Introduction to API testing

SAKSHI RISHIPATHAKSAKSHI RISHIPATHAK
6 min read

What is API ?

API stands for an application programming interface. It is a set of functions that allows applications to access data and interact with external software components, and operating systems. APIs define the rules that programmers must follow in order to interact with a programming language, a software library, or any other software tool.

How Do APIs Work? | What Is an API? | Akamai

Examples of API Usage

  1. Weather Snippets - One common API usage example we come across on a daily basis is weather data. This is one of the common features of smartphones and can also be found on other platforms like Google's search, and Apple's weather search. All of these applications use API to fetch weather details.

  2. Travel/Hotel Booking - On travel websites we can find multiple flight details based on our search criteria. These travel sites use APIs to find relevant flights from multiple airlines.

As we can see that APIs provides an interface to consume service from other application by abstracting the underlying implementation of that application.

How does API work?

Most web APIs sits between the application and the web server. The user initiates an API call that tells the application to do something, then the application will use an API to ask the webserver to do something. The API is the middleman between the application and the web server, and the API call is the request. And every time you use software to communicate with other software or online web servers, you’re using APIs to request the information you need.

💡
Imagine you’re a customer at a restaurant. The waiter (the API) functions as an intermediary between customers like you (the user) and the kitchen (webserver). You tell the waiter your order (API call), and the waiter requests it from the kitchen. Finally, the waiter will provide you with what you ordered.

What is an API? A Beginner's Guide to APIs | Postman

The waiter is the intermediary between you and the kitchen. In this metaphor, the waiter is effectively an abstraction of the API. In software engineering, abstraction is a fundamental concept that aims to simplify a complex mechanism by only focusing on the details of higher importance. In this example, as a customer, you don’t need to know how the kitchen or the restaurant operates in order to get what you want: the food. You just need to know how to order it.

Types of API

  1. Public APIs - A public API is open and available for use by any outside developer or business.

  2. Partner APIs - A partner API, only available to specifically selected and authorized outside developers or API consumers, is a means to facilitate business-to-business activities.

  3. Internal APIs - An internal (or private) API is intended only for use within the enterprise, to connect systems and data within the business.

What is webservice?

A web service is like a specialized function or tool that one application can use to interact with another, even if they are running on different systems or using different technologies.

A Web Service can be defined in the following ways:

  • It is a client-server application or application component for communication.

  • The method of communication between two devices over the network.

  • It is a software system for interoperable machine-to-machine communication.

  • It is a collection of standards or protocols for exchanging information between two devices or applications.

Types of Webservices

🧼 SOAP (Simple Object Access Protocol)

  • Like a strict rulebook.

  • Always sends data in XML format.

  • Has a standard structure (envelope, header, body).

  • More secure and has built-in error handling.

  • Slower and heavier.

  • Used in banking, payment gateways, and enterprise apps where strict rules are needed.

🌐 REST (Representational State Transfer)

  • Like a casual conversation.

  • Can send data in JSON, XML, or even plain text.

  • Uses simple HTTP methods like GET, POST, PUT, DELETE.js

  • Faster and easier to use.

  • Common in web and mobile apps like Instagram, YouTube.

SOAP and REST API: Differences | Board Infinity

🤔What is REST API’s ?

REST is a software architecture style that was created to guide the design and development of the architecture for the World Wide Web.A web API that obeys the REST constraints is informally described as RESTful. RESTful web APIs are typically loosely based on HTTP methods to access resources via URL-encoded parameters and the use of JSON or XML to transmit data.

Rest API Architecture. REST API architecture refers to the… | by Ritu Shikha | Medium

Key Principles of RESTful API

  • Stateless: Each request is independent.

  • Client-Server: Client (e.g., browser or app) and server are separate.

  • Resource-based: Everything is treated as a resource (like user, product, etc.)

🔁Anatomy of REST APIs

1️⃣ Request – What the Client Sends

🔹 a) Request Method

This tells the server what action the client wants to perform:

MethodAction
GETFetch data
POSTCreate data
PUT/PATCHUpdate data
DELETERemove data

image.png

🔹 b) Resource Address (URI)

This is the address of the resource you want to work with.
Example:

GET /api/v1/products

Here, /api/v1/products is the endpoint or URI – like the door to the resource.

🔹 c) Request Headers

These are extra details sent with the request to give instructions to the server.

Common headers:

  • Authorization: Used for login/authentication.

  • Content-Type: Tells the server what format the data is in (e.g., JSON).

  • Accept: What type of response format the client wants (e.g., JSON, XML).

✅ These headers help control who is asking, what they're sending, and how they want the answer.

🔹 d) Request Body (only in POST/PUT)

This is the actual data you want to send to the server (e.g., to create or update something).

🛒 Example – Creating a product:

{
   "productId": 1001,
   "product_name": "iPad",
   "product_price": 500
}

2️⃣ Response – What the Server Sends Back

After receiving the request, the server processes it and sends back a response. It contains:

🔹 a) Status Line

This tells if the request succeeded or failed:

  • HTTP version

  • Status code (like 200, 404)

  • Status text (like "OK" or "Not Found")

🔹 b) Response Headers

Similar to request headers, these provide extra info about the response.

Common fields:

  • Content-Type: Format of the response (e.g., JSON)

  • Content-Length: Size of the response

  • Keep-Alive: How long the connection stays open

🔹 c) Response Body

This is the actual result/data sent back by the server.

🧾 Example:

{
   "message": "Product created successfully",
   "productId": 1001
}

🔹 d) Response Codes – Meaning of Status

Code RangeMeaning
1XXInfo (rare)
2XX✅ Success (e.g., 200 OK, 201 Created)
3XX🔁 Redirect
4XX❌ Client Error (e.g., 400 Bad Request, 404 Not Found)
5XX💥 Server Error (e.g., 500 Internal Server Error)

3️⃣ Types of Headers (Grouped)

TypeDescription
Request HeadersSent by the client (e.g., Authorization, Content-Type)
Response HeadersSent by the server (e.g., Content-Length, Cache-Control)
General HeadersInfo common to both (e.g., URL, method, connection info)
0
Subscribe to my newsletter

Read articles from SAKSHI RISHIPATHAK directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Apitestingtest-automation

Written by

SAKSHI RISHIPATHAK
SAKSHI RISHIPATHAK

I'm an experienced Software Development Engineer in Test (SDET) deeply passionate about DevOps practices. My focus lies in ensuring software quality through rigorous testing and automation. I leverage my background in software engineering to integrate DevOps principles, aiming to optimize efficiency and enhance collaboration across teams. I'm dedicated to continuous improvement and excited to contribute to advancing DevOps methodologies.