795:
For these reasons, it is recommended that teams increase their level of API testing while decreasing their reliance on GUI testing. API testing is recommended for the vast majority of test automation efforts and as much edge testing as possible. GUI testing is then reserved for validating typical use
1086:
867:- This test transmits random, invalid or unexpected input to an API to find unknown bugs and defects. An API fuzzer generates test inputs and request sequences to the API and records the response to see if any bugs or security vulnerabilities are uncovered.
879:- This type of testing evaluates how an API performs under certain conditions to assess the API's ability to handle high loads and maintain high-performance levels. There are two main types of API performance testing: functional testing and load testing.
891:- Ethical hacking is used to assess the security of an API design. An external pentester finds vulnerabilities in API integrations due to incorrect business logic or programming issues to identify security vulnerabilities that attackers could exploit.
831:- This is a type of testing where the tester interacts with the API without knowing its internal workings. The tester provides input and observes the output generated by the API to identify how it responds to expected and unexpected user actions.
811:(AI) used in API testing improves the efficiency and accuracy of the testing process. It can automatically generate test cases, identify potential issues, and analyze test results through machine learning to identify patterns and anomalies.
1083:
790:
Agile and DevOps teams working with short iterations and fast feedback loops find that GUI tests require considerable rework to keep pace with frequent change. Tests at the API layer are less brittle and easier to
873:- This type of testing simulates real-world workloads to see how a system or application performs. The goal is to find bottlenecks and determine the maximum number of users or transactions the system can handle.
825:- This type of testing validates a software system against its functional requirements by providing input and verifying the output. It mainly involves black box testing and is not concerned with the source code.
903:- Checks if the visual elements of a web application's user interface work correctly and are user-friendly. It is different from API testing, which tests the communication between software components.
885:- This checks for vulnerabilities in APIs to find and fix security gaps. It involves mimicking hacker actions to find bugs and prevent attackers from accessing or disrupting the API or its data.
784:
GUI tests can't sufficiently verify functional paths and back-end APIs/services associated with multitier architectures. APIs are considered the most stable interface to the system under test.
861:- This evaluates the actual running of an API and focuses on monitoring, execution errors, resource leaks, and error detection. Detected errors are fixed to prevent runtime breakdowns.
804:
There are several types of tests that can be performed on APIs. Some of these include smoke testing, functional testing, security testing, penetration testing, and validation testing.
668:
is used in conjunction with API testing to isolate the services under test as well as expand test environment access by simulating APIs/services that are not accessible for testing.
849:- This tests APIs to determine if they meet expectations for functionality, reliability, performance, and security. It aims to ensure that the API consistently performs as expected.
1132:
897:- This testing applies to SOAP APIs and ensures proper implementation of standards such as WS-Addressing, WS-Discovery, WS-Federation, WS-Policy, WS-Security, and WS-Trust.
710:
837:- This tests the smallest parts of an application, called units, for proper operation. In API testing, this includes testing single endpoints with a single request.
553:
819:- This is a preliminary test that checks if the most crucial functions of an API are working correctly and identifies any major issues before further testing.
652:
API testing is used to determine whether APIs return the correct response (in the expected format) for a broad range of feasible requests, react properly to
507:
649:
is performed on APIs that the development team produces as well as APIs that the team consumes within their application (including third-party APIs).
855:- This confirms the software matches business requirements and if API tests match expected results. It is closely related to User Acceptance Testing.
1266:
617:
API testing involves testing APIs directly (in isolation) and as part of the end-to-end transactions exercised during integration testing. Beyond
777:
API Testing is recognised as being more suitable for and (especially the automation used with and ) than GUI testing. Reasons cited include:
843:- This test checks if an API can interact with other software components and systems without compatibility issues. This applies to SOAP APIs.
