Session1: Introduction to API Testing

okay so hi everyone uh welcome you all uh from today we are going to start APA testing classes and as part of today's session uh we are going to see the fundamentals like uh what is an API and what kind of testings we do on part as part of API testing and before discussing about API testing we have to know some Basics about what is client what is server and how exactly web applications Works internally right so we need to have some basic knowledge on web testing also to before starting API testing okay and in

the today's session we will see some Basics we will understand we will try to understand some basic concepts and then we will try to understand what is an API testing and how we can conduct AP testing and what are the different tools are available in the market to perform API testing okay so that's a basic introduction part today we are going to see and at the end of the session uh if you have any questions you can ask me and mean file you can use chart window to post all your questions okay so first of

all let us see the basic like what is web application so what is actually software a software can be an application which is developed for specific client or specific customer right so software application software is an application which is developed for specific client or some customer or sometimes the software can be developed based on the market requirement also and which is basically called as a products right so where exactly API testing come into picture so there are various types of testing we will conduct on software like web testing API Testing mobile app testing performance testing

security testing there are so many types of testings normally we do on software so why we need to do all these kinds of testing because we need to release the quality product or quality software to the customer so that's the main end goal right so APA is also one of the testing API testing is also one of the testing which is very very important to do the software but normally uh web testing we will know what is web testing means we will test that application and functionality we will test with respect to customer requirement whether

it is working according to customer requirement or not the functional device we will test on the web UI but what is an API means API is basically the API testing we will conduct at the backend side so we don't see anything on the UI so we will do APA testing and the backend side so which is basically comes under backend testing like API testing database testing so these things comes under backend testing not a front-end and web testing is comes under the front end okay web testing so we have also different tools are available in

the market like to perform web testing we use selenium normally and to perform APA testing we use Postman and rest ratio so bi and so many tools are there in the market so different for different type of testings we have a different tools are available in the market and for API testing also we can do manually and also we can do automatically and to perform manual API testing normally we use a tool called Postman and then to perform automation testing we will use a rest assured okay so one is a manual testing tool the other

one is an automation testing so as part of this course we are going to learn both so first we will learn Postman tool and a few days we will try to understand what is Postman how to use Postman how we can test apis manually by using Postman and what are the different features are there in the postman so we'll try to understand and we will practically test all the apis by using Postman tool and once you understand manual testing of apis then we will move on to the automation part that is rest assured so in

the rest I showed we will try to automate the apis and to automate apis using rest assured the main prerequisite is what you have to know a Java Basics Java programming Basics and then you should also know some basics of test engine framework okay so if you learn web testing uh these two things will be part of your web testing okay and even if you don't know test NG no problem but at least we have to know some Java Basics okay how we can write a simple Java program if you know some basics of java

you can easily understand this okay and it is very easy to learn also and even web testing is something trickier than API testing and you can easily learn API testing and very simple and very easy to learn only thing is you need to know some basic Java Concepts okay so let us try to understand some basics of web applications and then we will discuss more about what is an API and what are the different testings we will conduct as product API and so on okay so first we will see a manual testing of apis using

Postman tool and once you understand the replay testing using manual process then we will try to learn automating apis by using rest ratio so these are the two tools which are part of our sessions okay so let me share a small presentation and to understand about web applications and so on and very important session so because if you are not understood these sessions or these are important points then it is very difficult to understand the rest of the things okay yeah so Java Basics are not part of the session so it's not part of this

course okay you have to already and if you don't know Java Basics so please go through my free sessions which are available on my YouTube channel and you can understand some Basics and people who are already attended psyllium sessions and who already know Java Basics and they are enough okay all right so first of all let us see what is client and server so these two terminologies we use normally while working with the web-based applications client and the server so what is client and what is server a simple understanding is server means what which contains

the actual application so which contains a actual application or software will run on the server and we will able to access through the client client is nothing but what from where we are accessing the application right so for example on the web application suppose you are typing google.com and we are able to access Google pages from the server and we are not those pages are not coming from your local system right so they are coming from somewhere else and we are trying to access them through browser right so from where you are trying to access

that is called as a client from where actually the software is installed or from where exactly the web pages are uh still exist that is basically called as a server okay so the definitions wise a client is a computer hardware device or a software that accesses a service made available by the server so the definitions are little bit tricky but simple way to understanding is a client is a a computer or from where we are trying to access the application so for example through browser we are able to browse the different pages different websites we

are able to access and that is comes under the client so from where we are trying to access the applications that is called as a client and actually where the applications are installed from where we are able to exactly accessing that is basically called as a server and between the client and server we need a connection so through internet we are able to establish a connection to the server and then we are able to access it so the basic understanding client and the server the client means what we are all clients because we are able

to access the application through browser that's a client and from where exactly we are getting those pages you are browsing so much of information in the internet from where we are getting all that information where exactly that available is in the server and sometimes these servers many times the servers will be in the remote locations for remote environment okay but in some organizations uh they will also keep the servers in this local environment but normally in the internet uh the servers will be there in the remote environment so we will able to access them through

URLs okay so through your answer so for example just we are browsing some website right so when I say google.com it is just sending some request here and immediately I'm getting the page right so here we are accessing the application by passing some URL by sending some URL and this is a client as a user I'm able to access the applications through browser this is a client and from where we are getting these pages from where we are getting all this information where exactly these information is available that is called as a server and when

you send some requests to the server in the form of URL which will give us to response the server will respond with some data okay for example here I'm typing uh let's say APA testing I'm searching for something so I got all these pages so from where I got all these Pages the server is respond to us so how why server is respond to us because we are sending the request when you're searching for something the request will go to the server and server will fetch the all information related to this this particular keyword and

then respond with all the content so from the client application we are able to browse the data or we are able to we are requesting the server to provide some data and the server will fetch the data related to this keyword and sending all this information so this is how exactly client and server works and the client is not always a browser uh most of the times we will use mobile also right in the mobile also we are using some maps that is also client okay and from where wherever we are browsing the data through

