API Testing. Postman. Interview.
How can we stop executing requests or stop the collection run?
postman.setNextRequest(null);
What is the HTTP response code for a POST request with incorrect parameters?
400 Bad Request is an ideal response code for request with incorrect parameters.
What is a Postman Collection?
A Postman Collection lets us to group individual requests together. Simply it allows us to organize the requests into folders.
What is the purpose of Postman cloud if we are working in a company? Why?
A Postman cloud is a common repository of companies to access Postman collections. In Postman cloud, work can be saved instantly after logging in. Anyone from the team can access data/collections from anywhere.
What do you understand by the term Postman Collection runners?
A postman collection runner is used to perform Data-driven testing. The group of API requests are run in a collection for the multiple iterations with different sets of data.
What are the advantages of API Testing?
API Testing is time effective when compared to GUI Testing. API test automation requires less code so it can provide faster and better test coverage. API Testing helps us to reduce the testing cost. With API Testing we can find minor bugs before the GUI Testing. These minor bugs will become bigger during GUI Testing. So finding those bugs in the API Testing will be cost-effective to the Company. API Testing is language independent. API Testing is quite helpful in testing Core Functionality. We can test the APIs without a user interface. In GUI Testing, we need to wait until the application is available to test the core functionalities. API Testing helps us to reduce the risks.
Explain API framework?
API framework is self-explanatory. Values for test run and for holding the configurable parts, config file is used. Automated test cases must represent in " parse-table" format within config file. When testing API, it is not necessary to test each API so the config file have some section whose all API are activated for that specific run.
What is an API?
API is an acronym and it stands for Application Programming Interface. API is a set of routines, protocols, and tools for building Software Applications. APIs specify how one software program should interact with other software program. In simple words, API stands for Application Programming Interface. API acts as an interface between two software applications and allows the two software applications to communicate with each other. API is a collection of software functions which can be executed by another software program.
What is API Testing?
API testing is a type of software testing that involves testing APIs directly and also as a part of integration testing to check whether the API meets expectations in terms of functionality, reliability, performance, and security of an application. In API Testing our main focus will be on the Business logic layer of the software architecture. API testing can be performed on any software system which contains multiple APIs.
What are the common API Testing Types?
API testing typically involves the following practices: Unit testing Functional testing Load testing Runtime/ Error Detection Security testing UI testing Interoperability and WS Compliance testing Penetration testing Fuzz testing
What are the core components of an HTTP request?
An HTTP request includes five key elements: HTTP methods - Set of request methods to perform desired action for a given resource (GET, PUT, POST, DELETE) Uniform Resource Identifier (URI) - Describes the resource HTTP Version, (example- HTTP v1.1) Request Headers, (example- Content-type : application/json, Content-Length : 511) Payload - It is basically a Request Body which includes message content.
What is meant by the term environment in postman?
An environment in postman is a set of key value pairs. You can create multiple environments in postman which can be switched quickly with a press of a button. There are 2 types of environment, global and local.
How can we use Postman history and save requests from the Postman history to the existing or new collections?
Any request that gets executed through the Postman application, is available for reference in the History section of the application. So in case, the request was not saved to a collection before it was executed, we can always go back to the history section to fetch the executed request and save it to the collection.
What exactly needs to be verified in API Testing?
Basically, on API Testing, we send a request to the API with the known data and we analyze the response.1. Data accuracy2. HTTP status codes3. Response time3. Error codes in case API return any errors4. Authorization checks5. Non-functional testing such as performance testing, security testing
How can you iterate a request 100 times in Postman?
By using Collection Runner
What can we use to get API information from web developer tools into Postman?
Copy as cURL can get API information from web developer tools into Postman.
In API document explain how to document each function ?What are the tools used for documentation?
Description: Small description about what a function does Syntax: Syntax about the parameter of the code, the sequence in which they occur, required and optional elements etc. Parameters: Functions parameters Error Messages: Syntax of error messages Example Code: Small snippet of code Related Links: Related functions
State The Core Components of an HTTP Response?
Every HTTP response contains four key elements. Status/Response Code - These are response codes issued by a server to a client's request. For example, 404 means Page Not Found, and 200 means Response is OK. HTTP Version - describes HTTP version, for example-HTTP v1.1. Response Header - Includes information for the HTTP response message. For example, Content-type, Content-length, date, status and server type. Response Body - It contains the data that was requested by a client to server.
