What is Postman and How to Use it for API Testing
What is Postman and What is it For?
The software-world is full of APIs of different types and with different purposes. Postman is a tool that we can use to access and test any API we want to. Most of the time, we will use Postman to test the APIs we are building in the project/software-product we are working on. But Postman can also be used to test or “call” any API that is available and published anywhere on the internet, like public APIs you are integrating with.
Let’s see how. But first, let’s understand what APIs are.
What is an API?
API stands for “Application Programming Interface”. An API is a group of definitions, functions, parameters and fields, that represent the communication capabilities between software components. They are often used to exchange information between different software products (or components), regardless of the technology used in each case and the way each software product was created.
Internal vs External APIs
APIs can be internal or external to a software. Internal means that the software product (or app, or system) uses the API internally for the communication between its own components. And external means the API is used for the communication between different software products.
Public vs Private APIs
At the same time, an API can be public or private. Public means that the API is published on the internet and that is accessible from anywhere with an internet connection; whereas private means that the API can be accessed only by those allowed (when we say “those” we talk about other software products which includes Postman since it’s a software product designed to “call” and access APIs).
APIs Uses: Examples
APIs have different uses and purposes. For example, some software products use APIs to send data to other software products in which the data is processed and/or shown to the user. In other cases, software products use APIs to insert information into a database. These are just a few examples of how an API can be used in the real world.
In the documentation of an API we will find how to use it and how to integrate with it. The documentation includes technical specifications, references, instructions of how to work with the API, and how the API functions work. It also includes the parameters that the different functions can expect and what the responses look like.
Spoiler alert: in the “How to use Postman: making your first request” section of this post we will see an example of how to perform a very first and easy test of an API. We will use a public API called chucknorris.io. Here you can find the mentioned API documentation.
Remember, if you create and develop an API somewhere in the future, don’t forget to provide a clear and updated API documentation.
There are various types of APIs. The differences between each type is how an API is developed, the specifications and guidelines it follows, how it is implemented, and how its architecture is designed.
The types of APIs supported by Postman are:
- REST (aka RESTful)
Each type of API uses different “formats” to show and save data. Some of the most used are:
- JSON: used in REST APIs
- XML: commonly used in SOAP APIs
Another spoiler alert: the chucknorris.io API we will be working on later is a REST API and works with the JSON format.
What is the HTTP Protocol
The HTTP protocol is a communication protocol that allows transferring data through files across the public internet. It is one of the most used protocols by APIs, and it’s commonly used in REST APIs.
The last spoiler alert: the chucknorris.io API uses the HTTPS protocol (the “secure” version of HTTP).
HTTP Response Status Codes
For each request, we will receive a response from the REST API, and the HTTP protocol will include a status code inside that response.
The most common HTTP status codes are:
- 200: OK
- 301: Permanent Redirect
- 302: Temporary Redirect
- 403: Forbidden
- 404: Not Found
- 500: Internal Server Error
- 503: Service Unavailable
HTTP Methods (verbs) for REST APIs
The most-commonly-used HTTP verbs (or better to say “HTTP methods”) are:
- GET: we use this method to ask/consult for information
- POST: we use this method to insert/create new information
- PUT: we use this method to update existing information
- PATCH: we use this method to partially update existing information
- DELETE: we use this method to delete existing information
Testing APIs with Postman
Postman’s Main Features
Postman provides multiple features and capabilities that have to do with APIs. Let’s bring to light the most important ones. We’ll keep it simple for now and focus on the basic features for API testing and teamwork.
REQUESTS & RESPONSES
Through the requests, we are able to exchange data between Postman and the API under test, as well as validate the content of the responses that the API returns. The requests can be saved and edited.
We can create unlimited personal and team workspaces, in order to share information with our teammates. Inside the workspaces we are able to set collaborator roles and give feedback in comments, among other possibilities.
By creating collections, we can organize our API requests within our different workspaces.
Here you'll find a detailed and full list of the Postman features (official).
How to Use Postman: Making Your First Request
In the software slang, when we say that we “call” an API, we are actually saying that we are going to access the API and use it to exchange data. During the “data exchange” we can use the HTTP Methods to ask for information.
Let’s see a step-by-step basic example of how to use Postman Desktop Agent to consult for information, using the GET http method. The API we are going to use in the example is the already mentioned (in the spoilers) public API called chucknorris.io, which you can see here.
Step-by-step request example
Here you have the step-by-step basic example, are you ready? Go!
Step 1: Download the Postman Desktop Agent by clicking here and installing it on your PC.
Postman Desktop Agent
Postman has a “desktop agent” that anybody can download for free and install on their computer. The Desktop Agent let’s you access the API you want and start testing it in a few steps.
In order to use the desktop agent, there’s no need for you to create a postman account, since you can use it in “Scratch Pad mode”.
The Scratch Pad is for all your scrappy, exploratory work on Postman. All the data is saved locally on your machine, so only you have access to it.
If you want to collaborate in real-time, sync your work and save it in the Postman servers, you’ll have to create a free Postman account and sign-in in the desktop agent using your brand new Postman account.
Postman Desktop Agent
Step 2: Launch the Postman Desktop Agent and go to File --> New tab.
Step 3: In the request tab you just created, look for the “Enter Request URL” field.
Step 4: Once you find the “Enter Request URL” field, copy and paste the next URL into it: https://api.chucknorris.io/jokes/random. You can paste the URL of any API you wish to call. To follow our example, make sure the URL of the API you put is a GET method.
Step 5: Click on the “Send” button.
Step 6: Verify the response:
- The HTTP Status Code should be 200 OK
- In the body of the response, the JSON format-file should have different fields with information.
- The “value” field should have a Joke (in legible english text) about Chuck Norris.
Congrats! You have performed your first Request to an API, using Postman.
Postman Desktop Agent with a GET Request and its response, using the ChuckNorris API
Postman Web Client
There is also a Postman Web Client that you can use for free as well to complete the steps from above, but in this case, it’s mandatory to create a free Postman account in order to use the tool.
It is known that the nature of browser-architecture brings with it some limitations in the exchange of data across a variety of domains. That’s why the postman community recommends using the Postman Web Client along with the Postman Desktop Agent, synchronising them with a Postman Account. This will improve your experience with the tool.
With the free version (in both desktop agent and web client), we will be able to start testing any API quickly and easily.
And I must say, something that caught my eye is the built-in bootcamp that Postman provides to help us to get involved and learn how to use the tool.
Postman SignUp screen
Postman Web Client
API Test Automation with Postman
What is more, those automated tests can be added to a CI/CD Pipeline. This is a more technical aspect of API Testing using Postman, and that’s why we mention it at a very high level, since this post intends to be introductory and focused on API testing without automation. If you want to find out more about API Automated Testing using Postman, I recommend you to take a look at the official documentation here.
Overall Thoughts About Postman
There are several tools that we can use to manage, access, develop and test APIs, and Postman is a very good option. No matter if you are a technical or a non-technical tester, the easy and quick onboarding makes Postman one of the tester’s best tool-friends. Postman has interesting and innovative functionalities that are very helpful. The intuitive, smart and stylish interface provides an excellent user (or tester) experience.
Give it a try!
To start API testing with BlazeMeter, click here.