internet there all comes under the client application and where exactly those pages are exist from where they are exactly operating from there exactly the software installed that is comes under the server so this is a basic terminology which we need to understand what is a client and what is a server which is very very important especially when you are working with the web-based applications now to understand this more about and we need to also know something about architecture client server architecture how exactly this client and servers will be communicated and what are the different type

of architectures the web-based applications will follow and these are basic fundamentals like we have Wonder our texture two-time architecture and then we have also a 3D architecture and web applications mostly followed three Tire architecture okay web applications will follow three-time architecture so let us try to understand what exactly one tire two tire and a three Tire so one tire applications one tire architecture is nothing but what we have a single system we do not have any internet we have a single system where the client will be running client and there will not be any database

actually there will be some files let's say I'm using some notepad I'm typing something or I'm typing something in the MS word or Excel sheet and when you're saving those files where exactly we are saving the data in our same machine right in the same machine in the file format we are saving the data and for that we don't need any internet for that we don't need to maintain any databases right so these are all one tire architecture so if your client and the server server here is nothing but a file system so when you

run client and server in the same machine which is comes under one tire architecture so nowadays we do not have such type of applications because this is pretty old technology and we will keep the client and server both in the single system both are running in the single machine same computer and which is Wonder architecture and the two tier architecture means what we have uh multiple client servers client computers and they are accessing the database and this database will be there in some other machine okay some other machine we will use as a database server

and different client applications will access the same database so for example internet applications suppose if you go to any Bank write any banking organization so they will internally maintain their own servers and their staff will access the database suppose in their organization let's say 10 to 15 people are working all of them are accessing the same database server which is located in their environment locally and that is comes under two Tire architecture so two tire is nothing but what different lines will able to access single database server and this database server is a different machine

not on the same machine so these people let's say 10 people are accessing these 10 papers don't have their own local memory so whatever the the tasks they are doing everything is happen in the common database and here this is a two-tire architecture when you come to the three-tier architecture again this is divided into three parts and the client Tire business logic and database layer we can say this is client application this is a application server or web server and the database server so we can divide it into three parts so here client is nothing

but what we are we are all clients we are browsing the data from the browser and database is what actual data will be stored in the database and between the client and the server between the client and server there should be some business logic okay there should be some business logic is running and what is the responsibility of this business logic layer is which will take our request from the client and same request will send to the database and fetch the data and again send back to the business logic layer and same business logic will

again send the response to the client so this is a indirect process so between the client and database there will be one more layer is there called business logic layer we can say business lodge which contains a business logic normally we call ml application server web servers many things are there so overall we can divide into three parts so all web applications all web applications comes under 3D architecture or follow the three-terr picture so there are so many client applications will run business logic layer will be there and after that database layer will be there

so these are the two different type of machines located in different locations remote locations so as a client we don't actually what is happening in the back end so what kind of business logic is executing what kind of database where exactly our data is stored in so we it is not visible as a client or as a user I cannot see all of them but as a client we will able to browse the data we will able to send the request to the server and we will able to get the response from the server but

who is taking the request we say who is processing it who is sending the response those things are completely backend they are invisible to the user so that's how actually web application works so again if I divide it into three parts we can call them as a presentation layer application layer and data layer we can come we can categorize them into two sections or two parts one is presentation layer and then application layer and a data layer presentation layer is nothing but a user interface user interface we are able to access application through browser right

that's called presentation layer it will present the data which is uh from server and application layer means what business Logic the application layer contains a business logic even web server is also comes in this particular middle layer application layer web server or we can say application server and web server so these two uh comes under middle layer and then database layer is a third layer which is also called as a data layer so presentation layer application layer and data layer so every web application will have three components or three sections like a presentation layer application

layer and data layer so presentation layer what is the purpose of presentation layer here is which will present the data to the user which is basically called client and what is an application layer which is having business logic and what is the purpose of application layer which will take the request from the presentation layer same request again will send to the data layer and actual data layer contains what which actually contains the data and whatever the request we send corresponding data will be available in the data layer so application layer will send the same request

to the data layer and the data layer face the data and again response will be given to the application layer and this application layer again send the response to the presentation layer so this is how exactly web application works between presentation layer application layer and data layer and these three are the three different components of web application now to presentation layer normally to develop the presentation layer web applications or developers will use this Technologies like HTML JavaScript CSS so these are all scripting languages so by using these cryptic languages the developer will develop the UI

or web applications that we can see on the browser so the presentation layer is nothing but a web applications all web applications comes under the presentation layer so these web applications will be developed by the developers by using HTML JavaScript and CSS these are scripting languages and applications are application layer right which contains a business logic and who will develop the business logic again developers will develop the business logic by using programming languages like java.net C sharp python C plus plus so here actual uh programming languages came into picture so by using programming languages developers

will develop the business logic and that business logic is researched inside the application layer that's the secondary layer now the third layer data layer which is also called as a database layer database layer is nothing but what here we install some databases like MySQL or it can be Oracle or SQL server or mongodb or whatever so many databases are there in the market and we can use one of the database as a database layer which is also called Data layer and actual data is resides inside the database only because database only can hold the data

and application layer what is the purpose of application layer the processing the processing will be taken care by application what is the processing here again we'll send the data from the presentation layer we will request and then application layer will get the request and same request again sent to data layer and get the response and same response will be presented on the presentation layer so these three things will internally work for any type of web applications but as a user what we can access only in the presentation layer that means we are able to see

the application we are able to work with the web applications that is all comes under presentation layer so application layer data layer is invisible so we can't directly access them okay so this is the basic understanding what is client and server architecture okay so in every tile like in one tire two tire and Twitter also we will have a server okay we can have a server but the server will be there in the same machine if you go with the Wonder architecture we can have server in the same machine and tutor architecture also multiple machines

are there two time means for two term means at least two components should be there client is different and server is different here database is acting as a server so two different components two different machines and in the three interact texture again it is again divided into three components client is different business logic is different database is different and these three will be located in three different places and again there will be many number of clients there will be many number of application servers there will be many number of database servers but the overall the