474:
1129:
1298:
546:
326:
1051:
894:
464:
316:
539:
439:
195:
180:
852:
459:
497:
1233:
1066:
406:
170:
574:
273:
1196:
1084:
The
Forrester Wave Evaluation Of Functional Test Automation (FTA) Is Out And It's All About Going Beyond GUI Testing
1548:
900:
598:
396:
391:
147:
1180:
672:
618:
525:
1291:
766:
750:
714:
593:. API testing is now considered critical for automating testing because APIs serve as the primary interface to
416:
129:
109:
278:
754:
215:
205:
155:
1573:
1512:
876:
642:
502:
230:
46:
590:
718:
321:
293:
602:
444:
288:
175:
165:
104:
1604:
1517:
1284:
210:
190:
1558:
1507:
1477:
1419:
1225:
840:
816:
586:
351:
220:
200:
858:
808:
734:
657:
479:
361:
240:
114:
646:
601:
are difficult to maintain with the short release cycles and frequent changes commonly used with
1250:
1017:
722:
665:
626:
421:
331:
283:
225:
1437:
1432:
1200:
1184:
245:
61:
51:
1217:
1482:
1472:
702:
341:
185:
119:
86:
66:
27:
1113:
8:
1467:
1462:
1452:
1396:
1341:
1331:
1218:
888:
846:
690:
578:
336:
255:
81:
581:
to determine if they meet expectations for functionality, reliability, performance, and
1522:
1497:
1457:
1447:
1391:
1260:
1094:
970:
965:
946:
936:
822:
634:
454:
1532:
1358:
1326:
1321:
1229:
1012:
828:
594:
582:
1502:
1487:
1442:
1368:
1353:
1346:
1307:
1027:
1022:
882:
762:
730:
706:
570:
411:
374:
356:
346:
71:
1527:
1136:
1090:
638:
298:
250:
134:
56:
1578:
1553:
1492:
1401:
1373:
977:
1598:
41:
1568:
1563:
1406:
1336:
834:
679:
661:
622:
124:
1164:
1148:
1583:
1427:
656:
such as failures and unexpected/extreme inputs, deliver responses in an
16:
Automated software testing of programmable application interfaces (APIs)
653:
1213:
998:
870:
76:
1276:
958:
742:
726:
630:
449:
401:
386:
381:
796:
cases at the system level, mobile testing, and usability testing.
1168:
1152:
1117:
953:
864:
621:, these transactions include multiple types of endpoints such as
772:
1248:
931:
738:
606:
160:
698:
235:
1114:
Produce Better
Software by Using a Layered Testing Strategy
758:
746:
694:
683:
676:
469:
1069:, by Cameron Philipp-Edmonds, Stickyminds August 19, 2014
687:
1067:
All About API Testing: An
Interview with Jonathan Cooper
1220:
Succeeding with Agile: Software
Development Using Scrum
1181:
The Fight
Against Brittle Scripts and Software Defects
1130:
Onus for third-party APIs is on enterprise developers
1054:, by Amy Reichert, SearchSoftwareQuality March 2015
1165:A Guidance Framework for Designing a Great Web API
1139:, by Amy Reichert, SearchSoftwareQuality July 2014
1052:Testing APIs protects applications and reputations
1596:
788:Short release cycles with fast feedback loops:
709:. It can also include message formats such as
1292:
1149:Accelerate Development with Automated Testing
1062:
1060:
773:API testing, GUI testing, and test automation
547:
1265:: CS1 maint: multiple names: authors list (
1197:How Do We Learn Composite App Testing-Speak?
1047:
1045:
1043:
1299:
1285:
1079:
1077:
1075:
1057:
554:
540:
1142:
1249:J. Gao, C. Tao, D. Jie ĺ, S. Lu (2019).
1123:
1109:
1107:
1105:
1103:
1040:
1224:. Addison-Wesley Professional. p.
1158:
1072:
799:
612:
1597:
671:API testing commonly includes testing
508:Electrical and electronics engineering
1280:
1100:
1306:
1252:What is AI Software Testing? and Why
1212:
1206:
660:, and respond securely to potential
13:
1167:, by Eric Knipp and Gary Olliffe,
721:and similar fixed-length formats,
589:, API testing is performed at the
