Skip to content
Postman API Testing Tips

How To Test An Api Using Postman

API Testing Blog

Getting Started with Postman for API Testing

Postman is a powerful tool for testing APIs, offering a user-friendly interface and a wide range of features. This guide will walk you through the basics of using Postman for API testing, covering everything from setting up a request to analyzing the response.

1. Setting Up a Request

a. Creating a New Request:

  • Open Postman: Start by opening the Postman app or accessing the web version.
  • Create a new request: Click on the “New” button or simply hit Ctrl+N (or Cmd+N on macOS) to create a new request. You’ll be presented with a request builder.

b. Defining Request Details:

  • Method: Select the HTTP method (GET, POST, PUT, DELETE, etc.) that your API endpoint uses.
  • URL: Enter the complete URL of the API endpoint you want to test.
  • Headers: Add any necessary headers, such as Authorization, Content-Type, or Accept.
  • Body: If your API endpoint requires data, you can add it here. Choose the appropriate format (form data, JSON, XML, etc.) and enter the data.

Example:

Let’s test a simple GET request to retrieve a list of users from a fictitious API endpoint.

  • URL: https://api.example.com/users
  • Method: GET

c. Sending the Request:

  • Send button: Click the blue “Send” button at the top right corner of the request builder. This sends the request to the API server and fetches the response.

2. Inspecting the Response

a. Response Code & Headers:

  • Status Code: The response code (e.g., 200 OK, 404 Not Found, 500 Internal Server Error) indicates the success or failure of your request.
  • Headers: You can browse the headers sent by the server, which may include information about the response type, content encoding, or other relevant details.

b. Response Body:

  • Body tab: The “Body” tab displays the actual data returned by the API. This can be in various formats like JSON, XML, plain text, or even image data.
  • Pretty Print: Use the “Pretty” button to format the response data for better readability.

Example:

For the GET request to /users, the response might look like this:

{
"users": [
{
"id": 1,
"name": "John Doe",
"email": "john.doe@example.com"
},
{
"id": 2,
"name": "Jane Smith",
"email": "jane.smith@example.com"
}
]
}

3. Testing with Assertions

a. Creating Assertions:

  • Test tab: Navigate to the “Tests” tab in the request builder.
  • Add Assertions: Use the predefined test snippets or write custom JavaScript code to define assertions about the response. You can check:
    • Status codes (e.g., pm.response.to.have.status(200);)
    • Response body content (e.g., pm.expect(pm.response.json().users[0].name).to.be.equal('John Doe');)
    • Headers (e.g., pm.response.to.have.header('Content-Type', 'application/json');)

Example:

pm.test("Status code is 200", () => {
pm.response.to.have.status(200);
});


pm.test("Response body contains 'John Doe'", () => {
pm.expect(pm.response.json().users[0].name).to.be.equal('John Doe');
});

b. Running Tests:

  • Run button: Use the “Run” button next to the “Send” button to execute your tests.
  • Test Results: Postman will show you the results of your tests, indicating which assertions passed and which failed.

4. Parameterization and Environments

a. Parameterization:

  • Variables: Postman allows you to use variables in your requests to make them more flexible and reusable. This is useful for testing different scenarios with varying input data.
  • Environment Variables: Define environment variables to store sensitive data like API keys, base URLs, or other configurations. These variables can be easily switched between different environments (e.g., development, testing, production).

Example:

// Define an environment variable for the API base URL
pm.environment.set('api_base_url', 'https://api.example.com');


// Use the environment variable in the request URL
pm.sendRequest('{{api_base_url}}/users');

5. Working with Collections

a. Organizing Requests:

  • Collections: Organize your requests into logical groups called collections. This helps keep your tests structured and manageable.
  • Folders: Within collections, you can create folders to further group requests by functionality or other criteria.

b. Running Collections:

  • Runner: Postman’s runner lets you run multiple requests in a collection sequentially.
  • Data Files: You can use data files to provide different input data for each request in the collection, enabling you to test various scenarios.

c. Generating Reports:

  • Reports: Postman can generate reports summarizing the test results, including success rates, run time, and detailed information about any failed assertions.

Advanced API Testing Techniques with Postman

1. API Mocking with Postman

  • Mock Servers: Create mock servers to simulate API behavior without actually calling real services. This is useful for early development, testing in isolated environments, or simulating error conditions.

2. API Versioning with Postman

  • Environment Variables: Use environment variables to switch between different API versions easily, making it convenient to test compatibility and handle version upgrades.

3. API Security Testing with Postman

  • Authorization headers: Use authorization headers to authenticate your requests with the API and test different authorization mechanisms.
  • Security testing tools: Utilize Postman’s built-in security testing tools, such as the “Interceptor” and “OAuth 2.0” features, to perform security assessments.

By following these guidelines and experimenting with Postman’s features, you can become proficient in API testing and ensure your APIs are reliable and perform as expected.

API Testing Blog