architecture level if you talk we will convert we will categorize into three different parts client business logic which is basically application layer and then database layer okay presentation application layer and data so we need to First understand uh these three things very very important okay now let us try to understand more details so what is an API now okay so we understood what is presentation layer what is application layer what is database layer but where exactly API come into picture so what is an API now let us try to understand this in detail interface application

programming interface so this is the full form of ABR application programming interface so what is the EPA where exactly it reset and what is the purpose of this API so the AP is basically used for or communicating between two applications let's say there are two different applications and they want to communicate each other and there should be some mediator right there should be some mediator and that is basically called as an API so API is a way of communication between two applications where applications May differ in their platforms or in terms of technology so those

applications will be developed in different platforms and those applications will be having different functionality but still we will combine those applications we can communicate each other by using API so for example let us take here front-end applications we have a front-end application here so in the front-end application this is basically a web right so this is basically web application so this is our web so we discussed three layers one is for presentation layer so this is called presentation layer and this is called uh in middle layer we can say application layer or application server or

we can say uh web server in the middle layer and this is called backend application or we can say data layer or data database server okay three components so what what in the web application in the presentation layer what we will do we will try to access the application through UI and we are sending some requests to the middle layer which is actually APL layer here actual apis will be reset so API is nothing but what which contains a business logic so as we already discussed in the middle layer we have a business logic inside

but the business logic is available in the form of apis the business logic is nothing but an API so eBay contains a business logic which is developed by the Developers so when you're sending the request to the server or when you're sending the request first it will go to the middle layer and what is there in the middle layer we have different type of apis so many types of APs are available in the middle layer and based on our request corresponding API will be triggered and that APA what that APA will do again that AP

will send the same request to the server that is a database layer and fetch the data here and provide the response to the presentation and who is send who is taking the request who is sending the response to us API okay EP is taking the request and APS itself sending the response to the presentation layer so that means APA is acting as a mediator between presentation layer and the database layer and where exactly these apis are present the apis are present inside the middle layer middle layer which is business logic which contains a business logic

so which will do two things what is the first thing this is the responsibility of the API layer to fetch the data from the back end and display on the front end and the other side what is the responsibility of API this is also the responsibility of the API layer to take the data from the front end and insert into the back end so it will take the data it will take the request from the front end again send to the back end and get the response and provide the same response to the front enter

or presentation layer and this is a mediator application programming interface there is a full form actually API application programming interface what does that mean which is basically in application application means what which contains some functionality and which is assisting to the application where exactly we are using application here we are using application so what API is doing apis is getting the request from the application sending response to the application so it is an application programming means what which contains a programming logic and which is also an interface means what it is acting as a mediator

are acting as an interface between our front end and our backend applications so that's the reason the name says API application programming interface and where exactly these apsr resides in the middle layer in the middle layer APS will be available now when you perform the testing on this particular layer which is comes under web testing okay we use selenium there here and when you directly conduct the testing in this particular layer which is called as a API testing so when you conduct the testing in the database layer which is called as a database testing three

different layers okay and one thing we need to understand so if you want to test the web or web testing if you want to perform through browser we are able to access the web application so we are able to see that entire UI and we are able to interact with the elements and we will able to perform the web testing but how come we testing the apis and why we need to test the eaps here so if you conduct the testing web right so from where exactly we are getting the data in the web application

AAP is only providing the data right through apis we are getting the response on the UI and what exactly we are validating on the web applications we are validating the data we are validating the functionality on the website or web testing side right but from where exactly we're getting the data from where exactly we are getting this functionality only through APS we are getting this and if the eaps are not available our web applications will not work because the web application is actually need the data and functionality which is actually coming from what middle layer

AP is providing that so we are doing the testing on the website but what kind of testing we do on here we will do a pay testing as part of API testing what you will do we will instead of testing this web application we are directly sending the request to the API and we are getting the response from the API and we will test the response we will do some validations on the response same thing is happening the front end also for example when you're testing the web applications we are now testing the here web

so what exactly what you are testing here is whatever the response uh provided by the API so because when you send some request through web application eapas are giving the response and this response we are testing on the UI so instead of testing on the UI what we will do directly we will access the apis and we will send the request to the API directly and we'll get the response from the API directly and we do the testing here so this is a APA testing so instead of doing testing on the web we will directly

do the testing on the apis that comes under the API testing but what is an advantage so do we get any benefit when you do the testing on apx yes so what are the benefit we will get when you test the EPA so normally what happens is in the real-time environment initially they will develop the database faster so the day first they will ready the database and then they will develop the apis and then they will develop the web so these are the three different things will be developed in three different times by different people

so database developers will be different API developers will be different web developers will be different they are having different Technologies they should know different type of Technologies okay now initially they will develop the databases and then APS will be developed by the developers and then web will come into picture so between these two there will be lot of time okay first they will develop all the apis and once the apis are ready then they develop the web because if apis are not available there is no use of web right if they're in yeah they have

all everything is implemented on the UI so login is there images there everything links are present everything is present in the web UI but when you perform some activity it's not working anything so when you do login it's not working when you click on the link it is not working because APS are not yet ready so without apis if you have only web application there is no use so first they have developed the apis on top of the apis they will develop the web oh which is they will develop the web application so web application

work based on the apis so the First Development will happen on the APS and then the next level development will happen on the web based on the apis so as soon as the apis are ready or developed by the developer if you conduct testing on apis if you do testing on epas so we can do less testing on the web because almost if you come if you complete 80 of the testing here on the UI side we will just do only 20 percent of the testing you no need to Do complete testing so why because

the same apis will provide the response taking a request from the web so whatever the response or API is giving to the web right here we will test it but instead of doing testing here we directly send the request and get the response from the API and we do the testing we do the response validations so here itself we will finish 70 to 80 percent of the testing and rest of the testing we will do some basic level testing on the UI like all the UI elements are alert properly or not fonts are correct or

