Overview

At its most basic level, API testing is intended to reveal bugs: inconsistencies or deviations from the expected behavior. Continuous testing is also very important to make sure it continues to work when the public has access to it. The risk of putting a bad, and potentially insecure, product on the market is greater than the cost to test it. (From https://www.soapui.org/learn/functional-testing/api-testing-101.html)

Tools

You're going to either want a tool to help you make requests, or you're going to want to use Firefox, as it has a nice JSON viewer. Just be aware that Firefox can only do GET requests.

About API Calls

API calls have two parts. A REQUEST and a RESPONSE.

  1. The REQUEST is the data you send TO the server.
  2. The RESPONSE is what the server sends back, based on what you sent, and the logic that handles that request.

When you're testing an API call, you're sending a REQUEST, and you're validating that the RESPONSE that the server sends back matches your expectations Most API Calls have a few different parts:

Methods

Method is represented by a verb from this list: