How to Test API – knowledgebase JJ

API automation testing should cover at least following testing methods apart from usual SDLC process

Discovery testing: The test group should manually execute the set of calls documented in the API like verifying that a specific resource exposed by the API can be listed, created and deleted as appropriate
Usability testing: This testing verifies whether the API is functional and user-friendly. And does API integrates well with another platform as well
Security testing: This testing includes what type of authentication is required and whether sensitive data is encrypted over HTTP or both
Automated testing: API testing should culminate in the creation of a set of scripts or a tool that can be used to execute the API regularly
Documentation: The test team has to make sure that the documentation is adequate and provides enough information to interact with the API. Documentation should be a part of the final deliverable

Best Practices of API Testing:

API Test cases should be grouped by test category
On top of each test, you should include the declarations of the APIs being called.
Parameters selection should be explicitly mentioned in the test case itself
Prioritize API function calls so that it will be easy for testers to test
Each test case should be as self-contained and independent from dependencies as possible
Avoid “test chaining” in your development
Special care must be taken while handling one-time call functions like – Delete, CloseWindow, etc…
Call sequencing should be performed and well planned
To ensure complete test coverage, create API test cases for all possible input combinations of the API.