API Testing Workshop

Learn foundational API testing, including hands-on practice, best practices, tools, and techniques.

Description

One of the test principles is the Pesticide Paradox: "Every method you use to prevent or find bugs leaves a residue of subtler bugs against which those methods are ineffectual" - Boris Beizer. Your testing strategy must account for a wide distribution of potential bugs to prevent them from going to production. Even if you are a great tester, you can improve your approach by using multiple angles, including API testing.

The API acts as the "plumbing" for a system. For web applications, developers use a web API to communicate between the client and server. This API is often regular text that follows a known pattern understood by both sides.

Accessing this layer allows us to test differently. In the UI, certain invalid inputs are prevented, but the API may allow any possible ordering of text, opening up many opportunities to find defects.

Testing at the API level is valuable because it enables data-driven testing and can be faster and more robust than UI-only testing. It can also be used to test security, such as whether the server implicitly trusts what the client sends. Finally, it is an excellent way to confirm that invalid information receives helpful responses. A large portion of development work is debugging and maintenance, and APIs that return useful messages go a long way toward that goal.

Join us for this workshop-style class where we examine and practice the benefits of API testing using commercial and open-source software. Students leave with a stronger appreciation of API testing and practical ways to apply it in their work.

Course Duration and Schedule

Two-Day Format

8:30 AM - 4:30 PM each day with a 1-hour lunch break and morning and afternoon breaks.

Three-Day Format

11:30 AM - 5:00 PM each day with afternoon breaks.

Upcoming Training

There are currently no scheduled classes for this course. If you would like to request one, click here for more information.

Request a Class

Course Outline

Introduction to API Testing

  • An introduction to API testing
  • Reasons for API testing
  • What software uses APIs

API Formats and Protocols

  • RESTful
  • SOAP
  • JSON
  • HTML
  • Plain text
  • YAML
  • gRPC
  • Protobuf
  • Historical protocols (CORBA, RPC)

Software Testing with APIs

  • General testing mindset
  • Agile test pyramid
  • End-to-end testing
  • TDD
  • Functional and non-functional testing
  • Manual exploratory testing

API Testing Techniques

  • Focus on negative cases
  • Clarity of error messages
  • Security concerns
  • Performance
  • Avoiding the network
  • Authorization testing (query string, body, headers)
  • Data-driven testing
  • Fuzzing
  • Required inputs
  • API contracts
  • Character encoding
  • Min-size/max-size tests
  • External APIs
  • Debugging
  • Documenting
  • Caching

API Testing Tools

  • General programming languages
  • Postman
  • SoapUI
  • Specialized tools for external APIs
  • Swagger
  • Network sniffers

Related Courses

Agile Tester

Agile Tester course from Coveros with practical strategies for secure, agile software delivery.

AI for Testers

This hands-on course helps testers understand how to leverage AI to improve software test planning, execution, automation, and reporting.

Behavior-Driven Development

Learn how to use behavior-driven development to create shared understanding, improve collaboration, and drive quality software delivery...

Certified Tester Advanced Level Test Manager

Prepare for the ISTQB Advanced Level Test Management (CTAL-TM) v3.0 certification with updated best practices for managing test activities,...