Tuesday, April 1, 2025

 

🌟 API Testing Fundamentals - Quick Guide

✅HTTP Status Codes

1xx - Informational Codes

101 Switching Protocols: Server is switching protocols (e.g., HTTP to WebSocket).
103 Early Hints: Server is still processing but gives hints to the client.

2xx - Success Codes

200 OK: Request succeeded; resources fetched (e.g., GET request).
201 Created: Resource created successfully (e.g., POST request).
202 Accepted: Request accepted for processing (e.g., batch jobs).
204 No Content: Request succeeded, but no content to return (e.g., data saved, but page doesn't change).

3xx - Redirection Codes

301 Moved Permanently: Resource moved to a new location (used with GET/HEAD requests).

4xx - Client Error Codes

400 Bad Request: The server cannot process the request due to client error (e.g., malformed request body).
401 Unauthorized: Authentication required or failed.
403 Forbidden: Authentication succeeded, but the client does not have permission to access the resource.
404 Not Found: The resource does not exist at the requested URL.

5xx - Server Error Codes

500 Internal Server Error: Generic server error; the request could not be processed.
502 Bad Gateway: Server received an invalid response from the upstream server.
503 Service Unavailable: Server is down or under maintenance.
504 Gateway Timeout: Server didn't get a timely response from an upstream server.

🛠️ Key API Testing Concepts:

Endpoint: The URL path to access a specific resource.
Method: The HTTP method (GET, POST, PUT, DELETE) specifies the action to perform.
Headers: Metadata sent with the request.
Request Body: Data sent to the server with POST/PUT requests.
Response Body: The data returned by the server.
Status Code: Indicates the result of the HTTP request.
Assertions: Validating the response (e.g., status code, data in the response body).

🔐 Authentication Types:

Basic Auth: Simple username and password authentication.
Bearer Token: Token-based authentication (OAuth 2.0).
API Key: Unique key provided to access the API.

🔄 Testing Tools:

Postman - API Manual Testing
Rest-Assured - API Automation Testing
SOAP UI - API Automation Testing

📊 Common Test Scenarios:

Verify Status Codes: Ensure correct status codes are returned.
Validate Response Structure: Check JSON/XML structure and data types.
Check Headers: Validate content-type, cache-control, etc.
Authorization Checks: Test access to resources with and without credentials.
Performance Testing: Measure API response time.



0 comments:

Post a Comment

Blog Archive

Translate

Popular Posts

Total Pageviews

Blog Archive