What makes a Good API Testing Tool

Last week, we looked at API testing and its importance in ensuring a web application’s business rules and other functional areas are properly vetted before release. A QA process that only tests the presentation layer is insufficient for applications using a service-oriented architecture. In short, full API testing leads to a more robust and stable product.

This time out, we train our eyes at what functionality is necessary in any top notch API testing tool. In this collaborative era of DevOps and the Agile Manifesto, QA teams are tasked with accomplishing more in less time with fewer resources. Any good testing tool needs to function in a transparent manner, supporting the QA professional as they validate the application in question.

Here are some features any worthy API testing application needs to provide.

Easy Generation of Test Scripts

The modern QA process works at the speed of business — fast! Your QA software needs to support the quick generation of test skeletons and other relevant scripts. Even large APIs with complex testing scenarios shouldn’t require an inordinate amount of time to build test cases.

The Ability to quickly target Multiple Environments

One of the advantages of SOA development is the ability to swap out different tiers as development and testing needs change. Testers are faced with having to target multiple QA environments, sometimes using different data sources depending on the scenario. Any testing tool worth its salt must allow them to easily switch targets as the need arises.

Automation!

The modern QA professional works in a collaborative manner — this is the era of DevOps after all. The capability to automate the running of test scripts gives them time to attend meetings, helping ensure the QA voice is properly heard during all parts of the software development lifecycle — the earlier the better! Providing command-line support also allows tests to be included as part of the overall build process.

Platform and Framework Agnostic

No matter if a web application is written in Java, PHP, Ruby on Rails, or for the .NET framework, your testing tool needs to function in an agnostic fashion. A QA engineer can’t worry themselves with the language used for an application. They need to focus on testing each business rule and the other functionality contained within the API.

This same rule also applies to web service messaging formats — REST, SOAP, etc. Any API testing tool needs to support all major web development frameworks in a seamless manner.

Robust Test History and Reporting

When something goes wrong, the tester or developer needs to see at a glance what happened. Any API testing tool needs to offer a detailed test history, easily allowing the comparison of different test results. Meaningful metrics and other reporting features also help the QA team quickly discern the overall quality of any application.

If you or your QA staff are in the market for API testing software, hopefully this article offered a measure of insight before a purchase is made. Stay tuned for additional posts on Betica blog covering all aspects of the QA process.

An Introduction to API Testing

In this modern era of distributed computing where web service architectures remain dominant, the importance of API testing has grown significantly. Black-box testing, which primarily deals with overall application functionality, is no longer sufficient to fully validate the logic contained within the interfaces used in SOA-based programs. Enterprises developing distributed applications without proper testing run the risk of bug-laden application logic, poor performance, or even security holes prone to exploitation by hackers.

White-box testing, on the other hand, examines each functional point within an application’s logic. API testing, which follows this white-box approach, provides the mechanism to fully vet any distributed application’s codebase. Let’s take a closer look.

API Testing for the Three-Tiered Application Model

Most web-based applications follow a three-tiered application model. The presentation tier focuses on the interaction between the user and the program’s visual and functional interface — display, touchscreen, keyboard, etc. The data tier is where application data resides, usually stored in a database or a file system.

In the middle lies the logic tier containing the entire business logic for an application. Typically, it also handles the data access for the presentation and data tiers. The logic tier, in most cases, includes the entire API for an application, and as such, its testing requirements are paramount.

One of the advantages of strict adherence to the three-tiered architecture is the ability to swap out any tier with a QA test tool, including those designed specifically for API testing. Enterprises depend on testing tools like these to fully leverage the collaborative efficiencies gained by embracing the principles of DevOps and/or the Agile methodology.

What API Testing needs to Cover

Since the logic tier is responsible for an application’s business rules in addition to serving as traffic cop for the presentation and data tiers, API testing carries a lot of responsibility. Sometimes the project manager for a development effort gives API testing short shrift, primarily leaving the task to the programmers and their unit testing. This tends to be a poor strategy, as the QA team needs to play a role on any software development project from the beginning.

Many traditional QA approaches only focused on GUI testing which doesn’t provide enough code coverage of an application’s underlying logic. API testing — when properly implemented — gives applications a thorough vetting of their business rules and data access functionality. When combined the use of automated testing tools, the entire development team — developers, BAs, testers, etc. — becomes more efficient, achieving the promise of Agile and DevOps.

With business rules and data access encapsulated in the logic tier, as with a properly-architected application, API testing leads to a more robust product. Code maintenance and future upgrades become easier. Additionally, the API is able to be tested before other parts of the application are fully developed, most notably the user interface.

In short, API testing needs to be in the toolbox of any modern software testing team.

Stay tuned to future posts on the Betica blog as we dive more deeply into API testing as well as other topics of interest to the QA and software development professional.

Betica Technology Solutions Philippine Software Testing Laboratory Receives ISO Accreditation

Recognized as a key provider of software testing outsourcing in Asia, Betica Technology Solutions Manila receives an ISO certification. The accreditation categorizes the company as the first ISO 17025 Software Testing Laboratory in the country. With the ISO accreditation, the company will be able to assist customers with regulatory requirements wherein the accreditation is a precondition made by governmental bodies.

Betica was granted accreditation by the Philippine Accreditation Bureau (PAB) of the Department of Trade and Industry (DTI) in the field of Software Testing November 12, 2015. This is after an assessment which Betica was determined as conforming to the requirements of PNS ISO/IEC 17025:2005, following the standard method of the ISO/IEC/IEEE 29119-2, 1st Edition 2013 and the PAB conditions for laboratory accreditation.

About Betica Technology Solutions:
Betica Technology Solutions was founded in 2011 and is a leading provider specialising in Software Quality Assurance, Regulatory Compliance Services and Software Development. With headquarters in Asia, the company’s Software Development Center and ISO 17025:2005 Software Testing Laboratory uniquely positions us to deliver high-quality and cost-effective end-to-end technology solutions and services.

For more information, visit our social media links!

LinkedIn
Facebook
Google
BeticaTech