Chances are you’ve heard the term API. However, you may not know exactly what it is, much like the mystification of “the cloud” in the early 2000s. In this post, I’ll break down what an API is using a well-known example and how to test it. By the end of this article, you’ll not only be familiar with the concept of APIs, but you’ll be driving an API testing strategy for your organization.
Let me share an example using the “drive” option in Apple Maps. If you’re on your iOS device and want to get a Lyft ride to the destination you’re looking for, just click the “Ride” option. Instead of having to leave the Apple Maps app and go to Lyft, Lyft provides an API so that Apple Maps can “call” and get the information it needs to show you ride options.
Types of API Testing And Their Purpose
Functionality
The purpose of a functional API Tester is to ensure that you can send a request and get back the expected response using the requests that the API describes. This includes negative and positive testing. Make sure you cover all possible combinations of dates. Don’t forget the negative and positive tests. Don’t rely on UI testing. There may be errors rooted at the unit or backend level that would not be visible in UI testing. Consideration should be given to error handling when data is outside the accepted parameters.
Security
The purpose of security testing is to make sure that your communication with the API is secure and that the caller can only do what they are allowed to do. Verify that your data is properly encrypted.
Performance
The purpose of API performance testing is to ensure that it can handle user load and to determine what happens when it reaches a load limit. Increase the number of API calls and then monitor response times and throughput. Monitor memory leaks by running a resilience test. Load the system by loading it with calls.
Reliability
The purpose of reliability testing is to find possible outages.
Documentation
The purpose of the documentation review is to verify that the documentation provides enough information to interact with the API. This is usually done in API testing.
Integration Testing
The purpose of integration testing is to verify success where multiple APIs work together. The QA team focuses on call sequencing and ensures fast and accurate data returns.