Postman API testing by example (2024)

Table of Contents
Introduction Writing Tests in Postman The “Tests” Tab Best Practices for Writing Tests Using expect for Assertions Introduction to Chai Library Purpose of Assertion Libraries Using expect in Postman Key Elements to Validate Using pm.response in Postman for API Testing Accessing Response Attributes Using pm.response for Complex Validations Best Practices with pm.response Validation Examples Validating Response Status Code Validating Response Time Validating Response Headers Validating Response Body No code API testing using Testfully Conclusion Comments, Questions, or Feedback? Post it here! FAQs

Postman is a tool that can help you develop APIs. From capturing and validating to testing requests and responses! You need to perform API testing to ensure that your Application Programming Interface or API is working correctly and as it should. This article shows you how API testing is done using Postman and JavaScript.

Introduction

In this guide, I will explain how API testing in Postman works using JavaScript and provide you with the knowledge needed to create more effective API tests. So, let’s begin!

Writing Tests in Postman

The “Tests” Tab

In Postman, the “Tests” tab is where you write test scripts. This tab, located within each request, allows you to write JavaScript tests that evaluate the response of your API.

Postman API testing by example (1)

Best Practices for Writing Tests

By following some best practices, you can make your tests better and more understandable so that your tests become more robust and reliable. Let’s check out some of these best practices:

1. Descriptive and Clear Test Names

  • Why It’s Important: Clear names make it easier to understand what each test checks at a glance, especially when reviewing test results or sharing tests with colleagues.
  • Example: Instead of naming a test “Test 1” or “Status Check,” use descriptive names like “Verify Status Code is 200 for User Endpoint” or “Ensure Response Time is Below 500ms.”

2. Testing One Concern Per Test

  • Why It’s Important: Focusing on one assertion per test simplifies troubleshooting and understanding test results. If a test fails, you know just what went wrong.

  • Example: Separate them instead of combining status code and response time checks in one test:

    // Test for status codepm.test("Status code is 200", function () {pm.response.to.have.status(200);}); // Test for response time pm.test("Response time is less than 500ms", function () { pm.expect(pm.response.responseTime).to.be.below(500); }); ```

3. Use Assertive Language

  • Why It’s Important: Assertive language in tests makes them more readable and intention-driven. It clarifies the purpose of the test.
  • Example: Use assertive phrases like expect(response).to.contain... or response.should.have..., clearly stating the test’s expectations.

4. Organize Tests Logically

  • Why It’s Important: Grouping related tests or organizing them logically can make your testing suite more understandable and maintainable.
  • Example: If testing various aspects of a user API, group tests related to user creation, user data retrieval, and user deletion together.

5. Handle Different Test Scenarios

  • Why It’s Important: Testing only the “happy path” can leave critical bugs in edge cases. It’s essential to test various scenarios, including potential error conditions.

  • Example: Alongside testing a successful API call, write tests for scenarios like invalid inputs, unauthorized access, or server errors.

    // Test for invalid inputpm.test("Response for invalid input is 400", function () { pm.expect(pm.response.code).to.eql(400);});

6. Maintainability and Reusability

  • Why It’s Important: Tests should be easy to update and reusable for different scenarios. This practice saves time and effort in the long run.
  • Example: Create reusable functions for common test assertions. Call these functions with different parameters as needed rather than writing the same code in multiple tests.

7. Commenting and Documentation

  • Why It’s Important: Good comments and documentation make it easier for others (and your future self) to understand the purpose and mechanics of your tests.
  • Example: Add comments to clarify complex logic or the reason behind specific test cases, especially when testing less obvious or intricate API parts.

Using expect for Assertions

Introduction to Chai Library

Chai is an assertion library used in JavaScript for test-driven development (TDD) and behaviour-driven development (BDD). In API testing using Postman, Chai offers a set of assertions for validating the API requests and responses by ensuring they meet the expected criteria.

Purpose of Assertion Libraries

An assertion library like Chai serves a fundamental role in testing:

  1. Verification: It provides a systematic way to check whether the output of a code block (or, in this case, an API response) matches the expected result.
  2. Readability: Chai’s syntax is designed to be human-readable, making tests easier to write and understand.
  3. Robust Testing: Covering a wide range of assertion types allows testers to write comprehensive tests covering various aspects of the API response.

