Abstract: Applications increasingly talk to each other behind the scenes via APIs. Google’s recent acquisition of Apigee, an API management company, is a strong indicator of the continued importance of APIs in software development. APIs are like building blocks, providing services and data that can be connected with other APIs to build powerful customized apps. However, testing an API can be challenging for these reasons:
- There is no built-in interface
- Breaking changes can cause widespread outages
- Sensitive data may be exposed or accessed
- Accepted testing paradigms can be difficult to adapt to APIs
In this workshop, you will learn how to fearlessly approach testing an API even if you've never heard of HTTP or cURL. In particular, you will learn:
- Current business trends that are driving API development
- Components of HTTP requests and responses, including authentication models, and how to inspect HTTP traffic
- How to ‘explore’ an API and get some hands-on practice using popular tools
- Tips on how to design tests for security, performance and backwards-compatibility risks
- How to incorporate juggling, magic, and standup comedy into your tests (courtesy of Dan)
Learning Outcomes: - APIs and application architecture - Why APIs are important
- HTTP basic info
- How to turn an HTTP request and response into a 'test'
- Exploratory testing heuristics particularly valuable when testing an API
- Recommended tests for any API
Attachments:
