What is an API?
API stands for Application Programming Interface. Talking in technical terms an API is a set of procedures, functions, and other points of access which an application, an operating system, a library etc., makes available to programmers in order to allow it to interact with other software.API’s can be tested even when the GUI of the application is not yet ready.
Validate the response, response time, error code.
API testing primarily aims to test the business logic layer of the system’s architecture
API testing primarily aims to test the business logic layer of the system’s architecture
It’s important to know that a request is made up of four things:
- The endpoint : is the url
- The method : The method is the type of request you send to the server.(Ex: Get, Post)
- The headers : Headers are used to provide information to both the client and server (Ex:"Content-Type: application/json")
- The data (or body) : The data (sometimes called “body” or “message”) contains information you want to be sent to the server
HTTP GET
Use GET requests to retrieve resource representation/information only – and not to modify it in any way. As GET requests do not change the state of the resource, these are said to be safe methods. if the resource is found on the server then it must return HTTP response code
200 (OK).In case resource is NOT found on server then it must return HTTP response code 404 (NOT FOUND).HTTP POST
POST methods are used to create a new resource into the collection of resources.if a resource has been created on the origin server, the response SHOULD be HTTP response code
201 (Created).HTTP PUT
Use PUT APIs primarily to update existing resource (if the resource does not exist then API may decide to create a new resource or not). If a new resource has been created by the PUT API, the origin server MUST inform the user agent via the HTTP response code
201 (Created) response and if an existing resource is modified, either the 200 (OK) or 204 (No Content) response codes SHOULD be sent to indicate successful completion of the request.HTTP DELETE
As the name applies, DELETE APIs are used to delete resources (identified by the Request-URI).A successful response of DELETE requests SHOULD be HTTP response
code 200 (OK) if the response includes an entity describing the status, 202 (Accepted) if the action has been queued, or 204 (No Content) if the action has been performed but the response does not include an entity.
HTTP Status Codes
1xx Informational
100 Continue
101 Switching Protocols
102 Processing (WebDAV)
2xx Success
200 OK
201 Created
202 Accepted
203 Non-Authoritative Information
204 No Content
205 Reset Content
206 Partial Content
207 Multi-Status (WebDAV)
208 Already Reported (WebDAV)
226 IM Used
3xx Redirection
300 Multiple Choices
301 Moved Permanently
302 Found
303 See Other
304 Not Modified
305 Use Proxy
306 (Unused)
307 Temporary Redirect
308 Permanent Redirect (experimental)
4xx Client Error
400 Bad Request
401 Unauthorized
402 Payment Required
403 Forbidden
404 Not Found
405 Method Not Allowed
406 Not Acceptable
407 Proxy Authentication Required
408 Request Timeout
409 Conflict
410 Gone
411 Length Required
412 Precondition Failed
413 Request Entity Too Large
414 Request-URI Too Long
415 Unsupported Media Type
416 Requested Range Not Satisfiable
417 Expectation Failed
418 I'm a teapot (RFC 2324)
420 Enhance Your Calm (Twitter)
422 Unprocessable Entity (WebDAV)
423 Locked (WebDAV)
424 Failed Dependency (WebDAV)
425 Reserved for WebDAV
426 Upgrade Required
428 Precondition Required
429 Too Many Requests
431 Request Header Fields Too Large
444 No Response (Nginx)
449 Retry With (Microsoft)
450 Blocked by Windows Parental Controls (Microsoft)
451 Unavailable For Legal Reasons
499 Client Closed Request (Nginx)
5xx Server Error
500 Internal Server Error
501 Not Implemented
502 Bad Gateway
503 Service Unavailable
504 Gateway Timeout
505 HTTP Version Not Supported
506 Variant Also Negotiates (Experimental)
507 Insufficient Storage (WebDAV)
508 Loop Detected (WebDAV)
509 Bandwidth Limit Exceeded (Apache)
510 Not Extended
511 Network Authentication Required
598 Network read timeout error
599 Network connect timeout error