Using expect in Postman

Within Postman, ‘expect’ statements allow you to perform detailed checks on your response data. For example:

pm.test("Response should be an object", function () { pm.expect(pm.response.json()).to.be.an("object");});

Key Elements to Validate

  • Status Code: Ensure your API returns the correct status code, indicating the request’s success or failure.
  • Response Body: Validate the structure and data of the response body to ensure your API returns the expected data.
  • Response Headers: Checking headers can verify content type, caching rules, and more.
  • Response Time: Ensuring your API responds in a timely manner is crucial for performance.

Using pm.response in Postman for API Testing

pm.response is an important object in Postman scripting that gives you much information about the response returned from your API request. By using pm.response correctly and effectively, you can improve your API testing because this object allows you to access and validate various aspects of the response data. Here’s a more detailed look at utilizing pm.response in your tests:

Accessing Response Attributes

pm.response contains several properties and methods that give you access to different parts of the API response, such as the status code, response time, headers, and body. Here’s how you can use them:

  1. Status Code: Access the status code of the response to verify if the API request was successful.

    let statusCode = pm.response.code;pm.expect(statusCode).to.eql(200);

  2. Response Time: Check how long the API took to respond, which is crucial for performance testing.

    let responseTime = pm.response.responseTime;pm.expect(responseTime).to.be.below(500); // time in milliseconds

  3. Headers: Examine the response headers for important metadata like content type, caching policies, and more.

    let contentTypeHeader = pm.response.headers.get("Content-Type");pm.expect(contentTypeHeader).to.include("application/json");

  4. Body: The response body contains the data returned by the API. You can parse this data and make assertions based on your API’s expected output.

    let responseBody = pm.response.json(); // For JSON responsepm.expect(responseBody).to.have.property("name", "John Doe");

Using pm.response for Complex Validations

Beyond simple assertions, pm.response can be used for more complex validations:

  • Validating Response Structure: Ensure the response body follows a specific schema or structure.
  • Conditional Testing: Perform different tests based on certain response conditions. For example, if the status code is 200, check one set of criteria; if it’s 400, check another.
  • Dynamic Data Validation: Sometimes, responses contain dynamic data (like timestamps or unique IDs). Use pm.response to validate the format of these dynamic elements without hardcoding the values.

Best Practices with pm.response

  • Readability: Keep your tests readable and straightforward. Complex logic can make tests more complicated to understand and maintain.
  • Error Handling: Include error handling in your tests. For example, check if the response body is present before trying to parse it.
  • Consistency: Be consistent in how you use pm.response across different tests. This consistency helps in maintaining and scaling your test suite.

Validation Examples

Validating Response Status Code

  • Validate single status code:

    pm.test("the endpoint returns the expected status code", () => { // change 200 to the response code you expect const expectedStatusCode = 200; pm.response.to.have.status(expectedStatusCode);});

  • Validate multiple status codes:

    // change 200 or 201 to the response code you expectpm.test("Status code is 200 or 201", function () { pm.expect(pm.response.code).to.be.oneOf([200, 201]);});

Validating Response Time

// change 500 to the expected response timepm.test("Response time is less than 500ms", function () { pm.expect(pm.response.responseTime).to.be.below(500);});

Validating Response Headers

pm.test("Content-Type is application/json", function () { pm.response.to.have.header("Content-Type", "application/json");});

Validating Response Body

Postman test to check field value in response

We can validate the value of both id and name fields of the https://rickandmortyapi.com/api/character/1 using the test below.

pm.test("API response contains the expected fields", () => { const response = pm.response.json(); // the line below checks value of the id field is 1 (number). pm.expect(response).to.have.property("id", 1); // the line below checks value of the name field is Rick Sanchez (string). pm.expect(response).to.have.property("name", "Rick Sanchez");});

