API Testing: How to Write Tests, Integrate into CI, and Track What You're Testing
Some developers and testers think that APIs, whether internally developed or not, should just work. Unfortunately, without a significant amount of focus on testing API services, one little flaw can spell disaster for your application—especially security vulnerabilities where hackers will target your application. Elise Carmichael discusses the risks of not fully testing APIs, how to be sure that all services are tested fully, and the types of negative testing you need to do on APIs. She shows you a method to organize your tests using Postman, a tool for REST web services testing. During this session, Elise and the participants will write some Postman API tests with variables and then execute the tests with Newman, a command line application for running Postman tests that you can include in continuous integration scripts. Elise also demonstrates a test management tool so you can have traceability from your API requirements all the way to every test execution.