09/09/25

How to test API Response by Rest Assured

What is an API Response?

When you send a request to an API (like GET, POST, PUT, DELETE), the server processes it and sends back a response.
An API Response generally contains:

Status Line → Includes status code (e.g., 200 OK, 404 Not Found, 500 Internal Server Error) and protocol version.

Response Headers → Provide metadata about the response (e.g., Content-Type, Server, Cache-Control).

Response Body → The actual data returned (in JSON, XML, or HTML). Example: user details, order status, product list, etc.

How to Test API Response using Rest Assured

Rest Assured is a Java-based library for testing REST APIs. It provides a fluent interface to validate API responses.

When testing an API response with Rest Assured, you typically check:

1. Response Status Code

Verify that the returned status code matches the expected one.
Example: A successful request should return 200, creating a resource might return 201, and invalid requests might return 400 or 404.

2. Response Headers

Validate that important headers are present and contain correct values.
Example: Content-Type should be application/json.

3. Response Body Content

Check if the data returned in the body is correct.
Example: For a user API, ensure the returned user’s id, name, or email matches what you expect.

4. Response Time / Performance

Measure how long the API took to respond.
Example: The response time should be within 2 seconds.

5. Schema Validation

Verify that the response structure matches the expected JSON or XML schema.
Example: Ensures fields like id, name, and email exist and are of the correct data type.

6. Error Handling

Check how the API behaves when invalid requests are sent.
Example: If you send a request with missing data, the API should return a proper error code and message.

In below example, we are going to test response of API.

This is the API we are going to test:

https://reqres.in/api/users?page=2

Below are maven dependencies:

<dependencies>
    <dependency>
        <groupId>io.rest-assured</groupId>
        <artifactId>rest-assured</artifactId>
        <version>5.4.0</version>
        <scope>test</scope>
    </dependency>

    <dependency>
        <groupId>org.testng</groupId>
        <artifactId>testng</artifactId>
        <version>7.9.0</version>
        <scope>test</scope>
    </dependency>
</dependencies>

Java Code:

import io.restassured.RestAssured;
import io.restassured.response.Response;
import org.testng.Assert;
import org.testng.annotations.Test;

public class ResponseBodyContainsTest {

    @Test
    public void testResponseBodyContains() {
        // Set the base URI
        RestAssured.baseURI = "https://reqres.in";

        // Send GET request and capture response
        Response response = RestAssured
                .given()
                .when()
                .get("/api/users?page=2")
                .then()
                .statusCode(200) // Validate status code
                .extract()
                .response();

        // Convert response body to String
        String responseBody = response.asString();

        // Print for reference
        System.out.println("Response Body:\n" + responseBody);

        // Use contains() to validate specific strings
        Assert.assertTrue(responseBody.contains("George"), "Expected name not found in response");
        Assert.assertTrue(responseBody.contains("email"), "Expected 'email' field not found in response");
        Assert.assertTrue(responseBody.contains("janet.weaver@reqres.in") == false, "Unexpected email found in response");
    }
}

Code explanation:

1. Set the base URI

2. Send GET request and extract response

3. Convert response body to string type

4. Print response body

5. Use contains() to validate string

Important Points:

.contains() is case-sensitive.
You can test for presence/absence of any string that should/shouldn't be in the response.
Prefer this method for quick validations; for structured validations, use JSON path instead.

How to Test Response Headers of API by Rest Assured

What are Response Headers?

When a client (like a browser or an API testing tool) makes an HTTP request to a server, the server responds with:

Status Line → (status code like 200 OK, 404 Not Found, etc.)
Response Headers → Metadata about the response.
Response Body → The actual content/data returned (like JSON, HTML, XML).

Response Headers are key–value pairs that provide additional information about the response.

Examples:

Content-Type → format of response body (application/json, text/html, etc.).
Content-Length → size of the response body in bytes.
Server → server type (e.g., Apache, Nginx).
Cache-Control → caching policies.
Set-Cookie → cookies sent by the server.
Date → time when the response was generated.

Why Test Response Headers in API Testing?

Testing headers is important because they:

Ensure correct data format → e.g., Content-Type must be application/json if API promises JSON.

Security checks → headers like Strict-Transport-Security, X-Content-Type-Options, etc. help secure APIs.

Performance checks → Cache-Control, Expires help manage caching.

Compliance checks → some APIs must include custom headers for authorization, tracking, etc.

Troubleshooting → headers help identify server/software versions or errors.

Steps to test response headers using Rest Assured:

Set Base URI using RestAssured.baseURI
Send GET Request using given().get(endpoint)
Extract Headers from the response
Verify Specific Headers using assertions

Maven Dependency for Rest Assured

<dependencies>
    <dependency>
        <groupId>io.rest-assured</groupId>
        <artifactId>rest-assured</artifactId>
        <version>5.3.2</version>
        <scope>test</scope>
    </dependency>
</dependencies>

Java Code: Get and Test Response Headers

import io.restassured.RestAssured;
import io.restassured.response.Response;
import io.restassured.http.Headers;
import io.restassured.http.Header;

public class GetResponseHeaders {

    public static void main(String[] args) {

        // Step 1: Set Base URI
        RestAssured.baseURI = "https://reqres.in/api";

        // Step 2: Send GET request
        Response response = RestAssured
                .given()
                .get("/users?page=2");

        // Step 3: Print all headers
        Headers allHeaders = response.getHeaders();
        System.out.println("===== All Response Headers =====");
        for (Header header : allHeaders) {
            System.out.println(header.getName() + ": " + header.getValue());
        }

        // Step 4: Get a specific header
        String contentType = response.getHeader("Content-Type");
        String server = response.getHeader("Server");

        System.out.println("\nContent-Type: " + contentType);
        System.out.println("Server: " + server);

        // Step 5: Validate headers using assertions
        if (!"application/json; charset=utf-8".equals(contentType)) {
            throw new AssertionError("Expected Content-Type not found!");
        }

        if (!"cloudflare".equalsIgnoreCase(server)) {
            throw new AssertionError("Expected Server header value not found!");
        }

        System.out.println("\n Header validations passed successfully!");
    }
}

Code explanation:

1. Set Base URI

2. Send GET Request

3. Print all headers on console

4. Get a specific header

5. Validate headers using assertions

Output:

===== All Response Headers =====
Date: Mon, 28 Jul 2025 14:00:00 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: cloudflare
...

Content-Type: application/json; charset=utf-8
Server: cloudflare

Header validations passed successfully!

Useful Methods in Rest Assured

response.getHeaders() – Gets all headers
response.getHeader("Header-Name") – Gets a specific header
response.header("Header-Name") – Alias for getHeader