Select Page
Software Testing

The Complete Guide to Perform Manual REST API Testing Using Postman

We start right from the basics and cover all the topics you will need to know about to perform Manual Rest API testing using Postman.

Postman is one of the most popular software testing tools which is used for API testing. Postman is widely used by both software testers and developers for testing as it is easy to integrate with Continuous Integration (CI) & Continuous Development Pipelines. Postman sends an API request to the webserver and receives the response. As one of the leading QA companies, we have been doing our manual Rest API testing using Postman whenever it was deemed necessary. So if you are someone who is looking for a complete guide that explains everything from what is REST API to how it works to how it can be manually tested using Postman, you will definitely find this blog useful.

API (Application Programming Interface)

An API is a set of defined rules that enables computers or applications to communicate with one another. APIs sit between an application and the webserver and acts as an intermediary that processes data transfer between systems.

What is REST API?

  • REST API (Representational State Transfer Application Program Interface) is an architectural style that allows the software to communicate with other software on the same device or over a network.
  • REST APIs communicate via HTTP requests to perform standard database functions like creating, reading, updating, and even deleting records (also known as CRUD) within a resource.

Why REST API?

These are the major reasons as to why we choose REST API over the other options. REST API is

1. Easy to Learn & Implement

2. Easy to Build & Maintain

3. Scalable

4. Cacheable

5. Flexible and Portable

How does REST APIs work?

As stated earlier, REST APIs use HTTP requests for their communication. HTTP works as a request-response protocol between a client and server and enables client-to-server communication. For example, your web browser can be considered as the client, and the application on the computer that hosts the website can be termed as the server. So if your browser (client) submits an HTTP request to the server, the server will return a response that contains the status information of the request and the requested content if any were requested.

Common HTTP methods (CRUD commands) used in REST API:

Most of these commands have very straightforward names that make them self-explanatory. So once you have been introduced to them, it will be very easy for you to remember.

  • GET – The GET method can be used to extract information from the given server using a given URI. It is worth noting that when you use the GET request, it should only extract the data and not have any other effect on the data. So no Payload/Body is required.
  • POST – As the name suggests, a POST request is used to send data to the server. Data like customer information, files, and so on can be sent using HTML forms.

  • PUT – Using PUT, you will be able to replace all the current representations of the target resource with the uploaded content.
  • DELETE – It can be used to remove all the current representations of the target resource given by a URI.

There are other CRUD commands like patch, copy, and so on as well. So once you are thorough with these basics, you can explore them.

API Contract

We have seen the basics of REST API that you will need to know. There are also a few basics of Postman that you should be familiar with. But before we can move forward, we have to explore a few aspects of the API contract as you’d have to know the following information to perform manual REST API testing using Postman.

Endpoint:

It is the address where the API is hosted on the Server. An End Point Request URL can be constructed as below
Base URL/resource/(Query/Path)Parameters

Resources:

They represent the API/Collection that can be accessed from the Server. We have listed a few common examples below to help you understand better.

  • Google.com/maps
  • google.com/search
  • google.com/images

Here maps, search and images are the resources of Google.com which is the Base URL.

Path Parameters:

Path parameters are the variable parts of a URL path. They are generally used to point to a specific resource within a collection in the same way how a user is identified by ID.

Example for Path Parameters:

  • https://www.google.com/Images/1123343
  • https://www.google.com/docs/1123343
  • https://amazon.com/orders/112

Here 1123343, and 112 are the parameters

Query Parameters:

Query Parameters are primarily used to sort or filter the resources. They can be identified with ”?” (A Question Mark). You’ll be able to identify them once you see a few examples.

  • https://amazon.com/orders?sort_by=07/09/2021
  • https://www.google.com/search?q=newyork&oq=newyork&aqs=chrome..69i57j0l7.2501j0j7&sourceid=chrome&ie=UTF-8

Here orders and search are your resources and they are sorted and filtered by the query parameter that is followed by the “?”.

Headers/Cookies:

Headers represent the meta-data associated with the API request and its response. In layman’s terms, it will be used to send additional details to the API for processing our request. An example of it would be the authorization details.

