Sitting behind many of the applications we test is an API (application programming interface). Applications make calls to these APIs to retrieve the data and assets that it serves to its users.
While sometimes its adequate to test for API responses by interacting with the web front-end, often direct testing of the API is required to test for functionality, data and performance.
The challenge with APIs is that they do not have a user interface, so testing is performed at the message layer.
Using tools such as Postman, scripts are written to test for valid, invalid, authorised and unauthorised requests, to ensure that the API responds correctly to every possible scenario.
Scripts are used to test various scenarios against endpoints to ascertain whether or not expected responses are received.
Our service is designed to provide coverage of all possible scenarios that the API endpoints will encounter.
For performance testing of APIs, Zoonou use Apache JMeter.
The script can be setup to use dummy data when processing requests, and uses response assertions to display whether or not a response has failed the test.
If an API endpoint is found to respond incorrectly, we’ll let you know about it! We provide a detailed test report at the end of the execution run.
Testing APIs in isolation of the front-end can increase reliability of the system.
It’s recommended that API testing is conducted early before front-end testing to ensure that a stable and robust API is in place. This can help to identify the cause of an issue on the front-end web application.