Test if Response Body matches schema

Testing if the response body matches a specific schema

pm.test("Body matches schema", function () { let schema = { type: "object", properties: { id: { type: "integer" }, name: { type: "string" }, status: { type: "string" }, species: { type: "string" }, type: { type: "string" }, gender: { type: "string" }, origin: { type: "object", properties: { name: { type: "string" }, url: { type: "string" }, }, required: ["name", "url"], // Added required property for origin }, location: { type: "object", properties: { name: { type: "string" }, url: { type: "string" }, }, required: ["name", "url"], // Added required property for location }, image: { type: "string" }, episode: { type: "array", items: { type: "string" }, }, url: { type: "string" }, created: { type: "string" }, }, required: [ "id", "name", "status", "species", "type", "gender", "origin", "location", "image", "episode", "url", "created", ], }; pm.expect(pm.response.json()).to.be.jsonSchema(schema);});

Test if nested field value is available in response

The script below step works for fields at the root of the response. What if we wanted to test the name field under the origin field. We can tweak the script to support fields at any level.

pm.test("API response contains the expected fields", () => { const response = pm.response.json(); // the line below checks value of the id field is 1 (number). pm.expect(response).to.have.nested.property("id", 1); // the line below checks value of the name field is Rick Sanchez (string). pm.expect(response).to.have.nested.property("name", "Rick Sanchez"); // the line below checks value of the origin.name field is Earth (C-137) (string). pm.expect(response).to.have.nested.property("origin.name", "Earth (C-137)");});

Check nested array value in response

We can take it further and use the same technique to validate the value of items in the array. For example, we can use the script below to check the value of the second item in the episode array of the https://rickandmortyapi.com/api/character/1 endpoint.

pm.test("API response contains the expected fields", () => { const response = pm.response.json(); // the line below checks the value of the episode field at index 0 is "https://rickandmortyapi.com/api/episode/1". pm.expect(response).to.have.nested.property("episode.0", "https://rickandmortyapi.com/api/episode/1");});

No code API testing using Testfully

Testfully is a leading API testing & monitoring tool and a great Postman alternative for API testing. The below video is a quick demo of Testfully and how you can use it to test your APIs without writing code.

Conclusion

As you saw, you can significantly improve your API testing process by using JavaScript in your Postman workflow. The examples and practices that we went through can help you develop comprehensive and reliable API tests. Try them and tailor them to fit your specific testing needs. Happy testing!

Comments, Questions, or Feedback? Post it here!

0 comments

Postman API testing by example (2024)

FAQs

How to pass a test in Postman? ›

To write your first post-response script, open a request in Postman, then select the Scripts > Post-response tab. Enter the following JavaScript code: Copy pm.test("Status code is 200", function () { pm.response.to.have.status(200); }); This code uses the pm library to run the test method.

Read On
How do I get responses from API in Postman? ›

Using Postman, you can send a request to an endpoint, retrieve data from a data source, or test an API's functionality. You don't need to enter commands in a terminal or write any code. When you create a new request and select Send, the API response appears right inside Postman.

Keep Reading
What is API testing with an example? ›

API testing involves sending requests to the server, analyzing responses, and verifying whether they are correct or not. It also involves testing for security vulnerabilities, performance issues, and other potential bugs.

Get More Info
How to perform API testing manually? ›

API Testing Best Practices
  1. Test for the typical or expected results first.
  2. Add stress to the system through a series of API load tests.
  3. Test for failure. ...
  4. Group test cases by test category.
  5. Prioritize API function calls so that it will be easy for testers to test quickly and easily.

See More
How do I send an example request in Postman? ›

You will need to know the URL and method. You can also specify optional values such as authorization, parameters and body data, and headers. To test sending a request in Postman, you can set the URL to the Postman Echo sample API endpoint https://postman-echo.com/get and the method to GET , then select Send.

Get More Info Here
What is an API documentation example? ›

API documentation is essentially an instruction manual that explains how to use an API and its services. This manual might contain tutorials, code examples, screenshots, and anything else that helps users better understand how to work with the API.

Tell Me More
What is an example of a post API? ›

An example of an API POST request is sending a set of coordinates to the API provider at UnwiredLabs. In this example, the API POST request is sending the UnwiredLabs API a set of wifi access points along with a boolean indicating whether or not address information should be included in the response.

Discover More
How to hit API multiple times in Postman? ›

Steps to Send multiple requests at the same time in Postman : Step 1: Create a collection having more than one request shown as below. Step 2: Click on three dots icons at right hand side of name of the collection and choose option “Run Collection“. Step 3 : A collection runner tab will gets opened.

