Before dwelling into the subject of API Testing, we should understand what is the meaning of API or, Application

Programming Interface. An API (Application Programming Interface) is a collection of software functions and procedures, called API calls, that can be executed by other software applications. API testing is mostly used for the system which has collection of API that needs to be tested. The system could be system software, application software or libraries.

API testing is different from other testing types as GUI is rarely involved in API Testing. Even if GUI is not involved in API testing, you still need to setup initial environment, invoke API with required set of parameters and then finally analyze the result.

Setting initial environment become complex because GUI is not involved. It is very easy to setup initial condition in GUI, In most cases you can find out in a glance whether system is ready or not. In case of API this is not the case, you need to have some way to make sure that system is ready for testing.

This can be divided further in test environment setup and application setup. Things like database should be configured, server should be started are related to test environment setup. On the other hand object should be created before calling non static member of the class falls under application specific setup.

Initial condition in API testing also involves creating conditions under which API will be called. Probably, API can be called directly

or it can be called because of some event or in response of some exception.

Output of API could be some data or status or it can just wait for some other call to complete in a-synchronized environment. Most of the test cases of API will be based on the output, if API Return value based on input condition

This are relatively simple to test as input can be defined and results can be

validated against expected return value. For example, It is very easy to write test cases for int add(int a, int b) kind of API. You can pass different combinations of int a and int b and can validate these against known results.

Does not return anything

For cases like these you will probably have some mechanism to check behavior of API on the system. For example, if you need to write test cases for delete(ListElement) function you will probably validate size of the list, absence of list element in the list.

Trigger some other API/event/interrupt

If API is triggering some event or raising some interrupt, then you need to listen for those events and interrupt listener. Your test suite should call appropriate API and asserts should be on the interrupts and listener.

Update data structure

This category is also similar to the API category which does not return anything. Updating data structure will have some effect on the system and that should be validated. If you have other means of accessing the data structure, it should be used to validate that data structure is updated.

Modify certain resources

If API call is modifying some resources, for example updating some database, changing registry, killing some process etc, then it should be validated by accessing those resources.

You should not get confused with API Testing and Unit Testing. API testing is

not Unit testing. Unit testing is owned by dev team and API by QE team. API is mostly black box testing where as unit testing is essentially white box testing. Unit test cases are typically designed by the developers and there scope is limited to the unit under test. In API testing, test cases are designed by the QE team and there scope is not limited to any specific unit, but it normally cover complete system.

Main Challenges of API Testing can be divided into following categories.

Parameter Selection Parameter combination Call sequencing ============================================== =================================== An API (Application Programming Interface) is a collection of software functions and procedures, called API calls, that can be executed by other software applications. Application developers code that links to existing APIs to make use of their functionality. This link is seamless and end-users of the application are generally unaware of using a separately developed API. During testing, a test harness-an application that links the API and methodically exercises its functionality-is constructed to simulate the use of the API by end-user applications. The interesting problems for testers are: 1. Ensuring that the test harness varies parameters of the API calls in ways that verify functionality and expose failures. This includes assigning common parameter values as well as exploring boundary conditions. 2. Generating interesting parameter value combinations for calls with two or more parameters. 3. Determining the content under which an API call is made. This might include setting external environment conditions (files, peripheral devices, and so forth) and also internal stored data that affect the API. 4. Sequencing API calls to vary the order in which the functionality is exercised and to make the API produce useful results from successive calls.