REST-assured enables you to test REST APIs using java libraries. It is very efficient and easy to use. Integration with maven is also easy. REST-assured has methods to fetch data from every request and response part.
It can be used to test XML & JSON-based web services, however, the structure is complex.
- JDK should be installed in the system.
- IDE for running and executing java code (either eclipse or other).
Firstly, you must create a new maven project in your eclipse IDE. Then we need to add a dependency for rest assured and testNG to execute code for API testing.
The below dependency is for REST-assured added to your pom.xml file in your maven project.
Apart from that, you need to add TestNG framework to your maven project. For that, you need to add a dependency for TestNG.
Then, you need to go to src/test/java in your maven project and you can either create a new java class or write code in the default class.
The syntax of REST-assured is easy and similar to the BDD structure. It uses given/when/then, therefore it is easy to understand and readable.
To create data using REST-assured we use post() method. Firstly, we should have data in the form of JSON Object and authorization tokens as needed. Using TestNG as testing framework we can post any request as defined in the code below:
By getting status code as 201. That means your data is created successfully.
To read the data using get() request in REST-assured with TestNG framework use the code below.
To update data using REST-assured we use put() method. Firstly, we should have data in JSON Object and authorization tokens as needed. Using TestNG as a testing framework we can update any data as defined in the code below:
By getting the status code as 200. That means your data is updated successfully.
To DELETE the data using REST-assured and get response code as 204. The code for DELETE request is below.
- It is easy to use since it uses given/when/then test notations which are readable easily.
- Easy to integrate with frameworks like TestNG and JUnit.
- Code reusability is excellent as it is a Java client.
- CI/CD integration is easy as we can easily integrate with tools like Maven and Jenkins.
- REST-assured can be used with customized and open-source reporting tools.
- It provides DSL so the test is Behaviour driven.
- It provides an easy interface, which is why it is a better tool rather than other complex tools.
- Does not support SOAP APIs explicitly.
- There is no inbuilt reporting in REST-assured.
- Since it uses Java as a programming language thus requires good knowledge of Java.
When trying to decipher RESTful APIs created by others or test ones you have built yourself, Postman is a fantastic tool. It provides a simple user interface for making HTML requests, reducing the need to write a lot of code only to evaluate an API’s operation.
Testing is more efficient with Postman. Simply paste the path into the address bar, select the GET response method from the selection box to the left, enter your API key in the “Headers” area, specify “pretty” JSON as the return format, and hit submit. The response data will be in easy-to-read JSON format, with a status code of 200 indicating that the GET request was successful. That is all there is to it!
You should be familiar with APIs, automation and manual testing.
The Process of using Postman is quite simple and easy. Using Postman is a basic and straightforward process. The setup may be downloaded for all systems, including Windows, MacOS, and Linux, from its official website. Simply download and install the application on your machine, then begin testing the APIs.
It is simple to install in Linux and Ubuntu by typing the following command in the Terminal:
$sudo snap install postman
As Postman is totally a GUI based Testing Tool, it does not have any specific Syntax to write/Test the APIs
CRUD stands for Create, Read, Update and Delete. There are four basic database operations that correspond to the most used HTTP verbs in Rest Services.
It is used to create a new resource but can also modify the underlying state of a system.
It is used to retrieve a representation of resources.
It is used to Update an existing resource.
It Deletes the existing resource.
Collection [API Automation]
To keep your workspace organized, engage with coworkers, develop API documentation and API tests, and automate request runs, you may arrange your Postman requests and examples into collections. To see a list of collections in a workspace, go to Collections in Postman’s left sidebar.
- It is quite easy to import or export a collection, which saves time when transferring requests.
- When you set a variable for a collection, it will also be applied to the folders that are created under that collection.
- It is simple to transmit data across collection requests.
- Using collection variables, data exchange between APIs is a breeze.
- There will be no need to build common test cases for distinct requests because tests written at the collection level will be relevant to all requests inside the collection.
- Using the collection runner, all requests can be executed at the same time.
- A CSV or excel file can be used to do data-driven testing.
