When conducting (application program interface) API Testing, let’s first consider what an API is, code that enables two software programs to communicate with each other. The API defines the parameters and methods that a developer can request services from an operating system (OS) or other application and typically consists of calls with a required syntax consisting of a predefined set of nouns and verbs. Simply put, APIs enable applications written in different languages and for different platforms to communicate with each other. Usually, APIs are provided for third-parties via a software development kit (SDK) or published openly on the Internet. Some of the issues in using APIs and therefore API testing include:

  1. Automating, monitoring and controlling the connections between an API and the applications using it.
  2. Ensuring usage consistency for multiple API versions.
  3. Monitoring application traffic using the API and the API’s performance.
  4. Memory management and caching for optimal performance.
  5. Security mechanisms to protect the API from unauthorized use.

The open API movement, set in motion by companies such as Facebook and Google and Twitter has led to lightweight JSON and REST services. So when developing test cases and scenarios regarding the 5 API testing issues above, it’s critical to understand JSON and REST services and how they implement these functions.