575:application programming interfaces
14:
1616:
434:Standards and bodies of knowledge
1549:Graphical user interface testing
1242:
577:(APIs) directly and as part of
526:Outline of software development
1190:
1174:
1:
1033:
1574:Software reliability testing
1513:Software performance testing
7:
1006:
907:
10:
1621:
1416:Testing types, techniques,
603:Agile software development
289:Software quality assurance
1541:
1415:
1384:
1314:
658:acceptable amount of time
1559:Orthogonal array testing
1508:Smoke testing (software)
1478:Dynamic program analysis
1199:, by Adrian Bridgwater,
1183:, by Adrian Bridgwater,
841:Interoperability testing
274:Configuration management
1093:, by Diego Lo Giudice,
895:WS-* compliance testing
859:Runtime error detection
809:Artificial intelligence
498:Artificial intelligence
1018:Service virtualization
666:Service virtualization
573:that involves testing
422:Infrastructure as code
268:Supporting disciplines
1438:Compatibility testing
943:Postman API Platform
279:Deployment management
1483:Installation testing
1473:Differential testing
1151:, by Nathan Wilson,
1116:, by SEAN Kenefick,
926:Crosscheck Networks
800:Types of API testing
735:transports/protocols
613:API testing overview
585:. Since APIs lack a
99:Paradigms and models
28:Software development
1468:Development testing
1463:Destructive testing
1453:Conformance testing
1397:Integration testing
1342:Model-based testing
1332:Exploratory testing
889:Penetration Testing
877:Performance testing
847:Reliability testing
579:integration testing
22:Part of a series on
1523:Symbolic execution
1498:Regression testing
1458:Continuous testing
1448:Concurrent testing
1392:Acceptance testing
1315:The "box" approach
1201:Dr. Dobb's Journal
1185:Dr. Dobb's Journal
1135:2019-07-31 at the
1089:2015-05-28 at the
971:SmartBear Software
947:Postman (software)
937:SmartBear Software
853:Validation testing
823:Functional testing
782:System complexity:
417:Release automation
294:Project management
1592:
1591:
1533:Usability testing
1359:White-box testing
1327:All-pairs testing
1322:Black-box testing
1203:February 14, 2012
1155:December 30, 2013
1013:Automated testing
1004:
1003:
829:Black box testing
733:being sent over
595:application logic
564:
563:
455:ISO/IEC standards
1612:
1605:Software testing
1503:Security testing
1488:Negative testing
1443:Concolic testing
1369:Mutation testing
1354:Grey-box testing
1347:Scenario testing
1308:Software testing
1301:
1294:
1287:
1278:
1277:
1271:
1270:
1264:
1256:
1246:
1240:
1239:
1223:
1210:
1204:
1194:
1188:
1187:October 26, 2011
1178:
1172:
1162:
1156:
1146:
1140:
1127:
1121:
1111:
1098:
1081:
1070:
1064:
1055:
1049:
1028:Web API security
1023:Software testing
912:
911:
883:Security Testing
763:TIBCO Rendezvous
731:Protocol Buffers
693:being sent over
691:message payloads
662:security attacks
571:software testing
556:
549:
542:
503:Computer science
412:Build automation
19:
18:
1620:
1619:
1615:
1614:
1613:
1611:
1610:
1609:
1595:
1594:
1593:
1588:
1537:
1528:Test automation
1417:
1411:
1380:
1310:
1305:
1275:
1274:
1258:
1257:
1247:
1243:
1236:
1211:
1207:
1195:
1191:
1179:
1175:
1171:August 20, 2014
1163:
1159:
1147:
1143:
1137:Wayback Machine
1128:
1124:
1120:January 7, 2014
1112:
1101:
1091:Wayback Machine
1082:
1073:
1065:
1058:
1050:
1041:
1036:
1009:
910:
802:
775:
615:
560:
531:
530:
521:
513:
512:
493:
485:
484:
435:
427:
426:
377:
367:
366:
312:
304:
303:
299:User experience
