Explore the world of APIs and learn how to integrate them with production-ready applications using Postman and the Newman CLI

Key Features

  • Learn the tenets of effective API testing and API design
  • Gain an in-depth understanding of the various features Postman has to offer
  • Know when and how to use Postman for creating high-quality APIs for software and web apps

Book Description

Postman enables the exploration and testing of web APIs, helping testers and developers figure out how an API works. With Postman, you can create effective test automation for any APIs. If you want to put your knowledge of APIs to work quickly, this practical guide to using Postman will help you get started.

The book provides a hands-on approach to learning the implementation and associated methodologies that will have you up and running with Postman in no time. Complete with step-by-step explanations of essential concepts, practical examples, and self-assessment questions, this book begins by taking you through the principles of effective API testing. A combination of theory coupled with real-world examples will help you learn how to use Postman to create well-designed, documented, and tested APIs. You'll then be able to try some hands-on projects that will teach you how to add test automation to an already existing API with Postman, and guide you in using Postman to create a well-designed API from scratch.

By the end of this book, you'll be able to use Postman to set up and run API tests for any API that you are working with.

What you will learn

  • Find out what is involved in effective API testing
  • Use data-driven testing in Postman to create scalable API tests
  • Understand what a well-designed API looks like
  • Become well-versed with API terminology, including the different types of APIs
  • Get to grips with performing functional and non-functional testing of an API
  • Discover how to use industry standards such as OpenAPI and mocking in Postman

Who this book is for

The book is for software testing professionals and software developers looking to improve product and API quality through API test automation. You will find this book useful if understand APIs and want to build your skills for creating, testing, and documenting APIs. The book assumes beginner-level knowledge of JavaScript and API development.