What is GUID?
GUID stands for Global Unique Identifier. It is basically hexadecimal digits separated by hyphens. GUID solves the purpose of uniqueness. In Postman, we use this to generate and send a random value to APIs. 1 2 3 { "id": "{{$guid}}", } Read more on GUID here
When do we use global variables, collection variables, and local variables?
Global variables are general purpose variables, ideal for quick results, and prototyping. They are used while passing data to other requests. Collection variables can be mostly used for storing some constants that do not change during the execution of the collection. They are used for constants that do not change during the execution and also for URLs / authentication credentials if only one environment exists. Local variables are only available within the request that has set them or when using Newman/Collection runner during the entire execution. They are used whenever you would like to override all other variable scopes.
Which one will be preferred in postman- a global variable or a local variable?
In postman, if 2 variables have the same name (one being local, other global) then the higher priority is of the local variable. It will overwrite the global variable.
What are the types of bugs we face when performing API testing?
Issues observed when performing API testing are Stress, performance, and security issues Duplicate or missing functionality Reliability issues Improper messaging Incompatible error handling mechanism Multi-threaded issues Improper errors
Why is it not preferred to save work in Postman cloud?
It is not preferred to save your work in Postman cloud as company's work is not allowed to be leaked and remain confidential. Security breaches can be experienced if Postman cloud is used as Postman cloud requires sign in. Therefore Postman Cloud is discouraged for saving work and team workspace is highly encouraged.
What is the purpose of status code 304?
It means NOT MODIFIED. It is used to reduce network bandwidth usage in case of conditional GET requests. Response body should be empty. Headers should have date, location etc.
Define status code 201?
It means created, when a resource is successfully created using POST or PUT request. It returns a link to a newly created resource using the location header.
Which programming language is used for Postman tests?
JavaScript
How do you remove local variables?
Local variables are automatically removed once the tests have been executed.
What are some of the JS libraries available in Postman?
Lodash, Moment, GUID
Which tool can be used to run Postman Collections in Jenkins?
Newman can be used.
How can you generate HTML based reports running tests through the Postman?
Newman uses the concept of reporters and templates to generate HTML reports for the executed collection. Hence, to generate HTML reports, you first need to install a reporter. You can install any of the available HTML reporters like Newman-reporter-html as a node package through the below command. npm install -g newman-reporter-html Once the HTML reporter is installed, we can use the Newman command to run the collection with -r flag i.e. the reporter flag and specify the reporter name as HTML. The below command is used: newman run {{path to collection json}} -e {{path to environment json if any}} -r html Please note that as we have not mentioned the name or folder where we want the reports to get generated, by default the reports will be generated in a folder named "Newman" that gets created in the same directory where the Newman command is executed from.
Can you use GET request instead of PUT to create a resource?
No, GET request only allows read only rights. It enables you to retrieve data from a server but not create a resource. PUT or POST methods should be used to create a resource.
What is the difference between PUT and POST methods?
PUT and POST methods are sometimes confused in regards to when each should be used. Using POST request, our intent is to create a new object on the server whereas with PUT request, our intent is to replace an object by another object. POST should be used when the client sends the page to the server and then the server lets the client know where it put it. PUT should be used when the client specifies the location of the page
In which type of encoding does postman accept authorization credentials?
Postman accepts Base64 encoding only. This is provided inbuilt in postman or else you can also refer 3rd party websites to convert the credentials in base64.
How can Postman be used to create Mock Servers?
