What is API TESTING and different types of API TESTING.
API (Application Programming Interface ) is something which enables communication and data exchange between two different software systems. An API software system consists of several functions or subroutines that another software system can perform. API defines requests that can be made , how to make requests and data format that can be used between two software systems.
What is API testing ?
API testing is the software testing type which validates the application programming interfaces .
API testing is needed to check the functionality, reliability, performance and security of programming interfaces .In API testing we do not use standard user inputs and outputs instead we use software to send calls to the API, get output and check the systems response . API testing mainly concentrates on the business logic layer of the software architecture.
Why is API testing required ?
We need to test the core business logic of the application to drastically reduce the defects that could be found during the functional testing of the application .APIs can be considered as an engine for the application which should be expected to work fine without any deviations and errors. Apart from these basic reasons , there are few more reasons which make API testing important and essential.
To narrow down the probabilities of defect detection at a later stage.
Automation possibilities of API testing
Single testing iteration , multiple platform quality assurance.
Overall cost reduction for testing.
API testing is time efficient as well.
Sort of performance check.
API Testing Types
Validation Testing - Validation testing occurs among the final steps and plays an essential role in the development process. It verifies the aspects of the product , behavior and efficiency . It can be seen as an assurance that the product is developed correctly.
UI Testing - UI testing is basically the testing of the user interface for the API and the other integral parts .UI testing focuses more on the interface that is tied to the API rather than the API itself .Although this test is not a specific test of the API itself but it provides an overview of the health , usability and efficiency of the app’s front and back end .
Load Testing - Load Testing is performed after a specific unit or whole codebase is completed . load testing monitors the app’s performance both during normal and peak conditions.
Functional Testing - This includes testing functions in the codebase . These functions are representations of the specific scenarios to make sure the API functions are handled well within the parameters.
Penetration Testing - In this test type the users with limited API knowledge will try to assess the threat vector from an outsider's perspective , which is about functions, resources or processes.
Security Testing - This testing makes sure the API implementation is secure from the external threats. It also includes user rights management and authorization validation.
Fuzz Testing - Fuzz testing is another step in the security audit process . IN fuzz testing an vast amount of random data will be input in the system to detect any forced crashes or negative behaviors. This testing prepares API for the worst case scenarios.
Run Time error detection - This testing is related to the actual running of the API.