Scribd Logo
Upload

Welcome to Scribd!

  • API Testing: Software Development

    Uploaded by

    Mudau Khumbelo Rodneyk
    22 views5 pages

    Original Title

    Apitesting

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    22 views5 pages

    API Testing: Software Development

    Uploaded by

    Mudau Khumbelo Rodneyk

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 5

    API testing

    From Wikipedia, the free encyclopedia

    Jump to navigationJump to search

    Software development

    Core activities

     Processes
     Requirements
     Design
     Engineering
     Construction
     Testing
     Debugging
     Deployment
     Maintenance

    Paradigms and models

     Agile
     Cleanroom
     Incremental
     Prototyping
     Spiral
     V model
     Waterfall

    Methodologies and frameworks

     ASD
     DevOps
     DAD
     DSDM
     FDD
     IID
     Kanban
     Lean SD
     LeSS
     MDD
     MSF
     PSP
     RAD
     RUP
     SAFe
     Scrum
     SEMAT
     TSP
     OpenUP
     UP
     XP

    Supporting disciplines

     Configuration management
     Documentation
     Software quality assurance (SQA)
     Project management
     User experience

    Practices

     ATDD
     BDD
     CCO
     CI
     CD
     DDD
     PP
     SBE
     Stand-up
     TDD

    Tools

     Compiler
     Debugger
     Profiler
     GUI designer
     Modeling
     IDE
     Build automation
     Release automation
     Infrastructure as code
     Testing

    Standards and Bodies of Knowledge


     BABOK
     CMMI
     IEEE standards
     ISO 9001
     ISO/IEC standards
     PMBOK
     SWEBOK
     ITIL

    Glossaries

     Artificial intelligence
     Computer science
     Electrical and electronics engineering

    Outlines

     Outline of software development

     v
     t
     e

    API testing is a type of software testing that involves testing application


    programming interfaces (APIs) directly and as part of integration testing to determine
    if they meet expectations for functionality, reliability, performance, and security.
    [1]
     Since APIs lack a GUI, API testing is performed at the message layer.[2] API testing
    is now considered critical for automating testing because APIs now serve as the
    primary interface to application logic and because GUI tests are difficult to maintain
    with the short release cycles and frequent changes commonly used with Agile
    software development and DevOps.[3][4]

    Contents

     1API testing overview

     2API testing, GUI testing, and test automation

     3Types of API testing

     4Software

     5See also

     6References
    API testing overview[edit]
    API testing involves testing APIs directly (in isolation) and as part of the end-to-end
    transactions exercised during integration testing.[1] Beyond RESTful APIs, these
    transactions include multiple types of endpoints such as web
    services, ESBs, databases, mainframes, web UIs, and ERPs. API testing is
    performed on APIs that the development team produces as well as APIs that the
    team consumes within their application (including third-party APIs). [5]
    API testing is used to determine whether APIs return the correct response (in the
    expected format) for a broad range of feasible requests, react properly to edge
    cases such as failures and unexpected/extreme inputs, deliver responses in
    an acceptable amount of time, and respond securely to potential security attacks.[1]
    [4]
    Service virtualization is used in conjunction with API testing to isolate the services
    under test as well as expand test environment access by simulating APIs/services
    that are not accessible for testing.[6]
    API testing commonly includes testing REST APIs or SOAP web
    services with JSON or XML message payloads being sent over HTTP, HTTPS, JMS,
    and MQ.[2][7]It can also include message formats such as SWIFT, FIX, EDI and similar
    fixed-length formats, CSV, ISO 8583 and Protocol Buffers being sent
    overtransports/protocols such as TCP/IP, ISO 8583, MQTT, FIX, RMI, SMTP, TIBCO
    Rendezvous, and FIX.[8][9]

    API testing, GUI testing, and test automation [edit]


    API Testing is recognised as being more suitable for test automation and continuous
    testing (especially the automation used with Agile software
    development and DevOps) than GUI testing.[3][4] Reasons cited include:

     System complexity: GUI tests can't sufficiently verify functional paths and back-end
    APIs/services associated with multitier architectures. APIs are considered the most
    stable interface to the system under test.
     Short release cycles with fast feedback loops: Agile and DevOps teams working
    with short iterations and fast feedback loops find that GUI tests require considerable
    rework to keep pace with frequent change. Tests at the API layer are less brittle and
    easier to maintain.
    For these reasons, it is recommended that teams increase their level of API testing
    while decreasing their reliance on GUI testing. API testing is recommended for the
    vast majority of test automation efforts and as much edge testing as possible. GUI
    testing is then reserved for validating typical use cases at the system level, mobile
    testing, and usability testing.[3][4][10]

    Types of API testing[edit]


    API testing typically involves the following practices:

     Unit testing - Testing the functionality of individual operations.


     Functional testing - Testing the functionality of broader scenarios, often using unit
    tests as building blocks for end-to-end tests. Includes test case definition, execution,
    validation, and regression testing.
     Load testing - Validating functionality and performance under load, often by reusing
    functional test cases.
     Runtime error detection - Monitoring an application the execution of automated or
    manual tests to expose problems such as race conditions, exceptions, and resource
    leaks.
     Security testing - Includes penetration testing and fuzz testing as well as validating
    authentication, encryption, and access control.
     Web UI testing - Performed as part of end-to-end integration tests that also cover
    APIs, enables teams to validate GUI items in the context of the larger transaction.
     Interoperability testing - (SOAP only) Checking conformance to Web Services
    Interoperability profiles.
     WS-* compliance testing - (SOAP only) Checking compliance to WS-* standards
    such as WS-Addressing, WS-Discovery, WS-Federation, WS-Policy, WS-Security, and
    WS-Trust.
     Penetration testing - testing a computer system, network or Web application to find
    vulnerabilities that an attacker could exploit.
     Fuzz-testing - massive amounts of purely random data, sometimes referred to as
    "noise" or "fuzz", is forcibly input into the system in order to attempt a forced crash,
    overflow, or other negative behavior. This is done to test the API at its absolute limits,
    and serves somewhat as a "worst case scenario".

    Software[edit]

     SoapUI
     SOAtest
     Swagger

    See also[edit]

     Automated testing
     Service virtualization
     Software testing

    You might also like