Testing API can be challenging even for experienced testers. I think some of you remember situation when feature has been done partialy and it was needed to use some endpoint which hasn’t used in other system module yet. After that post you’ll never have to wait for feature but it helps you be more proactive in project.
It’s worth to mention that Postman has several usages. Depending on what’s your rule in the team but in this post we will focus on developers and testers. Here are an examples
- Endpoint testing
- Sharing API Documentation
- Mocking endpoints
Tools
Let’s start from scratch. First of all it’s good for you to download software from producent website. Of course there is also web tool but I highly recommend you client app. In this post browser Mozilla Firefox will be used but you can use other chosen web browser.
Parameters and body
It is possible to passing data using body or parameters. It is like sending letter with some messages inside. Everybody knows who is addressed for and who send that information wit some information inside which only recipient is able to open it. The format of body is very common and it is JSON. Example of body has been presented on listening below.
{
"firstName": "John",
"lastName": "Doe",
"age": 23,
"isTrusted": true
}
Well, now we have knowledge how the format of body looks but some of you can be curious where can I check it. You can get it by entering to web browser DevTools or by just use F12 (in Mozilla Firefox). After entering to Network section, you should be able to see Request in similar form to this presented on listening.
Now we know
- What request body is
- What form of request body have
- Where you can find request body
In Postman, place to put body request is displayed on listening below. As you can see there are several forms which we can pass through network but in that post we focus on the most popular one, JSON.
After sending a request, you’ll get some response code which may be suggesting where is the issue. The response also have body which is commonly used to debugging errors which are sent from API.
You find it in the same place where request body but on Response tab. In Postman there is also place where response is given. Under the request body, you should be able to see it. 
No secured API
It’s high time to introduce testing endpoints which doesn’t require any authentication. This is possibly the simplest way to test API. Only what you need is just type URI on input on the picture with particular HTTP method and click send button.
Secured API
Dealing with secured API can be more challenging. This topic can be widely described but we’ll focus on bearer token. To understand what exactly it is, imagine yourself credit card. It is something similar. Mentioned token have encrypted information designed by developer which are used for transfer confidential information which are not like password. The mechanism has been designed by https://jwt.io/.
Depending on project, in different places token can be kept. Anyway, if you are dealing with secured API and you need to test it, Postman will help you! The input to put token is showed on picture below
Import requests
At the end I have trick which extremely helps you. You don’t need to rewrite all the body and response. It is just waste your time. As you probably know, we want to be as productive as it possible. Only what you have to do is use Right Mouse Click on request in browser DevTools network tab and then Copy->Copy as cURL. After that find Import button in Postman and there paste copied cURL request as raw text and click continue.
Source:
- David Travis https://unsplash.com/photos/WC6MJ0kRzGw
- https://developer.mozilla.org
- https://jwt.io/
- https://www.postman.com/