Sample API Contract for Basic CRUD commands:

Apart from these values, we would also have to know about the HTTP method in use, the body, content types of the parameter and response (either Application or JSON), and also the response value. You will get a clear idea of these aspects when we see a few examples.

1. Request to Log in – Successful

Parameters

Base URL: https://reqres.in

Request : /api/login

Request Type: POST

Body :

{
    "email": "[email protected]",
    "password": "cityslicka"
}

Parameter Content Type: application/json

Responses:

Response Content Type: application/json

Response Code : 200

Description : OK

Response Value :

{
    "token": "QpwL5tke4Pnpja7X4"
}
2. Request to Get a List of Users

Parameters

Base URL: https://reqres.in

Request: /api/users

Request Type: GET

Responses:

Response Content Type: application/json

Response Code : 200

Description : OK

Response Value :

{
    "page": 1,
    "per_page": 6,
    "total": 12,
    "total_pages": 2,
    "data": [
        {
            "id": 1,
            "email": "[email protected]",
            "first_name": "George",
            "last_name": "Bluth",
            "avatar": "https://reqres.in/img/faces/1-image.jpg"
        },
        {
            "id": 2,
            "email": "[email protected]",
            "first_name": "Janet",
            "last_name": "Weaver",
            "avatar": "https://reqres.in/img/faces/2-image.jpg"
        },
        {
            "id": 3,
            "email": "[email protected]",
            "first_name": "Emma",
            "last_name": "Wong",
            "avatar": "https://reqres.in/img/faces/3-image.jpg"
        },
        {
            "id": 4,
            "email": "[email protected]",
            "first_name": "Eve",
            "last_name": "Holt",
            "avatar": "https://reqres.in/img/faces/4-image.jpg"
        },
        {
            "id": 5,
            "email": "[email protected]",
            "first_name": "Charles",
            "last_name": "Morris",
            "avatar": "https://reqres.in/img/faces/5-image.jpg"
        },
        {
            "id": 6,
            "email": "[email protected]",
            "first_name": "Tracey",
            "last_name": "Ramos",
            "avatar": "https://reqres.in/img/faces/6-image.jpg"
        }
    ],
    "support": {
        "url": "https://reqres.in/#support-heading",
        "text": "To keep ReqRes free, contributions towards server costs are appreciated!"
    }
}
3. Request to update user Information

Parameters

Base URL: https://reqres.in

Request : /api/users/{{User_ID}}

User_ID=2

Request Type: PUT

Body :

{
    "name": "morpheus",
    "job": "zion resident"
}

Parameter Content Type: application/json

Responses:

Response Content Type: application/json

Response Code : 200

Description : OK

Response Value :

{
    "name": "morpheus",
    "job": "zion resident",
    "updatedAt": "2021-10-05T19:20:33.979Z"
}
4. Request to Get a List of Users

Parameters

Base URL: https://reqres.in

Request : /api/users/{{User_ID}}

User_ID=2

Request Type: DELETE

Responses:

Response Content Type: application/json

Response Code : 204

Description : OK

Response Value :[]

Now that we have fully covered all the prerequisites when it comes to REST API, let’s see why we use test REST APIs and explore a few other prerequisites that will be required to perform Rest API testing using Postman.

Why Postman tool?

Postman is a simple GUI for sending HTTP requests and viewing its responses. It is built upon an extensive set of power tools, which are incredibly easy to use. Postman helps you perform a variety of functions and has a lot of useful functionalities as well.

  • Since Postman is accessible from anywhere, you have to just install it into the device and access it by logging into the account.
  • Your test suites will be more organized as Postman allows users to build collections for their API calls. Every set can create multiple requests and subfolders.
  • Using Postman, you’ll be able to test checkpoints with the verification of the successful HTTP response status that will be added to every API call.
  • Automation Testing becomes easier as several iterations of the tests can be performed by using the Collection Runner or Newman. So you can save a lot of time when performing repetitive tests.
  • As Postman makes it easy to create environments, you can design multiple environments and reduce the replication of tests as you’ll be able to use the same collection for a different setting.
  • The postman console helps to track what data is being retrieved makes it possible to effectively debug the tests.
  • The scope for collaboration is also high as you can import or export your collections & environments and share those files. You can also use a direct connection to share the collections.
  • Postman supports continuous integration as well.
  • You can use Postman by either downloading & installing their application or use their web version. It is a good option to have as both offer great performance.

How to create API requests in Postman

Learning how to create API requests is an integral part of learning how to perform manual REST API Testing using Postman. You will need to know more about the following 2 features to create an API request.

  • Workspace
  • Collections
Workspace in Postman:

Postman Workspaces acts as a common working area where you can group your API projects together and use API builder to define APIs or generate API elements. So they are helpful in organizing your API work better and collaborating with your teammates as well. Now let’s see how to create one.

Creating a Workspace in Postman:

Click on the Workspace dropdown in the header -> New Workspace -> WorkSpaceName (Type any workspace name you wish) -> Create Workspace.

Creating Workspace in Postman

Collections in Postman:
  • Postman Collections are Executable API Descriptions Postman’s collection folders make it easy to keep your API requests and elements organized.
  • Generate Collections from API schemas Generate a collection from an API schema to view and edit each request.
    Creating Collections in Postman:

Click on File -> New -> Collection -> CollectionName (Assign a Collection Name as you wish)

OR

Click Collection -> Create Collection Icon (+) -> CollectionName (Enter a Collection Name of your wish)

Creating Collections in Rest API testing using Postman

For testing the CRUD commands, we are going to use the information which is present in the above mention API contract.

Testing POST Request to Log in – Successful:

To make a POST request, click on the More option icon (…) -> Add Request -> Login User

Testing POST request to log in

1. From the Dropdown select POST

2. In the “Enter request URL” text box, type the following (URL): https://reqres.in/api/login

3. Click on Body Tab, select the ‘Raw’ radio button, and then the JSON format from the dropdown list.

4. In the text box, paste the Login Credentials:

{
 "email": "[email protected]",
 "password": "cityslicka
}

5. Click on the Send button

6. You should be able to see the below response:

Testing POST request response in Rest API Testing using Postman

7. Also, make sure to check for the correct status code here. In this case, you should get: ‘Status: 200’ as shown in the image below.

Correct Status Code in the response

Testing GET Request to Get the List of Users:

To make a GET request, you have to click on the More options icon (…) -> Add Request -> Request to Get List of Users (Assign any requested name you wish)

1. From the Dropdown list, select GET

2. Type the mentioned URL (https://reqres.in/api/users) in the “Enter request URL” text box.

3. Click on the Send button.

4. You’ll be able to see the below response:

Testing GET request response in Rest API Testing using Postman

5. Once again, check for the status code and see if it is ‘Status: 200’.

Correct Status Code in the GET response

Testing PUT Request to update user Information:

Same as above, you have to click on the More option Icon(…) ->Add Request -> Request to Update user Information (Enter any request name of your choice)

1. Click on ‘PUT’ from the dropdown list.

2. In the “Enter request URL” text box that appears, type this URL: https://reqres.in/api/users/2

3. Click on the ‘Body’ Tab, select the ‘Raw’ radio button, and then choose the JSON format from the dropdown.

4. Paste the Login Credentials in the text box:

{
    "name": "morpheus",
    "job": "zion resident"
}

5. Click on the ‘Send’ button

6. You will see the below response:

Testing PUT request response in Rest API Testing using Postman

7. Check if the status is shown as ‘200 OK’.

Correct Status Code in the PUT response

Testing DELETE Request to Remove Users from Database

Click on the More option Icon (…) -> Add Request -> Request to Get the list of Users (Enter any request name you wish)

1. From the Dropdown list of options, select ‘DELETE’.

2. Type this URL https://reqres.in/api/users in the “Enter request URL” text box.

3. Click on the ‘Send’ button

4. Check is you see the below response:

Testing DELETE request response in Rest API Testing using Postman

5. Check if ‘Status: 200 OK’ is visible as shown in the image below.

Correct Status Code in the DELETE response

Conclusion:

It is evident that the steps we saw for each request were almost identical to each other. So by now, you should have no trouble in performing Rest API testing using Postman in an effective way to ensure high quality. As a leading manual testing services provider, we have often used Postman for our manual testing projects. But Postman can also be used for automation testing with the help of Test scripts.