- With the help of collection and Newman, continuous integration is simple.
To run an automated test from a Collection, we can simply click on three dots on Collection Folder and Select the third option Run Collection, and it can perform all the test cases of CRUD Operations like create, put/patch, delete and get etc. Automatically.
And in the next window, we can rearrange the order of the operation, and select the no. Of the iterations and the delay between each operation and can run all the operations inside the Collection.
Once all the test cases run fine, it will give us the Status Code (Yellow), the time to execute the test case (Green), and the size of the tests for each operation (Pink).
- It is User-friendly. Testers may quickly develop test suites by filling in templates using a simple interface. Postman also includes code samples for script construction, including examples of response time, response code, and other validations.
- Accessibility. Postman users may easily access their files by logging into their account on a device that has the Postman app, or the Postman browser extension installed.
- Various functionalities are available. All HTTP methods are supported by Postman, as well as saving progress, converting APIs to code, altering the API development environment, and many other features.
- Capabilities for tracking requests. Postman supports many status codes for HTTP responses, allowing users to check the response. To name a few, there are Successful requests, Empty responses, Bad requests, and Unauthorized access.
- There is a limited amount of testing space. Postman is great for testing RESTful APIs, but it is not so great for SOAP APIs and other APIs.
- The reusability of scripts is limited. Users of Postman are unable to reuse or add more requests to their pre-written scripts. This means that testers will have to write fresh test scripts for each project. Integration that is restricted.
- While APIs make the Agile process possible, the product itself has limited integration options. Connecting Postman to current systems and interacting across the team becomes a challenge.
Axios is a promise-based HTTP client for the browser as well as Node.js. Using Axios we can perform CRUD operations easily and, thus, it can be used in applications that use libraries such as React or Vue.
- Latest version of Nodejs
- Latest version of npm
- Installation of Axios.
$ node -v V17.8.0
We see that we are using the node version v17.8.0.
$ npm init –y
To initiate a new node.js application.
$ npm i axios
To install Axios
There are different ways by which we can create requests in Axios. Some of them are as given below.
axios(config) axios(URL [, config])
These are other ways of generating requests in Axios.
axios.request(config) axios.get(URL [, config]) axios.delete(URL[, config]) axios.head(URL [, config]) axios.options(URL [, config]) axios.post(URL [, data [, config]]) axios.put(URL [, data [, config]]) axios.patch(URL [, data [, config]])
Step one would be to import libraries like Axios and chai for assertions.
POST method can be used in order to send ‘post’ requests, which can be later used to trigger events like sending the request body to the concerned URL. In this case, the post request can be performed by calling axios.post().
By using this technique, we would be needing two parameters
- URL for the service endpoint
- Object which has the properties needed to be sent.
Since passing data as a parameter to the post method is optional, we can conclude that it is very similar to the get method.
Likewise, we can send a Get request too by using the request function and later calling the get function.
Once the get request is sent, data received in the response and status code 200 is validated using the expect function from chai library.
For update, we use put request while this request we need to send the full body in the request like “name”, “gender”,” email”, ”status”.
Here we are updating user/2364 which we created previously. Once the Put request is sent successfully, assertions are made using the expect function from chai library, and values are compared using the expected property from data with actual values coming in response and status code 200. In this example, we would be changing the gender and status of the person, as we can see below.
Deleting can be done easily by just passing the id we want to delete, Here we check by deleting the user via a delete request. We put assertions to check the status code as the data would be deleted once this request is sent. For a successful request, we expect status code 204.
- Axios can be easily installed therefore providing an easy-to-use API in a compact package for most of your HTTP communication needs.
- Due to the large volume of users, it provides high community support.
- Axios is lightweight and based on Promise API.
- It is isomorphic which means it can run on both, the browser and NodeJS with the same codebase.
- Error handling is quite easy which means that if there is a bad response like 404, the promise will get rejected and thus return an error.
- In the case of small Projects, with just a few simple API calls Axios is not a feasible/ideal solution, instead fetch can be used.
