A Closer Look at the API Hierarchy of Needs

In this article in our series covering API testing — check out the introduction and an analysis of what features make up any quality testing tool — we train our eyes towards the API Hierarchy of Needs. While it is primarily relevant to public-facing interfaces, the same principles are applicable those developed and tested in-house. It is essentially a programming version of the human hierarchy of needs created by psychologist, Abraham Maslow.

API Technologist, Bruno Pedro, published the API Hierarchy of Needs at APIUX.com. Even though the hierarchy was written primarily for programmers, QA personnel are also able to wean valuable information about the qualities making up the best APIs.

Read further to gain a better understanding of what capabilities any good API needs to provide to programmers as well as those QA engineers responsible for its testing. Since the hierarchy follows an inverted pyramid structure, we’ll take a look at each of the five sections, starting at the bottom — the most important layer.

Usability

An API needs to be easy to setup and implement. This simple concept applies to both programmers and the QA team. Strong documentation, well-written RESTful URLs, and the use of standard HTTP error codes all play an important role in an API’s overall usability.

Functionality

All functional points within an API need to perform as expected; the documentation is vital in explaining their ultimate behavior. The QA team plays an important role in validating the underlying code, as well as ensuring the proper error codes bubble up when exceptions are thrown. Whether the API is public or private, this hierarchy layer is arguably the most important for the QA role.

Reliability

APIs need to perform as expected each and every time they are accessed. This is an area where stress testing becomes important. The QA team needs to help ensure uptime is maximized. This becomes especially vital for public-facing APIs which provide revenue for the company responsible for the API’s development and hosting.

Proficiency

The best APIs actually increase the development skills of the programmers working with them. In some respects, they also offer a similar benefit to the QA personnel responsible for testing and validation. Rich documentation of the APIs functionality plays a big role in increasing the technical knowledge of the development and QA teams.

Creativity

The top layer of the API Hierarchy of Needs relates to creativity. In short, does the API inspire developers to use the interface in creative and unexpected ways? Bruno Pedro describes a scenario where APIs are mixed together to ultimately create a stronger product. QA personnel needn’t be shy about providing their own insight into new uses for an API.

While the API Hierarchy of Needs focuses on development staff, QA team members responsible for API testing should also take the time to understand these concepts as it improves their overall skill set, enabling them to offer meaningful suggestions to improve all aspects of an API. In this era of DevOps, collaboration is vital to ensure a strong and useful product.

Stay tuned to the Betica blog for future discussions covering the Wide World of QA.

What makes a Good API Testing Tool

Last week, we looked at API testing and its importance in ensuring a web application’s business rules and other functional areas are properly vetted before release. A QA process that only tests the presentation layer is insufficient for applications using a service-oriented architecture. In short, full API testing leads to a more robust and stable product.

This time out, we train our eyes at what functionality is necessary in any top notch API testing tool. In this collaborative era of DevOps and the Agile Manifesto, QA teams are tasked with accomplishing more in less time with fewer resources. Any good testing tool needs to function in a transparent manner, supporting the QA professional as they validate the application in question.

Here are some features any worthy API testing application needs to provide.

Easy Generation of Test Scripts

The modern QA process works at the speed of business — fast! Your QA software needs to support the quick generation of test skeletons and other relevant scripts. Even large APIs with complex testing scenarios shouldn’t require an inordinate amount of time to build test cases.

The Ability to quickly target Multiple Environments

One of the advantages of SOA development is the ability to swap out different tiers as development and testing needs change. Testers are faced with having to target multiple QA environments, sometimes using different data sources depending on the scenario. Any testing tool worth its salt must allow them to easily switch targets as the need arises.

Automation!

The modern QA professional works in a collaborative manner — this is the era of DevOps after all. The capability to automate the running of test scripts gives them time to attend meetings, helping ensure the QA voice is properly heard during all parts of the software development lifecycle — the earlier the better! Providing command-line support also allows tests to be included as part of the overall build process.

Platform and Framework Agnostic

No matter if a web application is written in Java, PHP, Ruby on Rails, or for the .NET framework, your testing tool needs to function in an agnostic fashion. A QA engineer can’t worry themselves with the language used for an application. They need to focus on testing each business rule and the other functionality contained within the API.

This same rule also applies to web service messaging formats — REST, SOAP, etc. Any API testing tool needs to support all major web development frameworks in a seamless manner.

Robust Test History and Reporting

When something goes wrong, the tester or developer needs to see at a glance what happened. Any API testing tool needs to offer a detailed test history, easily allowing the comparison of different test results. Meaningful metrics and other reporting features also help the QA team quickly discern the overall quality of any application.

If you or your QA staff are in the market for API testing software, hopefully this article offered a measure of insight before a purchase is made. Stay tuned for additional posts on Betica blog covering all aspects of the QA process.

An Introduction to API Testing

In this modern era of distributed computing where web service architectures remain dominant, the importance of API testing has grown significantly. Black-box testing, which primarily deals with overall application functionality, is no longer sufficient to fully validate the logic contained within the interfaces used in SOA-based programs. Enterprises developing distributed applications without proper testing run the risk of bug-laden application logic, poor performance, or even security holes prone to exploitation by hackers.

White-box testing, on the other hand, examines each functional point within an application’s logic. API testing, which follows this white-box approach, provides the mechanism to fully vet any distributed application’s codebase. Let’s take a closer look.

API Testing for the Three-Tiered Application Model

Most web-based applications follow a three-tiered application model. The presentation tier focuses on the interaction between the user and the program’s visual and functional interface — display, touchscreen, keyboard, etc. The data tier is where application data resides, usually stored in a database or a file system.

In the middle lies the logic tier containing the entire business logic for an application. Typically, it also handles the data access for the presentation and data tiers. The logic tier, in most cases, includes the entire API for an application, and as such, its testing requirements are paramount.

One of the advantages of strict adherence to the three-tiered architecture is the ability to swap out any tier with a QA test tool, including those designed specifically for API testing. Enterprises depend on testing tools like these to fully leverage the collaborative efficiencies gained by embracing the principles of DevOps and/or the Agile methodology.

What API Testing needs to Cover

Since the logic tier is responsible for an application’s business rules in addition to serving as traffic cop for the presentation and data tiers, API testing carries a lot of responsibility. Sometimes the project manager for a development effort gives API testing short shrift, primarily leaving the task to the programmers and their unit testing. This tends to be a poor strategy, as the QA team needs to play a role on any software development project from the beginning.

Many traditional QA approaches only focused on GUI testing which doesn’t provide enough code coverage of an application’s underlying logic. API testing — when properly implemented — gives applications a thorough vetting of their business rules and data access functionality. When combined the use of automated testing tools, the entire development team — developers, BAs, testers, etc. — becomes more efficient, achieving the promise of Agile and DevOps.

With business rules and data access encapsulated in the logic tier, as with a properly-architected application, API testing leads to a more robust product. Code maintenance and future upgrades become easier. Additionally, the API is able to be tested before other parts of the application are fully developed, most notably the user interface.

In short, API testing needs to be in the toolbox of any modern software testing team.

Stay tuned to future posts on the Betica blog as we dive more deeply into API testing as well as other topics of interest to the QA and software development professional.