269:
261:
260:
151:
140:
139:
100:
92:
91:
37:
36:Core activities
17:
12:
11:
5:
1618:
1608:
1607:
1590:
1589:
1587:
1586:
1581:
1579:Stress testing
1576:
1571:
1566:
1561:
1556:
1554:Manual testing
1551:
1545:
1543:
1539:
1538:
1536:
1535:
1530:
1525:
1520:
1518:Stress testing
1515:
1510:
1505:
1500:
1495:
1493:Random testing
1490:
1485:
1480:
1475:
1470:
1465:
1460:
1455:
1450:
1445:
1440:
1435:
1430:
1424:
1422:
1413:
1412:
1410:
1409:
1404:
1402:System testing
1399:
1394:
1388:
1386:
1385:Testing levels
1382:
1381:
1379:
1378:
1377:
1376:
1374:Static testing
1371:
1366:
1356:
1351:
1350:
1349:
1344:
1339:
1334:
1329:
1318:
1316:
1312:
1311:
1304:
1303:
1296:
1289:
1281:
1273:
1272:
1241:
1235:978-0321579362
1234:
1205:
1189:
1173:
1157:
1141:
1122:
1099:
1097:April 23, 2015
1071:
1056:
1038:
1037:
1035:
1032:
1031:
1030:
1025:
1020:
1015:
1008:
1005:
1002:
1001:
996:
995:Insomnia REST
992:
991:
988:
984:
983:
980:
978:Katalon Studio
974:
973:
968:
962:
961:
956:
950:
949:
944:
940:
939:
934:
928:
927:
924:
920:
919:
916:
909:
906:
905:
904:
901:Web UI testing
898:
892:
886:
880:
874:
868:
862:
856:
850:
844:
838:
832:
826:
820:
814:
812:
801:
798:
793:
792:
785:
774:
771:
614:
611:
562:
561:
559:
558:
551:
544:
536:
533:
532:
529:
528:
522:
519:
518:
515:
514:
511:
510:
505:
500:
494:
491:
490:
487:
486:
483:
482:
477:
472:
467:
462:
457:
452:
447:
445:IEEE standards
442:
436:
433:
432:
429:
428:
425:
424:
419:
414:
409:
404:
399:
394:
389:
384:
378:
373:
372:
369:
368:
365:
364:
359:
354:
349:
344:
339:
334:
329:
324:
319:
313:
310:
309:
306:
305:
302:
301:
296:
291:
286:
281:
276:
270:
267:
266:
263:
262:
259:
258:
253:
248:
243:
238:
233:
228:
223:
218:
213:
208:
203:
198:
193:
188:
183:
178:
173:
168:
163:
158:
152:
150:and frameworks
146:
145:
142:
141:
138:
137:
132:
127:
122:
117:
112:
107:
101:
98:
97:
94:
93:
90:
89:
84:
79:
74:
69:
64:
59:
54:
49:
44:
38:
35:
34:
31:
30:
24:
23:
15:
9:
6:
4:
3:
2:
1617:
1606:
1603:
1602:
1600:
1585:
1582:
1580:
1577:
1575:
1572:
1570:
1567:
1565:
1562:
1560:
1557:
1555:
1552:
1550:
1547:
1546:
1544:
1540:
1534:
1531:
1529:
1526:
1524:
1521:
1519:
1516:
1514:
1511:
1509:
1506:
1504:
1501:
1499:
1496:
1494:
1491:
1489:
1486:
1484:
1481:
1479:
1476:
1474:
1471:
1469:
1466:
1464:
1461:
1459:
1456:
1454:
1451:
1449:
1446:
1444:
1441:
1439:
1436:
1434:
1431:
1429:
1426:
1425:
1423:
1421:
1414:
1408:
1405:
1403:
1400:
1398:
1395:
1393:
1390:
1389:
1387:
1383:
1375:
1372:
1370:
1367:
1365:
1362:
1361:
1360:
1357:
1355:
1352:
1348:
1345:
1343:
1340:
1338:
1335:
1333:
1330:
1328:
1325:
1324:
1323:
1320:
1319:
1317:
1313:
1309:
1302:
1297:
1295:
1290:
1288:
1283:
1282:
1279:
1268:
1262:
1254:
1253:
1245:
1237:
1231:
1227:
1222:
1221:
1215:
1209:
1202:
1198:
1193:
1186:
1182:
1177:
1170:
1166:
1161:
1154:
1150:
1145:
1138:
1134:
1131:
1126:
1119:
1115:
1110:
1108:
1106:
1104:
1096:
1092:
1088:
1085:
1080:
1078:
1076:
1068:
1063:
1061:
1053:
1048:
1046:
1044:
1039:
1029:
1026:
1024:
1021:
1019:
1016:
1014:
1011:
1010:
1000:
997:
994:
993:
989:
986:
985:
981:
979:
976:
975:
972:
969:
967:
964:
963:
960:
957:
955:
952:
951:
948:
945:
942:
941:
938:
935:
933:
930:
929:
925:
922:
921:
917:
914:
913:
902:
899:
896:
893:
890:
887:
884:
881:
878:
875:
872:
869:
866:
863:
860:
857:
854:
851:
848:
845:
842:
839:
836:
833:
830:
827:
824:
821:
818:
815:
813:
810:
807:
806:
805:
797:
789:
786:
783:
780:
779:
778:
770:
768:
764:
760:
756:
752:
748:
744:
740:
736:
732:
728:
724:
720:
716:
712:
708:
704:
700:
696:
692:
689:
685:
681:
678:
674:
669:
667:
663:
659:
655:
650:
648:
644:
640:
636:
632:
628:
624:
620:
610:
608:
604:
600:
596:
592:
591:message layer
588:
584:
580:
576:
572:
569:is a type of
568:
557:
552:
550:
545:
543:
538:
537:
535:
534:
527:
524:
523:
517:
516:
509:
506:
504:
501:
499:
496:
495:
489:
488:
481:
478:
476:
473:
471:
468:
466:
463:
461:
458:
456:
453:
451:
448:
446:
443:
441:
438:
437:
431:
430:
423:
420:
418:
415:
413:
410:
408:
405:
403:
400:
398:
395:
393:
390:
388:
385:
383:
380:
379:
376:
371:
370:
363:
360:
358:
355:
353:
350:
348:
345:
343:
340:
338:
335:
333:
330:
328:
325:
323:
320:
318:
315:
314:
308:
307:
300:
297:
295:
292:
290:
287:
285:
284:Documentation
282:
280:
277:
275:
272:
271:
265:
264:
257:
254:
252:
249:
247:
244:
242:
239:
237:
234:
232:
229:
227:
224:
222:
219:
217:
214:
212:
209:
207:
204:
202:
199:
197:
194:
192:
189:
187:
184:
182:
179:
177:
174:
172:
169:
167:
164:
162:
159:
157:
154:
153:
149:
148:Methodologies
144:
143:
136:
133:
131:
128:
126:
123:
121:
118:
116:
113:
111:
108:
106:
103:
102:
96:
95:
88:
85:
83:
80:
78:
75:
73:
70:
68:
65:
63:
60:
58:
55:
53:
50:
48:
45:
43:
42:Data modeling
40:
39:
33:
32:
29:
26:
25:
21:
20:
1569:Soak testing
1564:Pair testing
1407:Unit testing
1363:
1337:Fuzz testing
1251:
1244:
1219:
1208:
1192:
1176:
1160:
1144:
1125:
835:Unit testing
803:
794:
787:
781:
776:
680:web services
670:
651:
623:web services
619:RESTful APIs
616:
597:and because
566:
565:
402:UML Modeling
397:GUI designer
62:Construction
52:Requirements
1584:Web testing
1428:A/B testing
1364:API testing
647:API testing
567:API testing
120:Prototyping
115:Incremental
87:Maintenance
67:Engineering
1214:Cohn, Mike
1034:References
923:SoapSonar
817:Smoke test
654:edge cases
635:mainframes
492:Glossaries
82:Deployment
1433:Benchmark
1261:cite book
1095:Forrester
999:Kong Inc.
871:Load test
791:maintain.
631:databases
599:GUI tests
311:Practices
135:Waterfall
110:Cleanroom
77:Debugging
47:Processes
1599:Category
1542:See also
1216:(2009).
1133:Archived
1087:Archived
1007:See also
990:Step CI
987:Step CI
982:Katalon
959:Parasoft
908:Software
743:ISO 8583
737:such as
727:ISO 8583
675:APIs or
583:security
520:Outlines
450:ISO 9001
392:Profiler
387:Debugger
382:Compiler
357:Stand-up
1420:tactics
1255:. IEEE.
1169:Gartner
1153:Gartner
1118:Gartner
966:Swagger
954:SOAtest
918:Vendor
865:Fuzzing
639:web UIs
191:Lean SD
130:V model
72:Testing
1232:
932:SoapUI
765:, and
739:TCP/IP
705:, and
641:, and
607:DevOps
465:SWEBOK
186:Kanban
161:DevOps
125:Spiral
57:Design
915:Name
711:SWIFT
699:HTTPS
682:with
460:PMBOK
375:Tools
236:SEMAT
231:Scrum
105:Agile
1418:and
1267:link
1230:ISBN
759:SMTP
747:MQTT
729:and
695:HTTP
684:JSON
677:SOAP
673:REST
643:ERPs
627:ESBs
605:and
475:IREB
470:ITIL
440:CMMI
317:ATDD
226:SAFe
196:LeSS
171:DSDM
1226:312
767:FIX
755:RMI
751:FIX
723:CSV
719:EDI
715:FIX
703:JMS
688:XML
686:or
587:GUI
480:OMG
407:IDE
362:TDD
352:SBE
342:DDD
327:CCO
322:BDD
246:TSP
241:TDD
221:RUP
216:RAD
211:PSP
206:MSF
201:MDD
181:IID
176:FDD
166:DAD
156:ASD
1601::
1263:}}
1259:{{
1228:.
1102:^
1074:^
1059:^
1042:^
769:.
761:,
757:,
753:,
749:,
745:,
741:,
725:,
717:,
713:,
707:MQ
701:,
697:,
664:.
645:.
637:,
633:,
629:,
625:,
609:.
347:PP
337:CD
332:CI
256:XP
251:UP
1300:e
1293:t
1286:v
1269:)
1238:.
555:e
548:t
541:v
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.