API Testing Fundamentals

Foundational skill (2015-2025). See the master guide for context.

API testing is the highest-leverage testing activity in modern software. A single API endpoint may serve the web app, mobile app, third-party integrations, and internal microservices simultaneously. A bug at the API layer propagates everywhere. An API test suite runs in seconds — no browser to launch, no DOM to render, no visual flakiness.

Topics Covered

1. Tools — `01-tools/`

Postman Exploration — manual API exploration, environments, test scripts, and collection organization
Newman and pytest — automating API tests in CI/CD with Newman and pytest + requests

2. REST Testing — `02-rest-testing/`

Response Validation — status codes, response structure, pagination, and data integrity checks
Authentication — API keys, OAuth 2.0, JWT, session cookies, and testing auth flows
Error Handling — error response validation, rate limiting, information leakage prevention, and environment parameterization

3. Beyond REST — `03-beyond-rest/`

GraphQL Testing — query testing, error handling, introspection, and security concerns
gRPC Fundamentals — Protocol Buffers, grpcurl, streaming, and testing considerations
API Versioning — versioning strategies, backward compatibility testing, and interview talking points

Why This Matters

API tests are the backbone of any test automation strategy. They are fast, reliable, and catch bugs at the layer where they originate. A team with strong API test coverage can deploy with confidence even when UI tests are still catching up.

API Testing Fundamentals

Topics Covered

1. Tools — 01-tools/

2. REST Testing — 02-rest-testing/

3. Beyond REST — 03-beyond-rest/

Why This Matters

1. Tools — `01-tools/`

2. REST Testing — `02-rest-testing/`

3. Beyond REST — `03-beyond-rest/`