APIs, or Application Programming Interfaces, are the connecting tissue between different systems or layers of an application. Applications often have three layers: a data layer, a service (API) layer, and a presentation (UI) layer. The API layer contains the business logic of an application – the rules of how users can interact with services, data, or functions of the app. Because the API or service layer directly touches both the data layer and the presentation layer, it presents the sweet spot of continuous testing for QA and Development teams. While traditional testing has been focused on the UI, the advantages of API testing are becoming well known.
While there are many aspects of API testing, it generally consists of make requests to a single or sometimes multiple API endpoints and validate the response – whether for performance, security, functional correctness, or just a status check. While UI testing may focus on validating the look and feel of a web interface or that a particular payment button works – API testing puts much more emphasis on the testing of business logic, data responses and security, and performance bottlenecks.
The Benefits of API Testing
Earlier Testing –
With API testing, once the logic is designed, tests can be built to validate the correctness in responses and data. We don’t have to wait for various teams to finish their work or for full applications to be built – test cases are isolated and ready to built immediately.
Easier Test Maintenance –
UIs are constantly changing and moving around based on how they are accessed – browsers, devices, screen orientation, etc. This creates a nightmare scenario where tests are being constantly rewritten to keep up with the actual code in production. API changes are much more controlled and infrequent – often times API definitions files like OpenAPI Spec can help make refactoring tests only a seconds of work.
Faster Time To Resolution –
When API tests fail, we know exactly where our system broke and where the defect can be found. This helps reduce time triaging bugs between builds, integrations, and even different team-members. The small, isolated footprint of an API test is perfect for faster MTTR stats, a valuable KPI for DevOps teams.
Speed and Coverage of Testing –
300 UI tests may take 30 hours to run. 300 API tests could be run in 3 minutes. That means you’ll find more bugs in less time, while also being about to fix them immediately.
The Types of API Testing:
Unit Testing
While the testing world can be filled with misnomers, the easiest way to think about a “unit test” and APIs is testing a single endpoint, with a single request, looking for a single response or set of responses. Many times, this type of testing can be done manually via the command line and something like a cURL command or with lightweight tools like SoapUI.
Integration Testing
Integration testing is the most often used form of API testing, as APIs are at the center of most integrations between internal or third-party services
End-to-End Testing
End-to-End testing can help us validate the flow of data and information between a few different API connections.
Performance Testing
We are trying to change the paradigm of Load testing and shift it left into every commit. Previously, load testing was kept in the hands of the few and was difficult to execute in a CI/CD environment. ReadyAPI is a performance testing tool for RESTful, SOAP, and other web services that enables nearly any team member to embed performance tests into their CI/CD pipeline.