Postman allows users to simulate backend servers or any API endpoints that are still under active development and to run an integration test or end to end test, you still need to get some pre-defined response through those endpoints. Refer to the above diagram, where a front end server/API has few downstream dependencies, of which one dependency is still a work in progress. To reduce the dependency of the front end being able to use the downstream until its complete, we can create a mock for the downstream and use it till the time the downstream dependency is not complete. Thus mock servers are nothing but a fake implementation for the backend. To create/use mock servers, a user should be registered with Postman at least for a free account (Postman allows users to register for a free account through the user's email). Also, please note that for a free account the no. of calls to a mock server is limited to 1000 (This limit can be increased by buying an enterprise plan or purchasing an additional quota from the Postman account usage page). To create a mock server, you can use an existing collection i.e if you want to create a mock for your entire collection or add requests when creating a mock server. Follow the below steps to create a mock server: a) Click New and select "Mock Server". b) Add request method(s) to be mocked and add the response code and response body to be returned while the particular API endpoint is called.c) Click Next and choose the mock server name (If you want this mock server to be private, then an authorization header named x-api-key which will be generated for the user profile through which Postman is signed in will be required). d) Click "Create Mock Server". Essentially this will host your API endpoint on some Postman server and will return the set response whenever the particular endpoint is called. e) It will also create a new environment file (that was set during the mock server setup) and set the URL of the mocked API endpoint as an environment variable. f) You are all done and now, you can use this mocked endpoint to send requests to. This mocked implementation can be used for dependent services in the actual code if the real services are still under deployment.
Is it possible to Log Requests and Responses in Postman?
Postman allows viewing the response body and other request parameters in the application itself. But there are times when we have applied pre-request scripts and as we are unable to see details about the request URLs and headers that were used while executing the request, and it's always important to see how the actual request looked like. To view complete Requests and Responses for the executed collection or individual request, Postman provides an additional tool console called "Postman Console" and it can be used to view all the requests/response details. It's also useful to see the output of any console.log statements that are a part of the pre-request scripts or tests.
How can you set headers for all the requests that are in a particular Postman collection?
Postman collections allow adding pre-request scripts at both the collection as well as individual request level. To add any script that applies to all the requests that are present in the collection, we will need to add a pre-request script at the collection level. Please follow the below steps to add a collection level pre-request script for adding a header to all the requests. a) Open collection options by right-clicking the collection and navigate the pre-request script tab.b) Now add the below script for adding a request header for all the requests. pm.request.headers.add({ key: 'TestHeader', value: 'testValue' }); c) Click Update to save the collection level pre-request script. d) Now execute any request in the collection (directly or through collection runner) and view the request details in the Postman console debugger to validate if the pre-request script is working fine and adding the specified header.
How can Postman collections run through the command line?
Postman has a command-line integration tool called Newman with which you can run any existing Postman collection. Newman is a nodejs based package, which requires just a node environment to execute the collection and has full parity with the Postman collection runner i.e. the Newman collection runner supports the Postman capabilities like Running assertions, Pre-request scripts or any other scripts that are associated with the requests that are a part of the collection. To use Newman: You need to have node installed. Now the Newman package needs to be installed through npm using the command. npm install -g newman The collection needs to be executed and the associated environment configuration should be first exported to its JSON form through the Postman application Now run the below command to run the Postman collection through Newman. newman run {{path to collection json}} -e {{path to environment json if any}}
Why Postman?
Postman has become a tool of choice for over 8 million users. Free: It is free to download and use for teams of any size. Easy: Just download it and send your first request in minutes. APIs Support: You can make any kind of API call (REST, SOAP, or plain HTTP) and easily inspect even the largest responses. Extensible: You can customize it for your needs with the Postman API. Integration: You can easily integrate test suites into your preferred CI/CD service with Newman (command line collection runner) Community & Support: It has a huge community forum
What is Postman?
Postman is a collaboration platform for API development. It is a popular API client and it enables you to design, build, share, test, and document APIs. Using the Postman tool, we can send HTTP/s requests to a service, as well as get their responses. By doing this we can make sure that the service is up and running. Being originally a Chrome browser plugin, Postman now extends its solution with the native version for both Mac and Windows.
What are Postman Monitors?
Postman monitors are nothing but collection monitors that are set up and are executed as per the configured frequency. These are generally used when someone wants their collection to run at a particular frequency and the results are required to be monitored with failures being notified through email or slack integration. Generally, teams with their infrastructure like CI and own cloud servers would not prefer to use Postman defined monitors as it would run only on published or public endpoints or on mocked endpoints (if configured through mock servers).
How can we use Custom Javascript Libraries with Postman Pre-request Scripts or Tests?
