API Testing and Development with Postman : API Creation, Testing, Debugging, and Management Made Easy

API Testing and Development with Postman API Creation, Testing, Debugging, and Management Made Easy

Postman is an invaluable tool for exploration and testing of web APIs and helping testers and developers figure out how an API works. With Postman, you can create effective test automation for any APIs, and this guide will help you unleash its full potential. API Testing and Development with Postman...

Descripción completa

Detalles Bibliográficos
Otros Autores: Westerveld, Dave, author (author)
Formato: Libro electrónico
Idioma:Inglés
Publicado: Birmingham, England : Packt Publishing [2024]
Edición:Second edition
Colección:Expert insight.
Materias:
Application program interfaces (Computer software)
Application program interfaces (Computer software) > Testing.
Ver en Biblioteca Universitat Ramon Llull:https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009835407506719
Tabla de Contenidos:
  • Cover
  • Copyright
  • Contributors
  • Table of Contents
  • Preface
  • Chapter 1: API Terminology and Types
  • What is an API?
  • Types of API calls
  • Installing Postman
  • Starting Postman
  • Setting up a request in Postman
  • Saving a request
  • The structure of an API request
  • API endpoints
  • API actions
  • API parameters
  • Request parameters
  • Query parameters
  • API headers
  • API body
  • API response
  • Learning by doing - making API calls
  • Setting up the test application
  • Making a call to the test application
  • A challenge
  • Considerations for API testing
  • Beginning with exploration
  • Exploratory testing case study
  • Looking for business problems
  • Trying weird things
  • Different types of APIs
  • REST APIs
  • SOAP APIs
  • SOAP API example
  • GraphQL APIs
  • GraphQL API example
  • Summary
  • Chapter 2: API Documentation and Design
  • Technical requirements
  • Start with the purpose
  • Figuring out the purpose of an API
  • Personas
  • The why
  • Try it out
  • Creating usable APIs
  • Usable API structure
  • Good error messages
  • Documenting your API
  • Documenting with Postman
  • Good practices for API documentation
  • RESTful API Modeling Language
  • API design example
  • Case study - Designing an e-commerce API
  • Defining the endpoints
  • Defining the actions
  • Adding query parameters
  • Using the RAML specification in Postman
  • Modeling an existing API design
  • Summary
  • Chapter 3: OpenAPI and API Specifications
  • Technical requirements
  • What are API specifications?
  • API specification terminology
  • Defining API schema
  • Types of API specifications
  • RAML
  • API Blueprint
  • OpenAPI/Swagger (OAS)
  • Creating an OAS
  • Parts of an OAS
  • Petstore OAS schemas
  • Creating your own OAS
  • Starting the file
  • Understanding the API schema
  • Defining parameters
  • Describing request bodies
  • Using examples.
  • Using API specifications in Postman
  • Creating a mock server
  • Validating requests
  • Summary
  • Chapter 4: Considerations for Good API Test Automation
  • Technical requirements
  • Exploratory and automated testing
  • Exercise - considerations for good API test automation
  • Writing good automation
  • Types of API tests
  • Organizing and structuring tests
  • Creating the test structure
  • Organizing the tests
  • Environments
  • Collection variables
  • Choosing a variable scope
  • Exercise - using variables
  • Creating maintainable tests
  • Using logging
  • Test reports
  • Creating repeatable tests
  • Summary
  • Chapter 5: Understanding Authorization Options
  • Understanding API security
  • Authorization in APIs
  • Authentication in APIs
  • API security in Postman
  • Getting started with authorization in Postman
  • Using Basic Auth
  • Using bearer tokens
  • Using API keys
  • Using AWS Signature
  • Using OAuth
  • Setting up OAuth 2.0 in Postman
  • OAuth 1.0
  • Digest authentication
  • Hawk authentication
  • Using NTLM authentication
  • Using Akamai EdgeGrid
  • Handling credentials in Postman safely
  • Summary
  • Chapter 6: Creating Test Validation Scripts
  • Technical requirements
  • Checking API responses
  • Checking the status code in a response
  • Using the pm.test method
  • Using Chai assertions in Postman
  • Try it out
  • Checking the body of a response
  • Checking whether the response contains a given string
  • Checking JSON properties in the response
  • Try it out
  • Checking headers
  • Custom assertion objects in Postman
  • Creating your own tests
  • Try it out
  • Creating folder and collection tests
  • Cleaning up after tests
  • Setting up pre-request scripts
  • Using variables in pre-request scripts