Written By

Submit a Comment

Your email address will not be published. Required fields are marked *


Postman is one of the most popular software testing tools which is used for API testing. Postman is widely used by both software testers and developers for testing as it is easy to integrate with Continuous Integration (CI) & Continuous Development Pipelines. Postman sends an API request to the webserver and receives the response. As one of the leading QA companies, we have been doing our manual Rest API testing using Postman whenever it was deemed necessary. So if you are someone who is looking for a complete guide that explains everything from what is REST API to how it works to how it can be manually tested using Postman, you will definitely find this blog useful.

API (Application Programming Interface)

An API is a set of defined rules that enables computers or applications to communicate with one another. APIs sit between an application and the webserver and acts as an intermediary that processes data transfer between systems.

What is REST API?

  • REST API (Representational State Transfer Application Program Interface) is an architectural style that allows the software to communicate with other software on the same device or over a network.
  • REST APIs communicate via HTTP requests to perform standard database functions like creating, reading, updating, and even deleting records (also known as CRUD) within a resource.

Why REST API?

These are the major reasons as to why we choose REST API over the other options. REST API is

1. Easy to Learn & Implement

2. Easy to Build & Maintain

3. Scalable

4. Cacheable

5. Flexible and Portable

How does REST APIs work?

As stated earlier, REST APIs use HTTP requests for their communication. HTTP works as a request-response protocol between a client and server and enables client-to-server communication. For example, your web browser can be considered as the client, and the application on the computer that hosts the website can be termed as the server. So if your browser (client) submits an HTTP request to the server, the server will return a response that contains the status information of the request and the requested content if any were requested.

Common HTTP methods (CRUD commands) used in REST API:

Most of these commands have very straightforward names that make them self-explanatory. So once you have been introduced to them, it will be very easy for you to remember.

  • GET – The GET method can be used to extract information from the given server using a given URI. It is worth noting that when you use the GET request, it should only extract the data and not have any other effect on the data. So no Payload/Body is required.
  • POST – As the name suggests, a POST request is used to send data to the server. Data like customer information, files, and so on can be sent using HTML forms.

  • PUT – Using PUT, you will be able to replace all the current representations of the target resource with the uploaded content.
  • DELETE – It can be used to remove all the current representations of the target resource given by a URI.

There are other CRUD commands like patch, copy, and so on as well. So once you are thorough with these basics, you can explore them.

API Contract

We have seen the basics of REST API that you will need to know. There are also a few basics of Postman that you should be familiar with. But before we can move forward, we have to explore a few aspects of the API contract as you’d have to know the following information to perform manual REST API testing using Postman.

Endpoint:

It is the address where the API is hosted on the Server. An End Point Request URL can be constructed as below
Base URL/resource/(Query/Path)Parameters

Resources:

They represent the API/Collection that can be accessed from the Server. We have listed a few common examples below to help you understand better.

  • Google.com/maps
  • google.com/search
  • google.com/images

Here maps, search and images are the resources of Google.com which is the Base URL.

Path Parameters:

Path parameters are the variable parts of a URL path. They are generally used to point to a specific resource within a collection in the same way how a user is identified by ID.

Example for Path Parameters:

  • https://www.google.com/Images/1123343
  • https://www.google.com/docs/1123343
  • https://amazon.com/orders/112

Here 1123343, and 112 are the parameters

Query Parameters:

Query Parameters are primarily used to sort or filter the resources. They can be identified with ”?” (A Question Mark). You’ll be able to identify them once you see a few examples.

  • https://amazon.com/orders?sort_by=07/09/2021
  • https://www.google.com/search?q=newyork&oq=newyork&aqs=chrome..69i57j0l7.2501j0j7&sourceid=chrome&ie=UTF-8

Here orders and search are your resources and they are sorted and filtered by the query parameter that is followed by the “?”.

Headers/Cookies:

Headers represent the meta-data associated with the API request and its response. In layman’s terms, it will be used to send additional details to the API for processing our request. An example of it would be the authorization details.