not colors are properly uh put or not so all colors are correctly mentioned or not so just we do some UI testing but main functionality testing is done at the APA level itself because APA itself is providing the data to the our web application so instead of testing web application directly we can test the EPA functionality that will reduce lot of our time and that will reduce a lot of our effort okay so this is a main purpose of doing a pay testing so this is actually what is an API so AP is nothing but

what application programming interface why it is an application programming interface because which is uh working for the application and it contains a programming logic and which is acting as an interface between presentation layer and the database layer so that is the reason we can call it as a API application programming interface and these apis will be used to communicate between two different type of applications let us say this is one type of application this is another type of application so these two things will be communicated with the API okay we can communicate with this and

this is the one way of understanding this okay so yeah we can do functional testing in the APA level okay so in that case in the web web level we no need to do function testing we will just do the UI testing okay so if the functional testing is done on the APA level and the web application what you will do you will just test the Geo testing graphical user interface so all elements are properly aligned or not alignment existing colors okay font these things we will just evaluate on the UI if you conduct functional

testing on the APA level and there is one more thing even web application is communicating with the AP or not so the communication also we need to test properly right so that's the reason we should also do some kind of testing on the UI and we should not really completely on API at the same time we should not relay complete on the given both are important both are important to do it but most of the testings if we conduct or if we complete on the APA level we can do less testing on the guis okay

so we can put less effort or less time we can spend on the GUI testing if you do uh if you spend more time on the APA testing so that's the main advantage and moreover we no need to wait for the GUI like as soon as the ap's development is completed you no need to wait for GUI for testing because it will take some time to develop right so in the meanwhile itself we will directly test the EPs and once you get the application or GUI then you can start testing the GUI and that is

a process normally we follow so first level of testing we do on apis level and then next level once you get an UI and once the UI is developed then we will conduct the testing on the GUI so that's how things will happen so because this will take some time immediately it is not ready okay so before that AP should be ready so we will do most of the testings on API and once the UI is available then we will do some part of the testing on the UI both are available both are important okay

so this is how we need to understand what is exactly AP means and where exactly AP come into picture okay so the programming language will be used to develop the apis application development will be done by using scripting languages scripting languages I told in the previous slide here but just look at here in my previous slide so presentation layer that's not web application will be developed by using HTML JavaScript CSS so these are the scripting languages will be used and to develop the apis programming languages will be used like java.net C sharp python so by

using these programming languages eaps will be designed or APS will be developed so the languages will be different so even developers also different web developers are different programmers are different database developers are different okay so everyone is not having the same kind of a skill set so web development will be taken gear by some other people and database layer will be taken care by somebody else and abs or business logic will be developed by some other developers so different team members different things will be done okay we should not Club all the Technologies into one

category but overall they will work for the one goal that is they want to develop an application they want to develop a software okay so this is the basic understanding what exactly client and server and then we have understood three tier architecture like front end middle layer back-end and also we have understood what exactly AP means and we will try to understand with more examples so in this context what is an API API is an application programming interface which is contains a business logic and here front end is one application we can cancel backend is

also another application so these two will communicate each other through API through API they will communicate each other okay so to understand uh more detail API let's take the simple example so let us say uh let's take one restaurant okay to understand what exactly the AP how it will work so let us take the restaurant in example so to the restaurant a customer come to the restaurant let's say he is called consumer okay and there will be a waiter also and uh as a customer what I'll do I'll order for the food okay so waiter

will take the order and the waiter you will not prepare any food right so what waiter will do he will go to the kitchen and the same request will send to the Chef right so as a customer I will order the food which is basically called as a request and waiter will receive the request and the same request sent to the kitchen and Chef will prepare the food in the kitchen so we can consider this is a back end so once the kitchen is once the food is prepared then respond right the waiter will again

provide the food to the customer so if I just look at these three different things based on this example we can understand what exactly APA will do so here he's a client he is a client or customer and waiter is acting as a APA role application programming interface and Jeff is acting as a database layer so actual food will be prepared here so as a customer I am requesting the food to the waiter and what a waiter is doing same request is again forward to the database layer and in the database layer actually the food

will be prepared at the kitchen and once the food is prepared the same response will be given to the waiter and this waiter will provide the food to the customer so here if you just look at three things are happening so one is request from here request is happening same request will go here again go to the database and same response we are getting here and customer will get the food so here this waiter is acting as a a payroll application programming interface is a mediator between the customer or client and the back Ender so

this is he is the guy he's a communicator between the two things okay so based on this example we can understand what exactly AP means how exotic will work okay now let us try to understand more so if I just look at this foreign just a second okay so let's take this application example let's say make my triple so make by trip.com so this is a website and internally this website is using different type of apis okay so internally this website is using different type of air base so how exactly applications will internally use apis

so let us try to understand so what we understood what is an API APA means through the APA we will able to communicate between two applications right so if I just look at this makemytrip.com so this is an application so what we can do in this application in this application we can find available flights or we can find available hotels so lot of things we can find right so as a user right I'm just want to book a flight ticket so I can provide some data to this might make my trip okay I can search

what are all files are available by sending some data so this is called request okay this is called request I am sending some information from where I need to travel from where I should go so on what date I want to travel so this information I will provide that's called request and what make my trip will know how make my trip will work again it will get the data from the different airlines like a different type of aliens we have so each Airline is different each Airline is having different flights so how make my trip

will get the data about these Airlines so the same data whatever we provided same data again they will send to this APA so these apis are exposed by these Airlines different alien companies are having their own apis so they will expose their own apis so whatever data we have requested to make my trip the same data again recent to those apis and what these APS will do these apis will give some response to us and what are the different flights are available from those Airlines and these flight information will be again displayed to the customer

so how this make my trip is getting all the information from different to Airlines through the different apis and make my trip is not developed those apis they are just using those apis by sending the request and getting the response and these apis are developed from whom so these apis are developed by their own companies their own companies so let me show you one more example for example every day almost everyone we use Google Maps right so we're using Google Maps so Google Map is an API so which is developed by so Google is developed

their own apis actually Google is the owner for all Google related apis Google Maps apis but these Google Maps we can use in different applications so we are using an Uber we are using in WhatsApp or we are using any other travel applications but these applications are not exactly developed with the Google Maps but these applications are using the Google Maps through the apis through the apis so Google is the owner for those apis Google is owner for those IPS Google is developed those apis but they APS are exposed to the public so for example

in the WhatsApp you can share your location to somebody else but internally location you are sharing means what Google Maps apis internally uh integrated so WhatsApp is basically requesting Google Maps API to provide the location so that's the integration but WhatsApp is not developed a Google map or Google Map apis it cannot locate anything but it is internally calling Google Maps and Google Map is providing the directions so like this if any companies developed some apis and if they are exposed to those apis to the public everybody will able to use those apis everybody else

can use those APS in their applications they don't need to again develop the same thing so whatever is already developed and that is available through API and other applications will use it okay for example you have a Google account you have a Google account so with this Google account you are able to login into Facebook you are using the same account to the LinkedIn you are able to use same account for some other thing right so different applications are using same login purpose but how this Facebook how this LinkedIn applications will know about your Google

Google account how these applications will know about this Google account because internally the Facebook when you're signing up the Facebook when I use Google account the Facebook will request this Google through API and through this API they will check whether your account is valid or not if it is valid then they will allow us to log in similarly when you use Google account to log into the LinkedIn what LinkedIn will do LinkedIn will request to the Google through the API whether the account is valid or not if it is valid then API check APA will

send the request and get the response and in the response they will check is it valid or not then accordingly it will allow or not they will decide so how these applications are interacting with the Google account or Google because of eapis So based on this we can understand APA is a tool through API we are able to communicate between two different applications Google is a different application Facebook is a different application LinkedIn is different application but we are using same account for all the applications or not yes we are using the same account for

all applications how these applications will know about our account through APA requests they will come to know whether our login or whether our account is valid or not so that's how internally APS work so nowadays every web application internally use apis internally use apis so all the functionality of your application provided only through apis okay if suppose some functionality is not working means what some APA is not up and running so for example on your application okay on your application you are trying to access some functionality okay Suppose there is a some feature called search

and they say you have some feature on your web application and you are searching for something here and you are pressing Enter key or you are not getting some data here you are not getting proper results what does it mean when you're searching for something you requested something to the server and maybe your APA is down or your database is down sometimes in those cases what happened you will not get the proper response and your application is not responsible for that so particular EPA or particular database is sometimes down in those cases you will not

get proper response so even application functionality is also works based on eapa request and response so if you do the testing in the APA level 80 of the testing if you do the testing on the API only rest of the 20 of the testing you can do on the web application it will reduce a lot of time and also effort okay so this is a basic understanding what is an API where exactly AP come into picture and what we do as part of API testing okay let's understand a few more things so what are the

different types of apis so how many types of apis we have so basically we have two types of APS in the market like we have soap you are soap APA soap related APS and rest apis okay so based nothing but a simple object access protocol rest is nothing but a representational status so these are the two different type of APs are available in the market but soap apis are very very old one so very less number of companies are still using it very very less and uh most of the companies almost 80 percent of the

companies are using rest Services nowadays so soap is having their own technology actually so they internally use XML to process the data and so on but that is a very old technology but uh in rest is a latest technology so many of the companies nowadays are using rest apis so soap and rest so these two all two tools uh these two APS internal use a different type of technology different type of communications and different type of data okay so soap support only XML type of data but rest support XML Json html text different type of

data is also supported while you're communicating with the server but soap support only XML format and this is very uh XML is very lengthy and that's very complex also sometimes when you compare with the jsons and uh it's very weighted data will be sent to the server so just try to understand these are the two types of APs which we have in the market and soap is very old type of apis and rest is a latest so both are APA zombie okay but sometimes we use something called web service so this is a term also

normally we use web service so we need to understand this also what is API what is web service what is the difference okay sometimes we will use a web service this name is also very popular okay so what is an API what is a web service see uh when you what is an API we have understood so far is we basically AP will get the request from us and it will give some response to us so it will take some request it will give you some response that's a job AP is done right but what

is web service what web service will do thank you it's very same actually so when you keep this API in the internet or if it is available on the web that is called Web Service simple so Suppose there is one application okay and there is another application let's say this is my Google application and this is my Facebook application and how these two are communicating each other through the API and if this API is available on the Internet or if this ABA is available on the web then these two applications will able to communicate so

once you place this API in the internet that is called as a web service simple so when you keep this API inside this internet and everyone able to access that API that is basically called as a web service that means what all web services or EPS only all web services are apis but all apis are not web services because until unless we keep this in the internet we cannot say that as a web service and without having internet also we can create our apis we can test our APS on your local system so internet is

not required for Designing and development or EPs and testing apis internet is not required okay and once you conduct the testing and once everything is working fine then we will move it on the production environment and we make that available that AP is available for the public and that time we will call them as a web service so web service and APA technically they are same technically they are same but once you put this API in the internet that is called as a web service okay so at the time of development and testing apis will

not be there in the production let's say developer develop some API and uh development is happening and then testing will happen and while developing and testing the apis we no need in Internet okay so they are not available for the public so far they are developing and testing in internally within the company so we can call them just APS just APS which will take the request and which will give some response okay and at the time of development and testing we call them as a APS even internet is also not required but once the development

and testing is completed once the AP is working fine then we will make this apis available in the internet because other applications also can use these apis just like Google Map Google Maps are designed developed by the Google they have tested it and after testing what they have done they have make available those apis to the public so that we are able to access it so that is web service so as soon as this apis developed and tested once they move to the production and make it available for the Public Public is able to access

these apis then which is called as a web service okay only simple difference a web service that means what all web services are what apis but all apis are not web services until unless we move them into the production until unless we move them into the internet we can't call them as a web service it is just an API clear everyone the difference between API and web service so at the time of development and testing we just call as API we should not say that is a web service and once it is developed and tested

once they moved into the internet and which is available for the public to access then we call them as a web service once they move into the web environment which is called as a web service okay so all web services are basically apis but not all apis are web service when when this APA become web service once they moved into production once they moved into the internet once they available for the public then we can call them as a web service until then they are just APS not web services [Music] so guys is it clear

the difference between API and web service most important interview question difference between AP and web server please respond in the chart Window Guys okay now let us see the next one so types of apis we discussed and also the different types like APN web service so web service and API wrapped in HTTP internally they will use HTTP protocol and all web services are API but apis are not web services remember this point and when APS have become web service once we move the aps into production or in web environment once we make available them to

the public then they become the web service so a web service needs a network while API doesn't need any network for its operation we can test the EPS without internet also in the locally also we can test the aps and once they move into the production and web then we can access the apis through internet okay so this is the basic difference between API and web service now let us try to understand more about rest apis so we are going to discuss more on rest apis but not soap apis okay so what is rest API

so rest APA is one of the type type of the rest API so in the rest API basically uh will take the request from the user or client and we will the same request will send to the server and server will process the data phase the data and same response will be given to the customer so how exactly rest AP works so rest AP is having different type of methods guys okay so rest API methods so these methods normally we use like we have a get method we have a post method we have a put

method we have a delete method and there are so many other methods also there but mainly we will use only four methods get the post put and delete methods what are those methods means they are rest API methods or we can also call as a request HTTP request it should be a request see whatever you do on the web whatever application you are accessing whatever transaction you're doing all the transactions all the operations will comes under at least one type of request okay for example you are browsing the google.com Okay so you're opening the google.com

here when you're sending google.com when you press enter normally what type of request it will go to the server it will go to server and get the response so basically it will send a get request so what exactly we are doing is we are trying to get some data from the google.com so here we are requesting something from the Google so when you type something here what we are doing exactly we are requesting something related to this keyword requesting some data from the Google that means we are sending the get request get this nothing but

what it will send some response to us okay that's called get request this is one of the requests and then we have a post request post is nothing but what suppose if you want to create something in the database server okay if you want to create something sometimes you will create your user you will provide all your first name last name email phone number everything and when you submit it what will happen the same data will be stored in the database but you will not get any response you are just sending the data to the

database and that is called as a post request so get request is nothing but what we will get the response from the server and post request is nothing but what we are sending our data to the server to store okay we are sending our data to the server which will store that is happen through post request suppose I already have some data in my database on server I want to update the data I want to edit the data then we can send a put request so put is another type of request through which we will

able to update existing data in the database app and delete is nothing but what we can delete the data from the database so for four different type of operations we will use four different type of rest API methods get to post put delete so these four all called HTTP request method so through browser whatever the request you are sending that should comes under either get request or a post request or put request or delete request it will comes under one of the requests so rest API will support these type of request so one is get

request post request put patch delete and so many other things are there main light categories just four types of requests similarly in the response what the response contains the response contains some status code data so many things are there we will do certain valuations on the response that means we are required we are passing some requests to the API AP will provide some response and then we do some validations on the response that's how APA testing will be conducted so first of all we have to know what is the functionality of API what kind of

input we have to pass to the API and then we will try to understand what kind of response it should return or what kind of response you should provide to the user and once you know the request and response then we can test the API so before testing API you have to know the functionality of the API the functionality of the API what exactly the API will do what is the purpose of API why it is designed of input it will take what type of request it will accept what kind of response it will provide

and what is the content which we have to test in the response so these things we need to First analyze before it doing APA testing so in API testing we have mainly four methods get to post put and delete and what's the use of this get if you want to receive some information from the database right so then we will send the get request so receive information about an API resource and similarly create an API if you want to create something something in the database then we will use a post request or if you want

to update anything in the database then we will use put request or if you want to delete something in the database then we will use a delete request so get to post put delete these are the four different type of requests supported in rest API only through request through these type of requests we will use apis and we will validate apis and then HTTP and https and this is another important thing which we need to understand HTTP is based HTTP and https hypertext transfer protocol hypertext transfer protocols more secure these two are different type of

protocols used by web applications web applications in essence internally ABS also will use these protocols to communicate between their client and the server so what is the difference between HTTP and https https is a more secure communication will happen suppose when you're sending the data through the client application to the server your data will be transferred as it is in the original format so if your data is passing through the network in the original format there is a chance of hacking the data so they are not more secure but if your web application is using

https and that data is more secure so when you're sending some request or data which will be converted into encrypted format and throughout the network the data will be transported through encrypted format and then it will reaches to the server again their deprecation will happen and process will happen so basically the data is communicating or data is transforming through the network in the encrypted format and that is more secure sometimes when you're browsing some web pages also you can see his sleepy and his deepest protocol so you can see HTTP is nothing but water okay

here you can see so you can just copy this so you can just ping any website it will show you some HTTP or https see here let me just type something and say google.com I'm opening so this is the page I'm opening you can see here this is a page I have opened now if I just look at this before starting the URL you can see something here and if you see htl DPS needs nothing but that website is more secure okay the data will be sending through encrypted format but if some website you can

see only HTTP that means what the data is sending in the original format they are not secure websites okay so you need to understand this what is the difference between HTTP and https and now we need to understand few important terminologies before going to API testing like you are a URL and URL Ura is nothing but a uniform resource identifier URL is nothing but uniform resource locator urns uniform resource name so where exactly these come into picture so we need to understand about the URL let us take this URL so https colon slash slash google.com

articles article there is some URL is there so we can call this completely as one URL uniform resource locator uniform resource locator this completely we can call them as URL or Ura uniform resource identifier or uniform resource locator but again which contains multiple parts so here HTTP or https which is called as a protocol or we can call them as a scheme and this part is a host google.com or something amazon.com flipkart.com so that's basically host or we can also call as a domain where exactly our data is present and rest of this is called

as a path so here HTTP or https is called as a protocol and this part is called a host or domain and rest of the part is called path so in this particular domain or in this particular host or in this particular server where exactly our data is present so in the Articles folder in the article name this is called actually resource which is actually called as a resource in a web application when you ping any URL this is complete URL so this is one part and this is another part this is another part so

