Wikipedia

API testing: Difference between revisions

Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
Types of API testing: Added Web UI testing back to the list
Types of API testing: Removed caps from testing types to match style of other pages
Line 22:
There are several types of tests that can be performed on APIs. Some of these include smoke testing, functional testing, security testing, penetration testing, and validation testing.
 
*[[Smoke testing (software) | Smoke Testtest]] - This is a preliminary test that checks if the most crucial functions of an API are working correctly and identifies any major issues before further testing.
*[[Functional testing]] - This type of testing validates a software system against its functional requirements by providing input and verifying the output. It mainly involves black box testing and is not concerned with the source code.
* [[Black box testing]] - This is a type of testing where the tester interacts with the API without knowing its internal workings. The tester provides input and observes the output generated by the API to identify how it responds to expected and unexpected user actions.
Line 32:
*[[Fuzzing]] - This test transmits random, invalid or unexpected input to an API to find unknown bugs and defects. An API fuzzer generates test inputs and request sequences to the API and records the response to see if any bugs or security vulnerabilities are uncovered.
*[[Load test]] - This type of testing simulates real-world workloads to see how a system or application performs. The goal is to find bottlenecks and determine the maximum number of users or transactions the system can handle.
*[[Performance Testingtesting]] - This type of testing evaluates how an API performs under certain conditions to assess the API's ability to handle high loads and maintain high-performance levels. There are two main types of API performance testing: functional testing and load testing.
*[[Security Testingtesting]] - This series of tests checks for vulnerabilities in APIs using various techniques. The goal is to find and fix security gaps and ensure basic security requirements are met. API scanning involves mimicking hacker actions to find bugs. This helps prevent attackers from accessing or disrupting the API or its data.
*[[Penetration Testingtesting]] - This is an ethical hacking process to assess the security of an API design. It is conducted by an external pentester to find vulnerabilities in API integrations due to incorrect business logic or programming issues. The goal is to identify security vulnerabilities that attackers could exploit to access sensitive data or perform malicious actions.
*[https://docs.oracle.com/cd/E55956_01/doc.11123/external_user_guide/content/wsi_compliance.html WS-* compliance testing] - This testing applies to SOAP APIs and ensures proper implementation of standards such as WS-Addressing, WS-Discovery, WS-Federation, WS-Policy, WS-Security, and WS-Trust.
*[[Graphical_user_interface_testing|Web UI testing]] - Checks if the visual elements of a web application's user interface work correctly and are user-friendly. It is different from API testing, which tests the communication between software components.
Retrieved from "https://en.wikipedia.org/wiki/API_testing"