QASymphony / Blog / Whitebox Testing for BlackBox Testers: Simplifying API Testing [Webinar Recap and Q&A]
Whitebox Testing for BlackBox Testers: Simplifying API Testing [Webinar Recap and Q&A]
Thanks to everyone who joined us for our webinar, “Whitebox Testing for BlackBox Testers: Simplifying API Testing.”
During our session, we discussed what APIs are and their significance in digital businesses, outlined API management requirements and took a deeper dive into why API testing is essential for companies.
In today’s climate, companies are increasingly relying on software to support the needs of their customers. What APIs do is allow companies to extend and expand the value of their applications to customers and partners, even opening up possibilities to money digital assets.
There are countless of examples of companies leveraging APIs from other services to provide important features in their applications, while still being able to focus on their core product. For example, Uber uses APIs for navigation and SMS, enabling them to focus on their core business, signing up new users and drivers. Google Maps even monetized its API, allowing local business to show their locations.
APIs allow organizations to focus on their core competencies, allowing companies to maintain a competitive advantage and save time and money.
APIs are the nexus of the digital world; providing a low-friction, scalable, capital-efficient, and recurring source of revenue
Thanks for the great participation during our Q&A. We had a lot of questions that I did not have time to cover, so I’ve answered the remainder below.
Q: Why should API testing be done by QA instead of or in addition to development’s unit testing?
A: I recommend API testing is done by QA because QA is used to telling the whole story, where a developer’s unit tests might pass individually, but fail when looking at the bigger picture.
Q: Is testing integration with the DB important when you are testing an API?
A: Absolutely—there needs to be validation and confirmation that the DB is returning the correct information. Additionally, that DB integration is a part of the API design, so it should certainly be included in the testing phase.
Q: Where can I get more advanced-level API testing information?
A: Elise Carmichael, QASymphony’s VP of Quality, will be doing a deep dive on RESTful API Testing Using Postman, Newman and Jenkins. You can register here.
Q: Are the 3rd party APIs ever changed or updated by 3rd party, how they communicate the same to the API users ?
A: Major changes to fundamental APIs will have a downstream effect on 3rd parties levering them. One way to mitigate this is to have a strong community to support each other, as well as effective communication on depreciation schedules, functional updates, and ensuring you are following Maslow’s triangle of API needs to ensure ease of use.
Q: Is API testing required only for web based application? Can we do it for Android-based TV platform as well?
A: API’s are not just applicable for web based applications, mobile applications use APIs daily and should therefore be included in the scope of your API testing.
Q: What are the main things to look for when testing APIs ? Is it mainly looking for the response in body and response time? Am I missing anything else?
A: Those are certainly two essential metrics to test, but you should also consider monitoring them as well. A response time can vary drastically depending on a number of factors. This is why it is so important to not only check your APIs, but continually test and monitor them throughout different criteria and scenarios.
Q: In the presentation, you mentioned we can isolate APIs while testing. Can you please elaborate?
A: APIs should be isolated and tested independently to validate and monitor their designed functionality. There are multiple API testing tools which allow you to run parallel monitoring tests on individual APIs.