Sample API Contract for Basic CRUD commands:

Apart from these values, we would also have to know about the HTTP method in use, the body, content types of the parameter and response (either Application or JSON), and also the response value. You will get a clear idea of these aspects when we see a few examples.

1. Request to Log in – Successful

Parameters

Base URL: https://reqres.in

Request : /api/login

Request Type: POST

Body :

{
    "email": "[email protected]",
    "password": "cityslicka"
}

Parameter Content Type: application/json

Responses:

Response Content Type: application/json

Response Code : 200

Description : OK

Response Value :

{
    "token": "QpwL5tke4Pnpja7X4"
}
2. Request to Get a List of Users

Parameters

Base URL: https://reqres.in

Request: /api/users

Request Type: GET

Responses:

Response Content Type: application/json

Response Code : 200

Description : OK

Response Value :

{
    "page": 1,
    "per_page": 6,
    "total": 12,
    "total_pages": 2,
    "data": [
        {
            "id": 1,
            "email": "[email protected]",
            "first_name": "George",
            "last_name": "Bluth",
            "avatar": "https://reqres.in/img/faces/1-image.jpg"
        },
        {
            "id": 2,
            "email": "[email protected]",
            "first_name": "Janet",
            "last_name": "Weaver",
            "avatar": "https://reqres.in/img/faces/2-image.jpg"
        },
        {
            "id": 3,
            "email": "[email protected]",
            "first_name": "Emma",
            "last_name": "Wong",
            "avatar": "https://reqres.in/img/faces/3-image.jpg"
        },
        {
            "id": 4,
            "email": "[email protected]",
            "first_name": "Eve",
            "last_name": "Holt",
            "avatar": "https://reqres.in/img/faces/4-image.jpg"
        },
        {
            "id": 5,
            "email": "[email protected]",
            "first_name": "Charles",
            "last_name": "Morris",
            "avatar": "https://reqres.in/img/faces/5-image.jpg"
        },
        {
            "id": 6,
            "email": "[email protected]",
            "first_name": "Tracey",
            "last_name": "Ramos",
            "avatar": "https://reqres.in/img/faces/6-image.jpg"
        }
    ],
    "support": {
        "url": "https://reqres.in/#support-heading",
        "text": "To keep ReqRes free, contributions towards server costs are appreciated!"
    }
}
3. Request to update user Information

Parameters

Base URL: https://reqres.in

Request : /api/users/{{User_ID}}

User_ID=2

Request Type: PUT

Body :

{
    "name": "morpheus",
    "job": "zion resident"
}

Parameter Content Type: application/json

Responses:

Response Content Type: application/json

Response Code : 200

Description : OK

Response Value :

{
    "name": "morpheus",
    "job": "zion resident",
    "updatedAt": "2021-10-05T19:20:33.979Z"
}
4. Request to Get a List of Users

Parameters

Base URL: https://reqres.in

Request : /api/users/{{User_ID}}

User_ID=2

Request Type: DELETE

Responses:

Response Content Type: application/json

Response Code : 204

Description : OK

Response Value :[]

Now that we have fully covered all the prerequisites when it comes to REST API, let’s see why we use test REST APIs and explore a few other prerequisites that will be required to perform Rest API testing using Postman.

Why Postman tool?

Postman is a simple GUI for sending HTTP requests and viewing its responses. It is built upon an extensive set of power tools, which are incredibly easy to use. Postman helps you perform a variety of functions and has a lot of useful functionalities as well.

  • Since Postman is accessible from anywhere, you have to just install it into the device and access it by logging into the account.
  • Your test suites will be more organized as Postman allows users to build collections for their API calls. Every set can create multiple requests and subfolders.
  • Using Postman, you’ll be able to test checkpoints with the verification of the successful HTTP response status that will be added to every API call.
  • Automation Testing becomes easier as several iterations of the tests can be performed by using the Collection Runner or Newman. So you can save a lot of time when performing repetitive tests.
  • As Postman makes it easy to create environments, you can design multiple environments and reduce the replication of tests as you’ll be able to use the same collection for a different setting.
  • The postman console helps to track what data is being retrieved makes it possible to effectively debug the tests.
  • The scope for collaboration is also high as you can import or export your collections & environments and share those files. You can also use a direct connection to share the collections.
  • Postman supports continuous integration as well.
  • You can use Postman by either downloading & installing their application or use their web version. It is a good option to have as both offer great performance.

