API Test Automation Using API Collection

TABLE OF CONTENTS

1. Overview

2. API Test Automation When API Details are Captured Using algoQA API Collection

1. Overview

This topic provides how to automate an API by leveraging algoQA platform when API details are captured from an API collection using algoQA API forms. To create API collection using algoQA API forms, click here.

Tip: Alternatively, if you wish to automate an API by leveraging algoQA platform when API details are captured from an API collection, such as Postman, install the Postman app for different operating systems, such as Windows, Linux and Mac by clicking here.
Upon installing Postman App, create an API collection and include all the necessary requests to perform user actions.

2. API Test Automation When API Details are Captured Using algoQA API Collection

• User actions and HTTP Methods:
  API endpoints correspond to specific user actions, and different HTTP methods indicate the type of operation you want to perform on these endpoints.
  
• Example:
  Consider the following example using user actions to access the profile and their corresponding HTTP methods, such as POST, GET,  PATCH, OPTIONS and DELETE

Perform the following:

1. Creating a Project: 
   • Name your project as "API Automation using algoQA collection."

   • Select "API Automation."

   • Click "Create" to initiate the project setup.

2. Uploading an API collection:
   

   In the Main Canvas, click the arrow in the lower-right corner to view the side panel and select Upload option to upload the API collection. Note: Ensure the API collection is in JSON format.

   
   
3. Executing the API Automation Test Cases
   1. Let us validate the HTTP method details to log in a user using the POST method, save it and click Send to execute it. Enter the URL, if required you can add parameters in Key and Value text boxes by clicking the plus icon, select the Authorization as Bearer Token in the Authorization tab and add the appropriate parameters. In the Body tab, pass the request body and click Send, as shown:

      
      

      Tip: If you have selected 'No Auth' in the Authorization tab, then you can provide Bearer token and the Authorization key in the Header tab. 

      
      You can confirm the execution status in the status bar, as shown: 
      • Understanding the example:
        In the provided example:
      • Endpoint: /api/login is the endpoint or URL where the login functionality is implemented.
      • HTTP Method: POST is used to submit user credentials.
      • Request Body: The username and password are included in the JSON file that is part of the request body.
        Similarly, you can configure PUT HTTP method is used to change an existing resource with new information, or make a new  if it’s not there
   2. Let us validate the HTTP method details to update user details, such as user_ID using the PATCH method, save it and click Send to execute it. Enter the URL, if required you can add parameters in Key and Value text boxes by clicking the plus icon, select the Authorization as Bearer Token in the Authorization tab and add the appropriate parameters. In the Body tab, pass the request body and click Send. You can confirm the execution status in the status bar, as shown: 
      
      • Understanding the example:
        In the provided example:
      • Endpoint: /api/users/{user_ID} is the endpoint or URL where the login functionality is implemented.
      • HTTP Method: PATCH is used to update user specific information.
      • Request Body: The user_ID and Job title are included in the JSON file that is part of the request body.
        
   3. Let us validate the OPTIONS method which is used to query a server to find out what actions or operations can be performed on a particular resource, save it and click Send to execute it. You need to specify the URL of the resource you want to query.  You can confirm the execution status in the status bar, as shown: 
      
      • Understanding the example:
        In the provided example:
        • Endpoint: https://cloud.iexapis.com/stable/stock/AAPL/quote?token=YOUR_API_KEY is the endpoint or URL 
        • HTTP Method: OPTIONS is used.
   4. Let us validate the HTTP method details to update user details, such as user_ID and using the DELETE method, save it and click Send to execute it. Enter the URL, if required you can add parameters in Key and Value text boxes by clicking the plus icon, select the Authorization as Bearer Token in the Authorization tab and add the appropriate parameters. In the Body tab, pass the request body and click Send. You can confirm the execution status in the status bar, as shown: 
      
      • Understanding the example: The DELETE HTTP method asks the server to delete a specified resource.
        In the provided example:
        • Endpoint:https://algoshack.net/apiautomation/project/deleteApi/17961 is the endpoint or URL 
        • HTTP Method: DELETE is used.
        • Request body which will be deleted is
          {

            "projectId": "15772"

          }

        • When the record is delete and 401 unauthorized error is displayed.
          
          
4. If you are adding environmental variable for a particular API collection in the , it will be generated in a separate file named  TestDataEnv.json within your test cases folder.

   TestDataEnv.json is a configuration file used to store user-defined environment variables. It allows you to manage and access these variables from a single location. For more information on how to update environmental variables and generating a separate environmental file, see Updating Environmental Variables and Generating a Separate File.
   
   

5. Generating the Test Automation Scripts 
   1. In the left panel, select the appropriate folder to view the sequence. Select the user actions and click the Generate Scripts button (To access side panel, refer to step 2 - 'Uploading an API collection' section). 
   2. If you wish to generate negative scenarios, you can upload a dataset in CSV format. Ensure that you select the same scenario that was created using the Follow Me feature. When you check the dataset option, this feature allows you to generate datasets that were uploaded recently. When unchecked, the system will generate default datasets. To access the 'Upload Dataset' option, click the More Menu option and select 'Upload Dataset', as shown:
      In the API script generation screen, perform the following as shown:
      Select Data Set option and click Generate Script. After generating the scripts, click More Menu () to view Download Data Set button. Upon clicking, system will create a template in the spreadsheet format for you to update your inputs. In this template, you can add Request URL, API header, API Request and API Output. Spreadsheet template is as follows:
      When you upload a dataset for a negative test case and wish to generate a separate YML file, then refer to the article Options for Generating Test Data in a Separate YAML File.
      
      
6. In the negative scenario verification, it ensures that the API enforces permissions by returning a 403 Forbidden status when an authenticated user tries to access a resource they are not allowed to access.
   Verify that an API returns a 403 Forbidden response when a user attempts to access a resource they do not have permission access, even if they are authenticated.
   Additionally, when you pass parameters in key and value as username and 'na' it will reflect in the Feature File.
   Note that while generating test cases for negative test data, in the script generation screen, click edit to view Data Generation tab. In this Data Generation tab, select the Yes option to view the parameters listed. Options available are URL, Params, Authorization, Header and Body.   By default, all the options are selected. You can choose the options as required. Negative test cases are generated only for URL, Header and Body.
   
   Report will be generated, as follows: 
   
7. If needed, you can rearrange the sequence with drag-and-drop functionality in the right pane and click the Update Sequence button. 
   If you wish to update the sequence in the left pane, then perform the following: 
   
   Uncheck the 'Select All' check box if it is checked.  The check box is highlighted in green. You can use drag-and-drop functionality to rearrange the steps. Save and Revert buttons will be enabled for you to choose appropriate button then click Update Sequence button. 
   Note that the sequence updated for a particular collection in the script generation screen, it will reflect in the  Create API screen. You can click back arrow and verify if the changes are reflecting. 
   If you move to a different API collection without saving the changes after rearranging the request names, the system will alert you stating that you have unsaved changes. Choose save or revert button before proceeding:
   In the left pane of the top-left corner, click down arrow corresponding to User Management API >Project Directory pane > navigate to the Test Cases folder to access the Feature File. In this Project Directory, you can view all the generated files and delete the ones created on that specific day.
   A system generated Feature File is as follows:The system analyses the Test Cases and then generates the script.
8. Downloading the Script
   In the Project Directory folder, right-click on the Script Generated folder and select Download option to download the script and save it to your local folder. You can access the Scripts from the Project Directory in the left pane.
9. Executing the Test Automation Script
   • Navigate to the same folder described in the previous step. Run the following command to trigger the script.

     mvn test

   • Build success message will be displayed and you can view the respective report.