12 Ways to Do API Testing

1. Smoke Testing

• Purpose: Basic sanity check
• Goal: Ensure API functions at a basic level

2. Functional Testing

• Divided into three parts:
  • a. Contract Testing:
    • Verifies agreements between producer and consumer
    • Ensures API parameters, endpoints, and return types are adhered to
  • b. Component Testing:
    • Tests individual components of the API
    • Validates both valid and invalid data
  • c. Scenario Testing:
    • Tests various scenarios (positive and negative)
    • Example: Order management system scenarios (order success, order failure, refund scenarios)

3. Integration Testing

• Ensures API works with different systems (upstream and downstream)
• Example: Order API integrating with payment and add to cart systems

4. Performance Testing

• Ensures API meets performance standards
• Important aspects:
  • Benchmarks
  • Business and product expectations

Sub-tests in Performance Testing

• a. Stress Testing:
  • Tests load-handling capacity for short durations
  • Measures recovery time
• b. Soak Testing:
  • Long-duration stress test
  • Example: E-commerce festivals like Amazon Big Billion Days

5. Regression Testing

• Ensures new changes do not break existing functionality
• Continuous roll-out checks

6. Penetration Testing (Pen Test)

• Checks for vulnerabilities in the API
• Ensures security against attacks

7. Fuzz Testing

• Provides random, nonsensical data to API
• Ensures API can handle incorrect or unexpected data

8. Unit Testing

• Line-by-line code testing
• Ensures high code coverage
• Validates edge cases and expected flows

9. UI Testing

• Tests API in conjunction with the UI it supports
• Verifies data throughput, API calls, and data presentation

Summary

• All these tests ensure the API is reliable, secure, and ready for production
• Covers functional, security, and performance aspects
• Making APIs worthy for production

Video suggests subscribing to their channel for more content and asking questions in the comments