Postman sandbox provides a lot of libraries that are built-in and are available for usage. For a complete list of such libraries, refer here to use these libraries, and you will need to add them in pre-request scripts or tests using 'require'. Let's see one such example using moment.js and this library provides a lot of helpful functions to perform formatting around time. Let's say, there is a POST request which has to say, created date for a user and it expects the date format YYYY-MM-DD. Though it could be achieved using plain javascript as well, moment.js can do this with one line of code. Let's see this in action now. In the pre-request script, just add the following line of code, to get the formatted data, stored in an environment variable. var moment = require('moment'); pm.environment.set('formattedDate',moment().format('YYYY-MM-DD')); Another example of the moment could be to add a particular value to the current date and use it in the request body. For example, you want to set a field like an expiry date, to current date + 2 days, as well as with formatting to 'YYYY-MM-DD', and you can simply use the script as below. pm.environment.set('expiryDate',moment().add(2,'days').format('YYYY-MM-DD')); In the above script, we can see that we've added or included 'moment.js' library and used the object as a simple Javascript code. Similar to pre-request scripts, these libraries or modules can be used in the post-request scripts or tests as well to do similar stuff. Other libraries are available like crypto js which could be useful to convert a text to encrypted value like Base 64 or encoded hash and could be used as a part of the request body.
How can you import requests in formats other than cURL into Postman?
Postman supports a lot of common request formats to export requests to. Example. Java, C#, Python, PHP, etc. It supports almost all the commonly used libraries and language bindings. For importing requests, it supports cURL for now. i.e. you can paste a curl command in request import and it gets converted to Postman requests, but the same cannot be done using any other language bindings like Java, Python, etc. The other way to import multiple requests at once is to import the entire collection directly through a file or collection JSON pasted as raw text in the import window.
What's the use of Workspaces in Postman?
Postman workspaces are nothing but collaboration areas or space for one or many people to work on the same collection or set of collections. It's a way to logically separate the collections or requests from each other. In other words, it is simply an abstraction in terms of logical separation of requests. 2 types of Workspaces are supported by Postman i.e. Team, and Personal. #1) Team Workspaces are created for collaborating with multiple people that are a part of the same team. Look at it from the perspective of a common shared repository in git, where anyone can pull the repository code and contribute. Similarly, for all the people who are part of the team, the workspace gets shared and everyone can contribute. You can also invite new users to collaborate with your collection by sharing their email id and when someone joins or accepts that invite they will be able to collaborate with that collection. #2) Personal Workspaces are a way to logically separate collections (or projects) from one another. These are useful when you are working with multiple projects and you wish to separate the associated requests/collections from each other. then you can create separate workspaces for both the projects. To create a new workspace (either team or personal), simply click the workspace icon and then click "Create New". Once the workspace properties window opens, select whether you want to create a personal or team workspace. For team workspace, you can choose to invite people with their email addresses by asking them to collaborate on the workspace.
What will execute first in a Collection Run?
Pre-request scripts at the Collection level are executed first in a Collection run.
Where are query parameters stored in a GET request?
Query parameters are stored in the URL in a GET request.
What is a REST API?
REST stands for Representational State Transfer. It is a set of functions helping developers in performing requests and receive responses. Interaction is made through HTTP Protocol in REST API.
What API information is exposed in Web Developer tools?
Request headers, Response body, Response cookies
What is Soap?
SOAP stands for Simple Object Access Protocol. It is an XML based messaging protocol. It helps in exchanging information among computers.
Difference between SOAP and REST?
SOAP:1. SOAP is a protocol through which two computers communicate by sharing XML document2. SOAP supports only XML format3. SOAP does not support caching4. SOAP is slower than REST5. SOAP is like a custom desktop application, closely connected to the server6. SOAP runs on HTTP but envelopes the message REST:1. REST is a service architecture and design for network-based software architecture2. REST supports different data formats3. REST supports caching4. REST is faster than SOAP5. REST client is just like a browser and uses standard methods An application has to fit inside it6. REST uses the HTTP headers to hold meta information
Can global scope variables have duplicate names in postman?
Since global variables are global i.e. without any environment, global variables cannot have duplicate names. Local variables can have the same name but in different environments.
List some most used templates for API documentation?
Some of the API documentation templates are as follows. Swagger FlatDoc RestDoc API blueprint Slate Miredot Web service API Specification.
Name some most commonly used HTTP methods?
Some of the HTTP methods are GET: It enables you to retrieve data from a serverPOST: It enables you to add data to an existing file or resource in a serverPUT: It lets you replace an existing file or resource in a serverDELETE: It lets you delete data from a serverPATCH: It is used to apply partial modifications to a resourceOPTIONS: It is used to describe the communication options for the target resourceHEAD: It asks for a response identical to that of a GET request, but without the response body
What are the main challenges faced in API testing?