View Details
How to validate API response in Postman? ›

Enabling request validation

When request validation is enabled, Postman automatically checks for validation issues whenever you open a request, change a request or a saved example, or change the API definition. Postman also checks for issues when you send a request, and the response is considered as a saved example.

Find Out More
How to automate rest API testing? ›

With the REST interface, the four basic operations are crucial to achieve API Test Automation using Rest Assured. The 4 basic operations Create, Read, Update, and Delete (CRUD) are performed via the POST, GET, and PUT methods. GET: To retrieve or read the server's data. POST: It is used to add a resource to the server.

Learn More Now

How to test API in Postman step by step? ›

You will learn how to test API using Postman.
  1. Step 1: Install Postman. Start by downloading and installing Postman from the official website and selecting the Windows, macOS, or Linux version. ...
  2. Step 2: Create your first request. ...
  3. Step 3: Importing requests. ...
  4. Step 4: Exporting requests as code. ...
  5. Step 5: Creating a new collection.
Jul 31, 2024

View Details
How do I check API responses? ›

API testing flow is quite simple with three main steps:
  1. Send the request with necessary input data.
  2. Get the response having output data.
  3. Verify that the response returned as expected in the requirement.

Continue Reading
How do I fetch API responses? ›

With the Fetch API, you make a request by calling fetch() , which is available as a global function in both window and worker contexts. You pass it a Request object or a string containing the URL to fetch, along with an optional argument to configure the request.

Learn More Now
How to use Postman to test API with Authorization? ›

With a request open in Postman, use the Authorization tab to select an auth type, then complete the relevant details for your selected type. The correct data values are determined by your API at the server side. If you're using a third-party API, refer to the provider's documentation for any required auth details.

Explore More
How to test API key in Postman? ›

To generate a Postman API key, do the following:
  1. Select your avatar in the Postman header, then select Settings. In the account settings page, select API keys.
  2. If you don't have a key, you'll be prompted to create one. Select Generate API Key.
  3. Enter a name for your key and select Generate API Key.
  4. Copy your key.
May 20, 2024

Read More
How to check if an API is working? ›

API testing flow is quite simple with three main steps:
  1. Send the request with necessary input data.
  2. Get the response having output data.
  3. Verify that the response returned as expected in the requirement.

Get More Info
How to write automated test scripts in Postman? ›

After opening Postman, just below the request endpoint you will be able to see the test tab at second from right. This is the area where we can write and keep automated tests related to a specific API endpoint. The automated postman tests are written in JavaScript. The postman provides a JavaScript object named “pm”.

Get More Info Here
Top Articles
The Impact Of The Mikayla Campino Leak: Privacy, Consent, And Social Media Responsibility
Hollenbeck | Obituary
Day 6 Coffee Menu
Overtime Megan Full Leak
Myhr Vidanthealth
‘Spider-Man: Homecoming’: How a Sundance Breakout Landed the Superhero Gig of a Lifetime and Didn’t Sell Out
Marilyn Manson - Personal Life, Songs & Facts
Marilyn Manson: The Monster Hiding in Plain Sight
Framework for solving parabolic partial differential equations could guide computer graphics and geometry processing
A framework for solving parabolic partial differential equations
Latest Posts
Watch: Mikayla Campinos Pickles Video Leaked Link Controversy Online | Dead or Alive Explained
Mikayla Campinos Pickles Twitter Video Goes Viral, Sparks Outrage and Privacy Concerns The Talks Tod
Article information

Author: Rob Wisoky

Last Updated:

Views: 6404

Rating: 4.8 / 5 (68 voted)

Reviews: 83% of readers found this page helpful

Author information

Name: Rob Wisoky

Birthday: 1994-09-30

Address: 5789 Michel Vista, West Domenic, OR 80464-9452

Phone: +97313824072371

Job: Education Orchestrator

Hobby: Lockpicking, Crocheting, Baton twirling, Video gaming, Jogging, Whittling, Model building

Introduction: My name is Rob Wisoky, I am a smiling, helpful, encouraging, zealous, energetic, faithful, fantastic person who loves writing and wants to share my knowledge and understanding with you.