive data from a server
  • PUT — to update data on a server
  • DELETE — to delete data from a server

There are other verbs, but these are the most important.

POSTMAN

Postman is a collaboration platform for API development. It’s a tool to:

  • Send requests and view responses
  • Streamline Development and QA with a CI/CD Pipeline
  • Design and Mock APIs
  • Quickly Create Custom API Documentation
  • Improve Visibility of Your API Performance
  • Collaborate in workspaces

Download and install Postman

https://www.getpostman.com/downloads/

When you open Postman this is the screen you’ll see this screen

Let’s have a look at what we see on the screen

We’ll start with an API called BACON IPSUM, it’s an API that generates Lorem ipsum text, but bacon flavoured.

Fill in this URL https://baconipsum.com/api/?type=meat-and-filler in the URL bar, and hit send.

The response will show you some paragraphs filled with bacon ipsum:

Congratulations, you’ve executed your first API call!

Let’s move on to the parameters. The first one is already filled in for you, the type with a value of meat-and-filler we can change it to all-meat to see a different result. The default number of paragraphs is 5, we can change it to a different number, like 1 or 20. Just try it out and also these different parameters below:

type: all-meat for meat only or meat-and-filler for meat mixed with miscellaneous ‘lorem ipsum’ filler.

paras: optional number of paragraphs, defaults to 5.

sentences: number of sentences (this overrides paragraphs)

start-with-lorem: optional pass 1 to start the first paragraph with ‘Bacon ipsum dolor amet’.

format: ‘json’ (default), ‘text’, or ‘html’

Exercise 1 First Test

For our first exercise we’re going to look at a new API, the OpenWeather API. Read the documentation here:

You’re going to use Postman to find the weather forecast for the city you live in. You need to register to receive an Appid which you need to receive data.

Or you can use mine: 969437dd660b6c2251c86d58ae2458c5

The call you’re looking for is this api.openweathermap.org/data/2.5/weather?q={city name}&appid={API key}

The city name for instance is London and the API key you’ve received from openweather. If you call the API the result is like this:

Next we’re going to write a test. Click on the test tab under the URL bar, you can write your own tests in JavaScript or use the handy snippets on the right side. In the snippets you see Status code: code is 200 let’s try that one first.

Now try to find the weather forecast for the city of London, UK. Use the snippets to write a test that checks that the name of the city that is returned is actually London. (hint; use a snippet like json value check)

Solution:

call: api.openweathermap.org/data/2.5/weather?q=London,uk}}u&appid=969437dd660b6c2251c86d58ae2458c5

test: pm.test("City name is London", function(){ var jsonData = pm.response.json(); pm.expect(jsonData.name).to.eql("London"); });

Exercise 2 Variables

Postman uses variables, variables allow you to store and reuse values in your requests and scripts. By storing a value in a variable, you can reference it throughout your collections, environments, and requests — and if you need to update the value, you only have to change it in one place.

Postman provides two types of variables, environment and global variables. environment variables are to edit the context of your request, the global variables are available trough the entire workspace.

If you’ll only use one environment you can just use the global environment variables, but if you will test different API services or different environments like dev, test and acceptance you will want to create different environments for each.

In this exercise we’ll use global environments, hit the eye in the top right corner of Postman and add a variable named city with an initial value London,uk . In the parameters, replace London,uk with {{city}}

If you were testing for London, the test should still pass.

Now change the test to check for Amsterdam.

You’ll notice you still have to change the city name manually in a couple of places, let’s make that easier. Update your test as below:

The test will now look for the city that is set in the global environment

Head over to the Pre-request Script. The script you write here will be executed before the actual call. This is where we will define the city that we are going to test. Look in the snippets for Set a global variable the key is city and let’s set the value to Rotterdam. Execute the call and check the results!

Your next assignment is to add a test that will check for the id that is unique for each city. (hint; use a snippet like json value check)

Save the call if you haven’t done so already.

Exercise 3 Collection Runner

Postman allows you to execute individual calls, it’s also possible to execute multiple calls or several call several times using the collection runner. The collection runner can be found by the Runner button in the top left corner.

In the top left corner you can select the collection you want to use, you can use different environments, change the iterations, add delay, log responses and make use of a data file, which we will do next.

create a csv file and fill it with the following data:

city,id

London,2643743

Amsterdam,2759794

Rotterdam,2747891

Rome,4219762

Now we’re going to prepare the test to use a datafile instead of global environment variables. where previously you used pm.globals.get(“city”) you will now use data.city and the id variable also needs to be changed

the test script optimised for the collection runner

Head back to the runner, select the call, add the csv file, and execute the test.

The tests all passed!

Lastly

Postman offers a lot more possibilities than I’ve showed you in this workshop, but if you’re new to Postman and API testing this should help you get started.

--

--

Robert Gorter

I'm a mobile app tester. I build test automation with XCUITEST, Espresso, Appium and Rest Assured