How To Test for a Negative API?

Timothy Joseph | October 18, 2021

How To Test for a Negative API?

Field Types

Field type tests are vital for REST APIs. For SOAP APIs, field type tests ought to be very dull (and perhaps out of degree), since field type change is ordinarily taken care of by whatever structure advancement is used to produce administrations.

Give specific consideration to non-crude fields, for example, date-time fields, which must have a specific configuration. The subsequent thing to check would be any permitted limits. Specifically noteworthy ought to be strings and enums.

Ensure that the assistance doesn't explode on the off chance that you send in a string that is 10k bytes long. Continuously take on a similar mindset as a malignant saltine and utilize your exploratory testing abilities.

Method Types

  • GET: The GET strategy is utilized to extricate data from the given server utilizing a given URI. While utilizing GET demand, it should just extract information and ought to have no other impact on the server.
  • POST: A POST solicitation is utilized to make another entity. It can likewise be utilized to send information to the server, for instance, client data, record transfer, and so forth utilizing HTML structures.
  • PUT: Create another entity or update a current one.
  • Delete: Removes all current portrayals of the objective asset given by a URI.

Required Fields

Setting up a test that checks the handiness of blunder messages is entirely simple: Make a "clear" call - pass an unfilled body in the solicitation. Get back an error that you are missing some component. Add the missing component to your request and make a request again until you get back a positive reaction.

The thought is that the API is self-reporting: mistake messages lead you to fabricate a total effective call. This methodology likewise checks that all sources of info are tried in the code. Having supportive mistake messages is particularly significant for public APIs.

Furthermore, don't disparage the significance of spelling and sentence structure, which when wrong it makes your entire application look less expert and brings down client certainty.

Database Integrity

Another intriguing test is something many refer to as "data set trustworthiness testing". Information that goes into the application data set can become bad, particularly in a testing climate, yet underway also.

This can occur because of a number of reasons: past adaptations of the API (with one or the other buggy or deficient provisions), application crashes, or essentially by individuals physically altering the information base straightforwardly. You can run a read/recover approach for each and every record in the data set, anticipating that the API should not toss any errors.

On the off chance that it does, that is something worth exploring. It doesn't promptly demonstrate an error, since the information can truly be bad and all things considered most APIs will act erratically, yet it can uncover intriguing and conceivably unwanted conduct of the API.

If you need further assistance with testing for negative APIs or need to extend your QA resources and capabilities, contact QASource today.


This publication is for informational purposes only, and nothing contained in it should be considered legal advice. We expressly disclaim any warranty or responsibility for damages arising out of this information and encourage you to consult with legal counsel regarding your specific needs. We do not undertake any duty to update previously posted materials.

Post a Comment