  • Passing data between tests
  • Building request workflows
  • Looping over the current request
  • Running requests in the collection runner.
  • Using environments in Postman
  • Managing environment variables
  • Summary
  • Chapter 7: Data-Driven Testing
  • Technical requirements
  • Defining data-driven testing
  • Setting up data-driven inputs
  • Thinking about the outputs for data-driven tests
  • Creating a data-driven test in Postman
  • Creating the data input
  • Adding a test
  • Comparing responses to data from a file
  • Challenge - data-driven testing with multiple APIs
  • Challenge setup
  • Challenge hints
  • Summary
  • Chapter 8: Workflow Testing
  • Different types of workflow tests
  • Linear workflows
  • Business workflow
  • Workflow testing with the Flows feature in Postman
  • Configuring a Send Request block
  • Building a Flow in Postman
  • Advice for creating workflow tests
  • Checking complex things
  • Checking things outside of Postman
  • Summary
  • Chapter 9: Running API Tests in CI with Newman
  • Technical requirements
  • Getting Newman set up
  • Installing Newman
  • Installing Node.js
  • Using npm to install Newman
  • Running Newman
  • Understanding Newman run options
  • Using environments in Newman
  • Running data-driven tests in Newman
  • Other Newman options
  • Reporting on tests in Newman
  • Using Newman's built-in reporters
  • Using external reporters
  • Generating reports with htmlextra
  • Creating your own reporter
  • Integrating newman into CI/CD builds
  • General principles for using Newman in CI/CD builds
  • Example - using GitHub Actions
  • Summary
  • Chapter 10: Monitoring APIs with Postman
  • Setting up a monitor in Postman
  • Creating a monitor
  • Using additional monitor settings
  • Receive email notifications for run failures and errors
  • Retry if run fails
  • Set request timeout
  • Set delay between requests
  • Follow redirects
  • Enable SSL validation
  • Adding tests to a monitor
  • Viewing monitor results
  • Cleaning up the monitors
  • Summary.
  • Chapter 11: Testing an Existing API
  • Finding bugs in an API
  • Setting up an API for testing
  • Testing the API
  • Finding bugs in the API
  • Resetting the service
  • Example bug
  • Automating API tests
  • Reviewing API automation ideas
  • Setting up a collection in Postman
  • Creating the tests
  • An example of automated API tests
  • Setting up a collection in Postman
  • Creating the tests
  • Updating the environment
  • Adding tests to the first request
  • Adding tests to the second request
  • Adding tests to the POST request
  • Cleaning up tests
  • Adding tests to the PUT request
  • Adding tests to the DELETE request
  • Sharing your work
  • Sharing a collection in Postman
  • Summary
  • Chapter 12: Creating and Using Mock Servers in Postman
  • Getting started with mock servers
  • What is a mock server?
  • When to use a mock server
  • Things to be careful of with mock servers
  • Setting up mock servers in Postman
  • Modifying mock server values
  • Creating more mock values
  • Mocking route parameters
  • Mocking dynamic data
  • Using mock servers
  • Using private servers
  • Mocking a third-party API
  • Summary
  • Chapter 13: Using Contract Testing to Verify an API
  • Understanding contract testing
  • What is contract testing?
  • How to use contract testing
  • Who creates the contracts?
  • Consumer-driven contracts
  • Provider-driven contracts
  • Setting up contract tests in Postman
  • Creating a contract testing collection
  • Adding tests to a contract test collection
  • Running contract tests
  • Using Postman Interceptor
  • Running and fixing contract tests
  • Fixing contract test failures
  • Sharing contract tests
  • Summary
  • Chapter 14: API Security Testing
  • OWASP API Security list
  • Authorization and authentication
  • Broken object-level authorization
  • Broken property-level authorization
  • Unrestricted resource consumption.
  • Unrestricted access to business workflows
  • Unsafe consumption of APIs
  • Fuzzing
  • Fuzz testing with Postman
  • Cleaning up the tests
  • Fuzzing with built-in methods in Postman
  • Summary
  • Chapter 15: Performance Testing an API
  • Different types of performance load
  • Processing load
  • Memory load
  • Connection load
  • Using load profiles in Postman
  • Fixed load profile
  • Spike load profile
  • Ramp load profile
  • Endurance load profile
  • Running performance tests in postman
  • Running multiple requests
  • Performance testing considerations
  • When to do performance testing
  • Benchmarking
  • Repeatability
  • Collaboration and communication
  • Summary
  • Packt page
  • Other Books You May Enjoy
  • Index.

Ejemplares similares