API Testing forms a core part of testing applications, it's faster than functional GUI test, which overall guarantees essential functionality and can easily incorporate with GUI testing. As with any attempt, some challenges will occur. Testing APIs is not an exception.
Most common challenges of API Testing
Let's find out what they are and how to overcome.
Schema Update
During the development life cycle, an input/output schema skeleton may vary time to time due to the business requirements. If a new parameter added in the request, the coverage has to increase with all combinations using new parameter and possible data combination.
Solutions: using tools to generate schema skeleton and validate against the committed one. Contract testing can be ultimately beneficial in this case.
Parameter Combinations
In today API development, API takes various inputs so there will be huge amount of combination to be tested. The verification on missing or mandatory parameters is quite simple but testing on combination will be more struggling as it get increased with more optional data.
There might be some parameters (boolean, number, ...) can make differences in business cases and response which is to be tested.
For example, we have mandatory parameters A, B and optional parameters C, D and E.
Here are all combinations:
A, B, C
A, B, D
A, B, E
A, B, C, D
A, B, C, E
A, B, D, E
A, B, C, D, E
Solutions: applying Pairwise/All Pairs testing in generating set of combinations is a good way that not over exhaustive. More effectively, try to write an method to combine all optional/mandatory parameters in order to increase test coverage (of course, you should do it by automated test rather than manual execution) :D
I will show you guys a function I built on my automation framework that support generating all combinations from optional/mandatory parameters (in another post). Stay tune!!!
API Call Sequencing
In many cases, API calls need to appear in a specific order to work correctly. This creates a sequencing challenge for the testing team.
For example, if a call to return a user’s profile information goes through before the profile is created, the request will return an error. Alternatively, a call to create a map needs to run prior to placing location pins on the map to work correctly. This process can get increasingly difficult when working with multiple-threaded applications.
Solutions: one of the best ways to control the problem of sequencing the API calls is to prepare a flowchart to visualize the API calls. This will support modern developers to build API calls and integrate them more rapidly without causing complications.
Request data validation
Validating the parameters is one of the essential things but challenging sometimes. It must demonstrate how fast you are serving those parameters. Each parameter might be designed to carry a specific value and it need to be validated. It might be a number range, max length, acceptance of specific value/string, so on.
For example, U.S. phone numbers should appear in a 10-digit format, and returning a 5-digit zip code should trigger an invalidation error.
Solutions: try to break down into each parameter and check all the cases of that specific parameter (invalid values, not supported format, oversized, undersized, ...).
See you guys in the coming posts.
Comments