API Testing overview | David Tzemach
Updated: Jan 23, 2022
An API (Application Programming Interface) is an interface between external software applications or between different layers of the same application. When creating an application API, we determine how other systems will interact, communicate and share data with our system.
What is API testing?
API testing is a testing approach used to validate that APIs and the integration they provide work correctly. The main activity of this approach is to validate the API response or output based on varying test conditions. The API output can refer to another API, different data types, and status.
What tests should be performed on APIs
Test that the API does not have scenarios where it fails to return any response.
Test that the API can be integrated with a corresponding system.
Test that the API can be integrated with a corresponding API.
Test the API outcome based on different input conditions.
Test how easy it is to implement and use the API.
Test different performance aspects of the API.
Test that the API can handle negative inputs.
Test that the API can process many inputs.
Test different security aspects of the API.
What types of bugs can API testing help find?
Security breaches in the API that others can use to attack the system.
Errors and failures that are not handled gracefully.
Unused code, duplicate functionality, or unused flags.
Functional bug related to the API functions.
Performance-related bugs.
What are the challenges of API testing?
Testing is limited to specific functions, and there is no view of the complete picture.
There are difficulties in testing the API output of some systems.
The tester can use no user interface to simplify the tests.
API testing can be too complex for some testers.
The tester needs to verify the exception handling of specific methods.