actually which one will faces the data in the server only this one will fetch the data so first it will go to the Articles and then it will go to article name and wherever the data is here this will be and this data will be returned from the server okay and this is a path so what is urn means what uniform resource name actually what is the actual resource here this is the actual resource what is the resource here resource this is a technical term resource is something which is available in the server for what

we are requesting resource is something which is there in the server which we can request so when you send some request to the API what API will do AP will send the same request to the server and in the server whatever we requested that information is there or not and this is called as a resource so whatever we are requesting for that information is available in the server right so that is called as a resource so whenever you are sending some request it will try to fetch the resource and that resource information is also available

in this URL this is called resource this is called resource name uniform resource name you are in we can call them as a URL okay so what is an end point what is an end point and this is another Point end point end point is nothing but this part again this path entire thing is comes under the end point other than this host other than the host okay so other than this host whatever the rest of thing is there that is called N Point okay that's called end point okay so other than here till here

we are Host this is server actual data will be stored and from this rest of thing whatever is there that's called end point and end point is also include path URL and then uh resource okay resources also this is actually a resource and this is a path and both combinedly we can call as a endpoint okay so the terminology is most important which we need to understand and next one uh resource and normally in the web application testing we call it as a feature right feature is nothing but water is a functionality it is a

term used in manual testing to test some functionality and similar similarly resource is the term used in AP automation testing referring some functionality resource is nothing but something is there in the server and we are able to access it that's called a resource and then next terminology is a payload because these terminal loss is most important while performing API testing is okay you have to learn you have to understand this payload what is payload payload is nothing but the data which we are sending along with the request and also the data which is coming along

with the response both are called payload request payload and response period suppose let us say I have a flight booking application okay so let's say I have one flight booking application and in the flight booking application I will provide my data right I will provide my name right and source and destination place and date I will provide some data when you booking a flight so we we are with this particular data and this is called as a request payload this is called as a request payload and once you send this we will get some response

Right Flight is booked or not with confirmation and a Time availability all the information we will get as a response and that is called as a response payload response payload means what the payload is nothing but a data payload is nothing but a data and the data which is sending through request which is called as a request payload the data which is coming through response which is called as a response payload okay we use these terms very very frequently in API testing please listen this and the next one is here you can just look at

this picture to understand more so let us say consumer and producer consumer is nothing but what whoever is sending the requester they are all consumers or we can call them as a client and when you send a request and these are the different things we will pass like you are a headers a payload and this payload can be in Json format or XML format we can pass and once the server is received that request EP is received the request and sent to the database and corresponding HTTP method will be done like it can be posed

get put or delete and we'll get the response again when you're getting the response we will also get some data along with the response and that is called response payload like status code and some response data some string a message you will get something out of the response and that is called response payload okay so this is important thing and then so a few more important things so whenever you perform APA testing what we're getting API URL or endpoint so you need both okay URL is nothing but a complete path okay the complete thing is

called url url is nothing but what the complete URL you are requesting right this is complete thing is called URL what is an end point this part is called end point this part is called end point so when you're performing the API testing you will get all these end points from the developer okay and where exactly the data is hosted and based on that this will be change the hostname can be changed okay suppose the apis are deployed in some machine some X then the hostname will be X and if the apis are deployed in

y in some other server then this hostname will be different but the end points will not be changed the endpoints will not be changed so when you do APA testing we have to know the end points which are provided by the developers and also they will provide the location where exactly the apas are deployed accordingly this URL will be changed and when you're sending the request when you're sending the get request or post request we will have to send this complete URL along with the end point we have to Center only end point is not

enough when you're sending the real request to the API but at the time of writing the test cases and getting the information developer so they will provide only the end points and then we will use these endpoints along with the host and that will make completely appear request okay so this is a basic understanding now I'm going to show you few simple and very sample apis how exactly these apis will work and there are so many websites are there they will provide so many types of apis and we can do some kind of testing on

those apis so Ura and URL are the different on same both are same so you are a some people are called Ura uniform resource identifier and some people are called uniform resource locator okay so the terminology is used by different people in the different purposes you can consider the entire thing as a URI URL or some people will consider only some part is called Ura so some people will consider only this part is Ura so that's the reason I put both the points so this part is called as a Ura some people will consider and

some people will consider the entire thing as a URI except this protocol remove this protocol rest of them is considered as a URI okay so the terminology you have to just understand theatrical differences not important but you need to just understand mainly URL and then uh end point as I said end point right end point is different URL or Ura you can consider as the same and end point is most important because URL Ura can be changed but the end point will not be changed okay so guys are you clear so far everyone so this

is the basic understanding what exactly API how exactly AP works and what API will do and what's the purpose of an API okay I will show you now few important apis few sample apis and then we will try to understand few things and let's go to Google Just a second okay so here we have a sample API just a second and request response dot in so this is provided some sample apis just for practicing purpose and we will do so many other EPS also so just for your understanding I'm just going to show you a

few number of apis here so you can just look at this these are different type of apis they have provided here okay so these are the different apis they have provided and you can just look at this get there are so many gets are there post put patch delete right different type of requests are there and you can just look at this this is a request and this is a response okay suppose the first TP what's the purpose of the first EP here is list users okay listy users when you send this request it will

list out all the users which are available in the database I'm just clicking on the get here see this I'm just clicking on the getter as soon as you're clicking on the get what happens this is a request actually sent to the server okay this is a request which is actually sent to the server and this is a response we got 200 is a response we got and this is a response data in the Json formatter okay so most of the times we use Json as a request and response in the next sessions I will

discuss more about Json so these are response data so uh user's email ID user first name last name Avatar so this is this is the information we got it from the server when you send the get requester okay this is called payload yes and the same request we can directly send so for example this is a host actually okay this is the host see here so this is a host okay and what is a end point this is the end point this is the end point so this is the end point let me just copy

this okay so this is the end point let me copy and just I'm adding the end point to the URL here okay and this is a complete URL guys okay now if you send this request directly browser like this you can also get the response now we can see this is the response but here they have given inbuilt options here to send a get request put request post requests and so on and whenever you click on this button corresponder request will go and we will get the response so whatever response you captured here the same

