top of page


What is an API?

API stands for Application Programming Interface. APIs act as a software intermediary to enable two software components to communicate with each other.

How does APIs work?

API follows client server architecture. An application that is sending a request is called client, whereas the application sending the response is called server.

Types of APIs

APIs has evolved over a period of time. Let’s take a look are the different types of APIs.

REST (Restful) APIs

  • Most popular and common in use today.

  • An architectural style, not a protocol.

  • Uses HTTP functions such as — GET, PUT, POST, DELETE.

  • Client sends data to server, whereas server processes this input data using internal functions to return output data to the client.

  • It is stateless. Servers do not save client data.

WebSocket APIs

  • Modern web API development

  • Uses JSON objects to pass data.

  • Supports 2 way communication. While the client can initiate communication, the server can do ‘call back’ to the connected clients that normal APIs wont.

  • Efficient that Rest API.


  • Not popular and less flexible.

  • Uses Simple Objects Access Protocol.

  • Uses ‘XML’ objects to pass data.

  • Provides a higher level of security, suitable for financial institutions.


  • Earliest form of APIs.

  • Uses Remote Procedure Calls.

  • Execute a block of code (procedure) on a different server.

Categories of APIs

Based on the boundary and scope of access, APIs are classified either as private or public.

Public APIs

  • These are ‘open’ to the outside world.

  • External developers use these APIs to build capabilities within their application.

Private APIs

  • These are ‘internal’ to an organization.

  • Restricted to select developers groups only.

What is Web API?

Any API when executed over HTTP, becomes a web API. It uses an open source framework. It is a concept, not a technology or architecture style or protocol. Web API in the time of Web 1.0 was synonymous with SOAP but in recent times, Web 2.0 is synonymous with REST.

API Creation: Stages

As a rule of thumb, every API goes through the following traditional development stages. Every stage is important.

  1. Plan: Design the blueprint of the API based on use cases.

  2. Build: Developers develop code based on design and prototype.

  3. Test: Testing is key to prevent bugs, defects and cyber attacks.

  4. Document: Providing a guide is a must for usability when it comes to API.

API Authentication

APIs can be accessed using many convenient methods. Below noted methods cover the most common ones.


  • Anonymous access. No need to authenticate.


  • Username & Password


  • API Key or temporary tokens will be used.

  • More secure.


  • Authenticated using a 3rd party.

  • More secure.


  • Supports SSO based environments.

  • Preferred for larger organizations.

API Example

APIs can be accessed using a variety of methods and programming languages such as web browser, CURL, postman, python, java, etc. Below is an example of a simple public API accessed without authentication, via browser.

API Endpoint: Parameters: name=sam & ?name=nancy

HTTP Method vs Operation:

Each http method does a specific operation. Based on whether it processes a specific item or a collection, and based on whether the operation is success or failure, one of the below HTTP responses will be returned by the API server back to the client.

HTTP Method / Operation / HTTP Response Code

POST / Create / 201 (Created), 409 (Conflict) GET / Read / 200 (OK), 404 (Not Found) PUT / Update,Replace / 200 (OK), 204 (No Content), 404 (Not Found) PATCH / Update,Modify / 200 (OK), 204 (No Content), 404 (Not Found) DELETE / Delete / 200 (OK), 404 (Not Found)

Popular APIs

APIs are present in anything and everything we consume daily through websites and mobile apps. Some popular APIs include,

  1. Google Maps API

  2. Weather API

  3. Spotify API

  4. Auth0 API

  5. Twitter API

Benefits of API Testing

APIs form the integral part of all the critical applications, so, it is important to ensure these APIs are flawless, scalable and performant.

1. Functionality:

Unit tests are written to evaluate the business logic to ensure it functions as expected.

2. Performance: Simulate several requests to API endpoints to test if the API is performant with increased load.

3. Security: Check if the API endpoints are vulnerable to cyber attacks and ensure required protection is enforced.

API Testing Types

There are different types of API testing based on the testing objective. They are as follows.

  • Validation Testing

  • Functional Testing

  • UI Testing

  • Security Testing

  • Load Testing

  • Runtime and Error Detection

  • Penetration Testing

  • Fuzz Testing

API Testing Tools

In-order to test APIs, there are several testing tools available in the market, some are open source. Here is the most common list.

  • Testim

  • Postman

  • SoapUI

  • Apigee

  • Assertible

  • Karate — DSL

  • Rest Assured

  • JMeter

  • API Fortress

  • Hoppscotch

Rest Assured

Let’s discuss about Rest Assured.

Rest Assured enables you to test REST APIs using java libraries and integrates well with Maven. It has very efficient matching techniques, so asserting your expected results is also pretty straight forward. Rest Assured has methods to fetch data from almost every part of the request and response no matter how complex the JSON structures are.

Sample Rest Assured script

The syntax of Rest is the most beautiful part, as it is very much behavior driven and understandable.

Given(). param("x", "y"). header("z", "w"). when(). Method(). Then(). statusCode(XXX). body("x, ”y", equalTo("z"));

Code Explanation:

Given() ‘Given’ keyword, lets you set a background, here, you pass the request headers, query and path param, body, cookies. This is optional if these items are not needed in the request

When() ‘when’ keyword marks the premise of your scenario. For example, ‘when’ you get/post/put something, do something else.

Method() Substitute this with any of the CRUD operations(get/post/put/delete)

Then() Your assert and matcher conditions go here


The API market is poised to grow to a $8.2B industry by 2027 — nearly doubling its 2021 size — as more businesses implement digital transformation solutions. APIs grant organizations the flexibility and agility to respond quickly to changing market trends or disruptions. It would be an advantage to learn API and stay competitive in the growing market. Thanks for reading the blog. Hope it was useful.

37 views0 comments

Recent Posts

See All


Rated 0 out of 5 stars.
No ratings yet

Add a rating
bottom of page