Request is a small library that implements fully and true streaming XHR for browsers that support these methods. It uses a variety of proprietary response Type properties to force a streaming connection, even for binary data. This module comes with built-in protection against ActiveX blocking that is frequently used in firewalls & virus scanners.
- Latest version of Node JS.
- Latest version of npm
Then install Request API in your package to make HTTP requests. Use the code below.
npm install request
You need to install a testing framework to perform API testing using Request API . You can use either Mocha, Jasmine or Jest. Assuming you install Mocha as testing framework by the below code.
npm i mocha
By defining test scripts as mocha in package.json writes your API test cases for GET, PUT, POST, DELETE, PATCH etc…
You need to install a Chai assertions library to get responses to HTTP requests. Use the command below.
npm i chai
Use request to make HTTP responses. A simple syntax for using request is below:
Creating data using the Request in API testing requires a request module offered by npm. To get response we use chai assertions library. You can post an API request using bearer Token and the data needs to create.
In a similar way to POST method GET method also requires library from Request API and chai assertion library. The framework design pattern uses mocha as a testing framework. The code for GET request is below.
For update, data using API request from PUT method follows a similar process as the POST method. The code for the PUT request is below.
By getting status code as 200. That means your data is updated successfully.
To DELETE the data using a delete request and get response code as 204. The code for the DELETE request is below.
- For finding bugs at an early stage of software development, API testing using the Request JS module is an efficient tool for fast and reliable performance.
- Can be used with different testing frameworks like Chai and Mocha.
- We can easily stream the response to the file stream.
- It provides custom HTTP headers.
- The API is currently depreciated and for that reason, no future updates are possible.
- The community support for this API is low in comparison to other testing tools.
SuperTest, SuperAgent driven library for testing HTTP servers. It was authored by TJ Holowaychuk. It currently has around 11,992 stars, 768 issues, 73 maintainers and forked by 746 projects.
- HTTP Assertions
- Promise support
- The latest version of Node.js
- The latest version of NPM
Firstly, create a new project inside an empty directory and initialize it by running this command to create a default package.json file.
npm init -y
Once your project is initialized, you can use the following commands to set up the latest versions of the SuperTest, Mocha, and Chai libraries.
npm install –save-dev supertest mocha chai
Here I’m using mocha and chai but if you don’t like Mocha, there are similar frameworks like Jest or Jasmine. If Chai isn’t your cup of tea, other assertion libraries like should.js also work equally well.
That’s all you need to start creating automated tests for your API.
A request can be initiated by invoking the appropriate method on the request object, then calling .then() (or.end()) to send the request and in .set() we set the HTTP header attributes. For example, a simple GET request syntax looks like this:
First of all, we need to import the Supertest library and expect the library from chai to set up and start its respective functions in our tests. Headers for the request are set by using the set function.
It’s very simple to send a Post request with the test data by using the request function and then calling the post function and after that send function sends the request body. Then the function sends the request in response, body. Once the post request is sent successfully, all the data received in the response is validated using the expect function.
The data which we create asserted against the actual data coming in response, which assures that what we sent in post request is actually working or not from chai library.
Similarly, you can send a Get request by calling the Get function with the request function.
Once the get request is sent successfully, data is received in the response and status code 200 for validation using the expect function from the chai library.
For update, we use put request while this request we need to send the full body in the request like “name”, “gender”, ”email”, ”status”.
Here we are updating user/100 which we created previously. Once the Put request is sent successfully, assertions are done using the expect function from chai library, and values are compared using the expected property from data with actual values coming in response and status code 200.
Delete testing step is the easiest test compared to other tests, where we check by deleting users by delete request. We put assertions to check the status code as the data would be deleted once this request is sent. For a successful request, we expect status code 204.
- It can integrate nicely with other testing frameworks
- One of the nice things about SuperTest is that it can run tests without any additional tools.
- Supertest is great for implementing test assertions for HTTP API systems for both REST and GraphQL based backend middleware.
- It has a fluent API
- It makes HTTP assertions easy
- Can be mixed with different testing suites like Chai.js and Mocha.
- Old style callbacks are also supported.
- It doesn’t work on browsers.
- Poor Documentation.