Testing APIs Using Postman
Testing APIs Using Postman
In this post, we introduce the topic of automated testing for APIs, and how to use Postman and Newman to easily test your RESTful APIs.
Join the DZone community and get the full member experience.Join For Free
Learn more about how to Prevent Slow or Broken APIs From Affecting Your Bottom Line.
Postman is one of the most efficient applications for testing RESTful APIs. Most developers write a simple test and check the result of the REST API. That is fine for a few APIs, but if we have many APIs to test it is better to automate these test cases. This post is an introduction to automated testing using a simple API. There is command line version of Postman. It is called Newman. I will also cover the procedure to test using Newman.
This post covers:
- Simple Test Scripts
- Setting up Newman
- Test Collections
Environment and Collections
In general, you should create one testing collection for each functional area, which may have many test cases. Then, you should create an environment for dev, test, sit, prod, etc., as each environment may have a different configuration.
Simple Test Scripts
For demonstration purposes, I created two test cases. The first is to get an OAuth2 token from my local server. The second is to validate the token. To validate the token, I will need to pass the token as query parameters. To copy and paste the token into the query parameters is not practical. In this case, I created an environment variable named
access-token-password in the first test case. And pass this variable to the second test case as follows:
The syntax is self-explanatory.
The following are the details about the test script:
var jsonData = JSON.parse(responseBody); postman.setGlobalVariable("access_token", jsonData.access_token); postman.setEnvironmentVariable("access_token", jsonData.access_token, "OATH2"); postman.setEnvironmentVariable("access-token-password", jsonData.access_token, "OAUTH2"); tests["access_token is not null"] = jsonData.access_token !== null; tests["token_type == bearer"] = jsonData.token_type === "bearer";
access-token-password to the OAuth2 environment.
The following picture shows the collection, testing scripts, and the test case output:
To run the test for the collection, click the arrow, then run the test as shown in the following pictures
From the above pictures, we see that we can run the test cases with one click and verify if all the test cases are passed. However, this kind of testing is still very much manual. We need to automate the whole procedures automatically. For this purpose, we can use the command line version of Postman, namely, Newman.
In order to use Newman, we need to do three things:
- Install Newman.
- Export the collection.
- Export the environment variables.
npm install newman --global;
Export Test Collection
Right-click the three dots beside the collection:
Then click Export --> Export. Save the file.
Export Environment Variables
Find the tool picture on the top-right of the GUI, find the collection, click the download button, as shown in the following picture:
In my case, for the purpose of this demo, I saved the two files in the Download directory.
-rw-------@ 1 gl17 staff 3.4K Jan 27 12:34 oauth2-demo.postman_collection.json -rw-------@ 1 gl17 staff 653B Jan 27 12:35 OAUTH2.postman_environment.json
The following are the command lines:
gl17@GaryLiu17sMBP:~/Downloads$ newman run oauth2-demo.postman_collection.json -e OAUTH2.postman_environment.json --insecure newman oauth2-demo → username&password POST https://localhost:8082/external/access_token?grant_type=password&username=max&password=mule [200 OK, 374B, 402ms] ✓ access_token is not null ✓ token_type == bearer → https://localhost:8082/external/validate?access_token=3URNgv-o3Tu9pP9WNfEhewlrBba7CsUfwJM1nZYYq8n7SlhxWq5E13wMy2ZeOcFx2q4edPSgG7u61Hg3_rFSpQ GET https://localhost:8082/external/validate?access_token=raJ1KXUBR4GfbVXNBFHNcAnNUQgQ34wcZ_jo0KODNdUmX4N4Th279THfZNPkCEmKQs2mOng9zcX97DMJtIsl-A [200 OK, 171B, 5ms] ✓ client_id is not null ✓ access-token-password is not null ✓ Status code is 200 ┌─────────────────────────┬──────────┬──────────┐ │ │ executed │ failed │ ├─────────────────────────┼──────────┼──────────┤ │ iterations │ 1 │ 0 │ ├─────────────────────────┼──────────┼──────────┤ │ requests │ 2 │ 0 │ ├─────────────────────────┼──────────┼──────────┤ │ test-scripts │ 2 │ 0 │ ├─────────────────────────┼──────────┼──────────┤ │ prerequest-scripts │ 0 │ 0 │ ├─────────────────────────┼──────────┼──────────┤ │ assertions │ 5 │ 0 │ ├─────────────────────────┴──────────┴──────────┤ │ total run duration: 529ms │ ├───────────────────────────────────────────────┤ │ total data received: 345B (approx) │ ├───────────────────────────────────────────────┤ │ average response time: 203ms │ └───────────────────────────────────────────────┘ gl17@GaryLiu17sMBP:~/Downloads$
That is it all. Pretty simple and straight forward.
In this post, I have covered the following topics:
- Procedures to test RESTful APIs using Postman and Newman utilities.
Published at DZone with permission of Gary Liu , DZone MVB. See the original article here.
Opinions expressed by DZone contributors are their own.