About the course
When developing software, have you ever thought what happens behind the scenes, how data flows between systems, or how processes are triggered? Making a payment to purchase goods online is one example where an Application Programming Interface (API) enables numerous software components to communicate, and effectively share and receive significant data. Ensuring this all goes according to plan is the purpose of API testing.
Starting with the fundamentals of API testing, test pyramid, different API types, request/response, API core methods for data retrieval and submission, setting up Postman environment, and creating various requests, you will rapidly move on to mastering API testing principles, including request/response headers, payload, JSON/SOAP data transfer configuration. The course then delves into essential API testing security measures such as authentication, transport layer security, and rate limiting.
Guided by an expert API testing instructor, you will gain the practical skills and confidence to apply these techniques to real-world testing scenarios, enabling you to write efficient, secure and maintainable API tests for commercial applications.
Instructor-led online and in-house face-to-face options are available - as part of a wider customised training programme, or as a standalone workshop, on-site at your offices or at one of many flexible meeting spaces in the UK and around the World.
-
- Understand APIs: Explain the significance of an API, the different types available (REST, SOAP, GraphQL), and how API testing complements UI testing.
- Use Postman: Set up your Postman environment and use its key features to design, develop, and execute API tests.
- Master API Protocols: Understand the fundamentals of the HTTP(S) protocol, including core methods like GET, POST, PUT, and DELETE, as well as request/response headers and payloads.
- Apply Security: Understand the essentials of API security, including authentication, transport layer security, and rate limiting.
- Create Tests: Design and develop a variety of API tests and organize them into collections.
- Debug & Report: Debug, save, share, and manage API requests and understand the intricacies of test responses.
-
This course is for anyone looking to build a strong foundation in API testing. It is ideal for:
New Testers: Individuals new to API testing who want to learn the fundamentals with Postman.
QA Analysts: Testers with experience in other approaches (like UI testing) who want to add API testing to their skill set.
Developers: Professionals who want to validate their APIs and ensure secure data flow between systems.
-
Delegates should have some software testing experience, but no prior API testing experience is assumed. Some knowledge of querying databases is useful but not mandatory.
-
Introduction to API Testing
Theory and concepts of API testing.
The test pyramid and its role in API testing.
Testing essentials: positive and negative test cases.
API Testing Protocols
Fundamentals of the HTTP(S) protocol, endpoints, and payloads.
Different types of APIs: REST, SOAP, and GraphQL.
API call demonstration using Browser Developer Tools.
Fundamentals of API Testing
Differences between common HTTP methods: GET, POST, DELETE, PUT, and PATCH.
Path parameters vs. query parameters.
Setting Up the API Test Environment
Registration setup in Postman.
Overview of the Postman web and desktop versions.
Creating API Requests
Locating and using sample APIs for testing.
Designing and developing API tests using all HTTP methods.
Request/response header specifications.
Understanding responses via received payloads.
Postman Collections, debugging, saving, and sharing requests.
API Testing Security Essentials
The API security checklist.
Authentication and authorization in Postman.
Practical exposure to transport layer security.
Best practices for testing API rate limiting.
Summary and Conclusion
Review of key concepts and Q&A.
-
Sign up to Postman (including free-tier subscription)
Official Postman documentation
Postman extension for Visual Studio Code
Trusted by
