Julia Pottinger

API Testing Checklist

  1. Make a list of the different APIs that exist in the organization, speak to stakeholders, and prioritize them
  2. Check that the APIs that exist are properly documented, written in a way that is easy to understand, and contain information such as:
    • overview and purpose
    • quick start guide and tutorials
    • an example/sample of every call, every parameter, and responses for each call(errors included)
    • user journey
    • authentication and authorization
    • rate limits
    • code samples for commonly used languages
    • schemas
  3. Define the types of tests that you want to run:
    • Positive scenarios return a valid response
    • Invalid requests return the correct error message
      • Missing or invalid authorization token
      • Missing required parameters
      • Unsupported methods for endpoints
      • Invalid path/url
      • Invalid, incomplete or missing request body
      • Incorrect field names in request body
    • Error Handling
    • Schema match
    • Workflow and data persistence
    • Response time
    • Specific standards and regulations that it should meet
    • Response Payload - valid JSON body, correct field names, types, and values
    • Response Headers
    • Application state before and after API call
    • Security and authorization
  4. Evaluate and select an API testing tool.
    • Think about the types of tests that you will want to perform and if there are any specific needs that the tool will need to meet.
    • Tools will also vary based on if you want to only execute them manually vs using an automated script.
    • With API test automation you will also have to decide on a programming language and select tools within that language.

Written by Julia Pottinger who lives and works in Jamaica building useful things. Follow her on Twitter and check out her YouTube Channel

Sign up for Newsletter