response we also captured here same response okay this is how we need to send the a b request this is a get request so there's a reason we got the data and similarly let me send one more suppose I want to get the single user data from the database so I'm sending the get so you don't need to confuse anything guys for now you can just consider URL URI is the same okay no confusion you can consider as a shape URL URI is the same okay no confusion that's not much important actually okay so when

you click on the get request this time second one I'm getting the data of the single user single user data I got now this time what is the request it is an API slash user Slash 2 and this is now we got the response to 200 200 is nothing but what successful request if the request is successfully done then you will get the 200. and we also have different response codes like 200 201 401 501 different type of responses codes we have based on that we can decide whether the request is successfully completed or not

so now with the same request I want to test through my browser how we can test again same host I can put here first okay same host and what is the end point to get the single user what is the end point to get the single user this is the end point APA slash users slash to apa slash users slash two so I can say APA slash users slash two so when I say two here I'll get the information about the second user so let me just copy and send that in the browser so even

through browser also we can send the request and we can get the response from the API but everything is not possible through browser only get three is possible get request is possible through browser but when you do Post request or delete request or put request through browser it is not possible okay we have to use different tools like Postman so here only get request is possible through browser so I'm sending the complete URL here then I got the information of the single user so when it says send to here I got the id2 here so

I got the user information second user information suppose I want to get the third user information I can say three here then I got the third user information okay so I'm sending some request and then I got some response from the eapi that is also get request now let us see one more type of request so let us say this is single user not found and here this is also get request list of resources and single resources and post requester create means what it will go and create a new user in the database for that

we will use post request and suppose the user is already available now I want to update then I can use put requester and Patch is also for updater and delete request suppose user is already there then I want to delete the user then I can send a delete request so different purposes we can send different type of request but only through browser get requests are possible post request put request delete request these things are not possible through browser we have to use some other tools so that's the reason we cannot use here okay payload is

nothing but a the data which we will send through the requester okay payload is nothing but the data which will send through request and will get some data from the response also right that's a payload for example I'm sending the get request here are you sending any payload along with this request guys please respond are we sending any payload with this requester payload are we sending any payload to this request no we are not sending any payloader but uh once you send this request are we getting some response here yes we are getting some response

data right this is called payloader response payload response payload sometimes you will send post the post request here click on the poster when you're sending the post request okay we have to send some data also what is the use of post request which will create a new record in the database which will create a new record in the server and what is the details of that new record we have to pass like if we pass a name and a job accordingly it will create a new record in the database so this is called request payload

along with this request URL we should also send some data this is called as a request payload and this is a response payload once you requested to create this data it is created exactly this time and it is also given some response to us okay so payload is nothing but a data request payload is nothing but what the data which is sending through request along with the request which is called as a request payload the data which is getting from the response which is called as a response payload simple okay so these are all sample

apis they have given and uh and the host is already here so we're just given some end points here and we can just export this API directly here when you click on this get here and when you send this resource now I got some response here this is also get request and suppose when you send it post request click on post here and now this name and job is sent through this request and we got some response here with the same name and job and with the uh some created it suppose I want to delete

some request so then go to the delete here and now here we need to pass some delete which one is deleted we pass to we will not get any response data here because the data is got deleted the record is got deleted the response is what two zero four is a response so some type of request we have to send payload and some type of request we don't need to send any payload so 2 0 is 4 is nothing but a no content yes that record the second record is not there in the database so

it is giving some no content because these are all some dumb dummy APS they may not take proper data they may not give proper records or proper response and from tomorrow I will show you the different type of APs which are real apis exactly we are going to test okay and these are some dummy AP just for your understanding I'm just showing you these apis a different type of request and get request we can also send through browser also but post request put request delete request these type of requests we cannot send so you need

to understand one important thing guys whenever you test an API okay whenever you test an API we have to pass some request we have to pass some input let us take any API we need to pass some request and we will get some response and as part of the request what you will pass you will pass the data and you will pass the URL sometimes you will pass some keys some class sometimes you will pass some authenticated information lot of things we have to send two requests sometimes but every APA may not require everything but

sometimes we have to pass something regarding this along with the request and whenever you get some response we will get some response data we will get some response status code and we will get some cookies we will get some headers response so many things we will get as part of the response so we need to validate all the stuff and that is part of your API testing so as a job as an APA tester job what is our responsibility we have to know what kind of request we have to send to the API we have

to know what kind of response it should return and accordingly we have to test the response we do a lot of variations on the response and that is what APA testing means that's what API testing means later the Apes testing is completed then this AP is integrated with the web application now this Webby application will interact with the API now whatever transactions will do this web the everything will happen through APA so basically whatever the operations we'll do on the web these operations will go to AP in the form of request and the API will

return the response uh APA will return the data to the web in the form of responsor so instead of testing this web if you directly test this API by sending request and response our API testing job is done so this is what exactly API testing means so guys understood now there are so many apas are exposed from different type of companies like we have Google Maps API we have uh Facebook apis and also we have LinkedIn apis so git GitHub apis so there are many types of apis some of them are freely we can access

some of them or require some authentication information and some of them we cannot directly access because they are more sensitive epas the companies they will use their internally purpose so all payment Gateway is also APS so when you do some kind of payment it will show you different payment options like you pay payment net banking credit card debit card right there internally having their own apis so when you select the internet banking option it will trigger some type of API and when you use payment option is UPI then that will trigger another type of API

right everything is happen only through apis but as a user we cannot see those apis internally once it is integrated but at the time of testing we are able to access the apis which are developed by the developers and then we are able to test them okay so this is all about introduction part like what is an API testing what is client server or Texture and uh what is exactly API testing means what how API Works what are the different type of requests right so these things we have understood as part of indirect sensation in

the next session we will try to install Postman tool and then we will start manual testing of apis okay so that's the plan so is it clear everyone on today's session so I'll stop here for today's session and if you have any general things we will discuss