Table of Contents

  1. API Testing and Development with Postman
  2. Contributors
  3. About the author
  4. About the reviewer
  5. Preface
    1. Who this book is for
    2. What this book covers
    3. To get the most out of this book
    4. Download the example code files
    5. Download the color images
    6. Conventions used
    7. Get in touch
    8. Reviews
  6. Section 1: API Testing Theory and Terminology
  7. Chapter 1: API Terminology and Types
    1. What is an API?
    2. Types of API calls
    3. Installing Postman
    4. Starting Postman
    5. Setting up a request in Postman
    6. The structure of an API request
    7. API endpoints
    8. API actions
    9. API parameters
    10. API headers
    11. API body
    12. API response
    13. Learning by doing – making API calls
    14. Considerations for API testing
    15. Beginning with exploration
    16. Looking for business problems
    17. Trying weird things
    18. Different types of APIs
    19. REST APIs
    20. SOAP APIs
    21. GraphQL APIs
    22. GraphQL API example
    23. Summary
  8. Chapter 2: Principles of API Design
    1. Technical requirements
    2. Start with the purpose
    3. Figuring out the purpose
    4. Creating usable APIs
    5. Usable API structure
    6. Good error messages
    7. Document your API
    8. Documenting with Postman
    9. Good practices for API documentation
    10. RESTful API Modeling Language
    11. Designing an API
    12. Case study – Designing an e-commerce API
    13. Modeling an existing API design
    14. Summary
  9. Chapter 3: OpenAPI and API Specifications
    1. Technical requirements
    2. What are API specifications?
    3. API specification terminology
    4. Types of API specifications
    5. Creating OASes
    6. Parts of an OAS
    7. Defining API schema
    8. Using API specifications in Postman
    9. Creating mocks from an OAS
    10. Creating tests from an OAS
    11. Summary
  10. Chapter 4: Considerations for Good API Test Automation
    1. Technical requirements
    2. Exploring and automating
    3. Exercise – considerations for good API test automation
    4. Writing good automation
    5. Types of API tests
    6. Organizing and structuring tests
    7. Creating the test structure
    8. Organizing the tests
    9. Creating maintainable tests
    10. Using logging
    11. Test reports
    12. Summary
  11. Section 2: Using Postman When Working with an Existing API
  12. Chapter 5: Understanding Authorization Options
    1. Understanding API security
    2. Authorization in APIs
    3. Authentication in APIs
    4. API security in Postman
    5. Getting started with authorization in Postman
    6. Using Basic Auth
    7. Using Bearer Tokens
    8. Using API keys
    9. Using AWS Signature
    10. Using OAuth
    11. Using Digest auth and Hawk authentication
    12. Using NTLM authentication
    13. Using Akamai EdgeGrid
    14. Security testing with Postman
    15. Fuzzing
    16. Command injection
    17. Authorization testing
    18. Integrating with Burp Suite
    19. Summary
  13. Chapter 6: Creating Test Validation Scripts
    1. Technical requirements
    2. Checking API responses
    3. Checking the status code in a response
    4. Checking the body of a response
    5. Checking headers
    6. Custom assertion objects in Postman
    7. Creating your own tests
    8. Creating folder and collection tests
    9. Cleaning up after tests
    10. Setting up pre-request scripts
    11. Using variables in pre-request scripts
    12. Passing data between tests
    13. Building request workflows
    14. Using environments in Postman
    15. Managing environment variables
    16. Editing environment variables
    17. Summary
  14. Chapter 7: Data-Driven Testing
    1. Technical requirements
    2. Defining data-driven testing
    3. Setting up data-driven inputs
    4. Thinking about the outputs for data-driven tests
    5. Creating a data-driven test in Postman
    6. Creating the data input
    7. Adding a test
    8. Comparing responses to data from a file
    9. Challenge – data-driven testing with multiple APIs
    10. Challenge setup
    11. Challenge hints
    12. Summary
  15. Chapter 8: Running API Tests in CI with Newman
    1. Technical requirements
    2. Getting Newman set up
    3. Installing Newman
    4. Running Newman
    5. Understanding Newman run options
    6. Using environments in Newman
    7. Running data-driven tests in Newman
    8. Other Newman options
    9. Reporting on tests in Newman
    10. Using Newman's built-in reporters
    11. Using external reporters
    12. Creating your own reporter
    13. Integrating Newman into CI builds
    14. General principles for using Newman in CI builds
    15. Example of using Travis CI
    16. Summary
  16. Chapter 9: Monitoring APIs with Postman
    1. Technical requirements
    2. Setting up a monitor in Postman
    3. Creating a monitor
    4. Using additional monitor settings
    5. Adding tests to a monitor
    6. Viewing monitor results
    7. Cleaning up the monitors
    8. Summary
  17. Chapter 10: Testing an Existing API
    1. Technical requirements
    2. Finding bugs in an API
    3. Setting up a local API for testing
    4. Testing the API
    5. Finding bugs in the API
    6. Resetting the service
    7. Example bug
    8. Automating API tests
    9. Reviewing API automation ideas
    10. Setting up a collection in Postman
    11. Creating the tests
    12. An example of automated API tests
    13. Setting up a collection in Postman
    14. Creating the tests
    15. Sharing your work
    16. Sharing a collection in Postman
    17. Summary
  18. Section 3: Using Postman to Develop an API
  19. Chapter 11: Designing an API Specification
    1. Technical requirements
    2. Creating an API specification
    3. Starting the file
    4. Defining the endpoints
    5. Defining parameters
    6. Adding additional responses
    7. Describing request bodies
    8. Using examples
    9. Adding the API to Postman
    10. Contract testing
    11. Understanding API versioning
    12. Thinking through when to create a new API version
    13. Summary
  20. Chapter 12: Creating and Using a Mock Server in Postman
    1. Technical requirements
    2. Different approaches to testing with mocks
    3. Setting up a mock server
    4. Creating a mock server from a specification file
    5. Creating a mock server from a collection
    6. Creating a new mock server from scratch
    7. Creating good mock responses
    8. Using default examples
    9. Creating custom examples
    10. Using dynamic variables in examples
    11. Responding based on parameters
    12. Understanding example matching
    13. Using mock servers
    14. Developing against a mock server
    15. Continuous planning with a mock server
    16. Testing with a mock server
    17. Summary
  21. Chapter 13: Using Contract Testing to Verify an API
    1. Understanding contract testing
    2. What is contract testing?
    3. How to use contract testing
    4. Who creates the contracts?
    5. Setting up contract tests in Postman
    6. Creating a contract testing collection
    7. Adding tests to a contract test collection
    8. Running and fixing contract tests
    9. Fixing contract test failures
    10. Sharing contract tests
    11. Summary
  22. Chapter 14: Design and Create an API
    1. Technical requirements
    2. Designing an API
    3. Setting up the challenge
    4. Challenge – Design a usable API
    5. Solution – Design a usable API
    6. Challenge 2 – Create an API specification file
    7. Solution 2 – Create an API specification file
    8. Setting up the API in Postman
    9. Challenge – Add an API and mock server in Postman
    10. Solution – Add an API and mock server in Postman
    11. Creating tests and documentation for the API
    12. Challenge – Add tests to the API
    13. Solution – Add tests to the API
    14. Sharing what you have done
    15. Summary
    16. Why subscribe?
  23. Other Books You May Enjoy
    1. Packt is searching for authors like you
    2. Leave a review - let other readers know what you think