Some of the challenges we face while doing API testing are as follows Selecting proper parameters and its combinations Categorizing the parameters properly Proper call sequencing is required as this may lead to inadequate coverage in testing Verifying and validating the output Due to the absence of GUI, it is quite difficult to provide input values
What are the common tests that are performed on APIs?
Some of the common tests we perform on APIs are as follows. 1. Verify whether the return value is based on the input condition. The response of the APIs should be verified based on the request.2. Verify whether the system is authenticating the outcome when the API is updating any data structure3. Verify whether the API triggers some other event or request another API4. Verify the behavior of the API when there is no return value
Name some of the API examples which are quite popular.
Some of the popular API examples are Google Maps API YouTube Twitter Amazon Advertising API
Name some of the common protocols used in API Testing?
Some of the protocols using in API Testing are as follows: HTTP REST SOAP JMS UDDI
Name some tools used for API Testing?
Some of the tools used for API Testing are as follows: Postman Katalon Studio SoapUI Assertible Tricentis Tosca Apigee JMeter Rest-Assured Karate DSL API Fortress Parasoft HP QTP(UFT) vREST Airborne API Science APIary Inspector Citrus Framework Hippie-Swagger HttpMaster Express Mockbin Ping API Pyresttest Rest Console RoboHydra Server SOAP Sonar Unirest WebInject
Name some tools used for API Testing?
Some of the tools used to do API Testing are as follows Postman Katalon Studio SoapUI Tricentis Tosca Apigee Jmeter
What is the difference between form data and x-www-form-urlencoded ?
The difference between the form data and x-www-form-urlencoded is that the url will be encoded when sent through x-www-form-urlencoded.
Mention what the main areas to be taken in consideration while writing API document ?
The key area to be considered when writing API documents are Source of the content Document plan or sketch Delivery layout Information required for each function in the document Automatic document creation programs
What do you mean by postman monitors?
The postman monitor is used for running collections. Collections are run till specified time defined by the user. Postman Monitor requires the user to be logged in. Monitor reports are shared by users over email on a daily/monthly basis.
How to test API's ?
To test the API's you should follow the following steps Select the suite in which you want to add the API test case Choose test development mode Develop test cases for the desired API methods Configure application control parameters Configure test conditions Configure method validation Execute API test View test reports Filter API test cases Sequence API test cases
How is UI testing is not similar to API testing?
UI (User Interface) testing is to test the graphical interface part of the application. Its main focus is to test the look and feel of an application. On the other hand, API testing enables the communication between two different software systems. Its main focus is in the business layer of the application.
Difference between API testing and Unit Testing?
UNIT TESTING: Unit testing is conducted by the Development Team Unit testing is a form of White box testing Unit testing is conducted prior to the process of including the code in the build Source code is involved in Unit testing In unit testing, the scope of testing is limited, so only basic functionalities are considered for testing API TESTING: API testing is conducted by QA Team API testing is a form of Black box testing API testing is conducted after the build is ready for testing Source code is not involved in API testing In API testing, the scope of testing is wide, so all the issues that are functional are considered for testing
How can we access a Postman variable?
We can access a Postman variable by entering the variable name as {{var}}
How can we organize requests in Postman?
We can organize requests in Postman with the Collections.
How can we log requests and responses in Postman?
We can view requests logs and response logs through the Postman Console window.
Why does Postman accept Base64 encoding only?
We use base64 particularly because it transmits the data into the textual form and sends it in easier form such as HTML form data. Also, we can rely on the same 64 characters in any encoding language that we use.
Difference between API and Web service
Web services: 1. All web services are APIs2. All web services need to be exposed over web(HTTP)3. A Web service uses only three styles of use: SOAP, REST and XML-RPC for communication4. A Web service always needs a network to operate APIs: 1. All APIs are not web services2. All APIs need not be exposed over web(i.e. HTTP)3. API uses multiple ways for communication e.g. DLL files in C/C++, Jar files/ RMI in java, Interrupts in Linux kernel API etc.4. APIs don't need a network for operation
Can local variables be imported in Postman Monitors?
Yes. Postman monitors allow to import local variables but it does not allow to import global variables.