How to create API requests in Postman

Learning how to create API requests is an integral part of learning how to perform manual REST API Testing using Postman. You will need to know more about the following 2 features to create an API request.

  • Workspace
  • Collections
Workspace in Postman:

Postman Workspaces acts as a common working area where you can group your API projects together and use API builder to define APIs or generate API elements. So they are helpful in organizing your API work better and collaborating with your teammates as well. Now let’s see how to create one.

Creating a Workspace in Postman:

Click on the Workspace dropdown in the header -> New Workspace -> WorkSpaceName (Type any workspace name you wish) -> Create Workspace.

Creating Workspace in Postman

Collections in Postman:
  • Postman Collections are Executable API Descriptions Postman’s collection folders make it easy to keep your API requests and elements organized.
  • Generate Collections from API schemas Generate a collection from an API schema to view and edit each request.
    Creating Collections in Postman:

Click on File -> New -> Collection -> CollectionName (Assign a Collection Name as you wish)

OR

Click Collection -> Create Collection Icon (+) -> CollectionName (Enter a Collection Name of your wish)

Creating Collections in Rest API testing using Postman

For testing the CRUD commands, we are going to use the information which is present in the above mention API contract.

Testing POST Request to Log in – Successful:

To make a POST request, click on the More option icon (…) -> Add Request -> Login User

Testing POST request to log in

1. From the Dropdown select POST

2. In the “Enter request URL” text box, type the following (URL): https://reqres.in/api/login

3. Click on Body Tab, select the ‘Raw’ radio button, and then the JSON format from the dropdown list.

4. In the text box, paste the Login Credentials:

{
 "email": "[email protected]",
 "password": "cityslicka
}

5. Click on the Send button

6. You should be able to see the below response:

Testing POST request response in Rest API Testing using Postman

7. Also, make sure to check for the correct status code here. In this case, you should get: ‘Status: 200’ as shown in the image below.

Correct Status Code in the response

Testing GET Request to Get the List of Users:

To make a GET request, you have to click on the More options icon (…) -> Add Request -> Request to Get List of Users (Assign any requested name you wish)

1. From the Dropdown list, select GET

2. Type the mentioned URL (https://reqres.in/api/users) in the “Enter request URL” text box.

3. Click on the Send button.

4. You’ll be able to see the below response:

Testing GET request response in Rest API Testing using Postman

5. Once again, check for the status code and see if it is ‘Status: 200’.

Correct Status Code in the GET response

Testing PUT Request to update user Information:

Same as above, you have to click on the More option Icon(…) ->Add Request -> Request to Update user Information (Enter any request name of your choice)

1. Click on ‘PUT’ from the dropdown list.

2. In the “Enter request URL” text box that appears, type this URL: https://reqres.in/api/users/2

3. Click on the ‘Body’ Tab, select the ‘Raw’ radio button, and then choose the JSON format from the dropdown.

4. Paste the Login Credentials in the text box:

{
    "name": "morpheus",
    "job": "zion resident"
}

5. Click on the ‘Send’ button

6. You will see the below response:

Testing PUT request response in Rest API Testing using Postman

7. Check if the status is shown as ‘200 OK’.

Correct Status Code in the PUT response

Testing DELETE Request to Remove Users from Database

Click on the More option Icon (…) -> Add Request -> Request to Get the list of Users (Enter any request name you wish)

1. From the Dropdown list of options, select ‘DELETE’.

2. Type this URL https://reqres.in/api/users in the “Enter request URL” text box.

3. Click on the ‘Send’ button

4. Check is you see the below response:

Testing DELETE request response in Rest API Testing using Postman

5. Check if ‘Status: 200 OK’ is visible as shown in the image below.

Correct Status Code in the DELETE response

Conclusion:

It is evident that the steps we saw for each request were almost identical to each other. So by now, you should have no trouble in performing Rest API testing using Postman in an effective way to ensure high quality. As a leading manual testing services provider, we have often used Postman for our manual testing projects. But Postman can also be used for automation testing with the help of Test scripts.