Showing posts with label REST API Testing. Show all posts

Rest Assured Framework Overview for API Testing

What is Rest Assured?

Rest Assured is a Java-based library designed to simplify the process of testing REST APIs.
Instead of manually sending HTTP requests and parsing responses, Rest Assured provides a fluent and easy-to-use API to handle all of that.
It integrates smoothly with JUnit or TestNG, so it fits into existing test automation frameworks.
It is widely used in test automation frameworks for API testing, especially in Java environments.

Why Do We Need Rest Assured?

When testing APIs, we need to:

Send Requests → GET, POST, PUT, DELETE, etc.
Validate Responses → status codes, headers, response time, and body data.
Handle Data Formats → JSON, XML, or plain text.

Without a framework, doing all this means writing a lot of boilerplate code (like setting up HTTP clients, handling JSON parsing, etc.).

Where It Fits in Testing

Functional Testing → Ensures API endpoints return correct responses.
Regression Testing → Quickly retest APIs when code changes.
Integration Testing → Check how APIs interact with databases, services, or other systems.
End-to-End Testing → APIs can be tested as part of larger workflows.

Why Rest Assured vs Other Options?

Compared to using Postman → Rest Assured allows automation, integration with CI/CD, and reusable test suites.
Compared to writing raw HTTP requests in Java → Rest Assured removes complexity by handling requests, responses, and validations out of the box.

Rest Assured Testing Lifecycle

1. Test Planning & Setup

Identify the API endpoints you want to test (e.g., /login, /users, /orders).
Understand the request types (GET, POST, PUT, DELETE, etc.).
Gather information about:

Base URI (server address)

Authentication (Basic, OAuth, etc.)

Request/response formats (JSON, XML).

2. Request Specification

Define the base URI and common headers (like Content-Type).
Prepare request payloads if the API requires input (e.g., JSON for POST requests).
Add authentication details if needed.

This step ensures consistency and avoids repeating setup for every test.

3. Send the Request

Use Rest Assured to send an HTTP request (GET, POST, PUT, DELETE, etc.) to the server.
The request is executed, and the API server processes it.

4. Receive the Response

Capture the response sent back by the server.
This includes:

Status code (200, 400, 404, 500, etc.)

Response body (JSON/XML data)

Response headers (content type, server details, etc.)

Response time (performance aspect).

5. Validation & Assertions

Verify the status code (e.g., 200 for success, 201 for resource creation).
Validate headers (e.g., Content-Type is application/json).
Assert on the response body:

Correct data returned?

Fields present or missing?

Values match expectations?

6. Test Reporting

Test results are logged (pass/fail).
If integrated with frameworks (TestNG/JUnit), detailed reports are generated.
Can also be hooked into CI/CD pipelines (like Jenkins, GitHub Actions) for automated reporting.

7. Test Maintenance & Reuse

Reuse request specifications for multiple test cases.
Update tests when API contracts change.
Keep validations flexible so they remain maintainable as APIs evolve.

The request is executed, and the API server processes it.

Common Use Cases

Functional testing of REST APIs
Integration testing
Regression testing
Automated tests in CI/CD pipelines
Validation of API contracts (schema testing)

Technologies/Tools Rest Assured Works Well With

Testing Frameworks: JUnit, TestNG, Cucumber
Build Tools: Maven, Gradle
Serialization Libraries: Jackson, Gson
Mocking Tools: WireMock, Mockito
CI Tools: Jenkins, GitHub Actions, GitLab CI

How Rest Assured Fits into Test Automation Framework

Rest Assured can be part of the test layer in a test automation framework where:

Test data is read from external sources (CSV, Excel, JSON, DB).
Test cases are written in BDD format (with Cucumber).
Assertions are performed on API responses.
Reports are generated using tools like Allure or Extent Reports.

Advantages

Simplifies REST API testing in Java
Readable, maintainable syntax
Rich feature set for validation and assertions
Seamless integration with Java ecosystem

Limitations

Supports only REST APIs (not SOAP)
Tied to Java ecosystem (not suitable for Python, JavaScript, etc.)
UI-less (not meant for front-end automation)

How to Test DELETE API By Playwright

What Is a DELETE API? Complete Guide to Testing DELETE API Using Playwright Java

In modern web applications and RESTful services, APIs are the backbone of communication between client and server. While GET retrieves data, POST creates new resources, and PUT updates existing ones, the DELETE API is responsible for removing resources from the server.

If you are an automation tester, backend developer, or preparing for API automation interviews, understanding how DELETE API works and how to test it using Playwright Java is extremely important.

In this comprehensive guide, you will learn:

What is a DELETE API?
How DELETE API works in REST architecture
Common response status codes
Why DELETE API testing is important
Step-by-step guide to testing DELETE API using Playwright Java
Java code example with explanation
How to validate deletion properly
Negative test scenarios
Best practices for DELETE API testing

This article is written in a natural, human-friendly tone, fully SEO optimized, and AdSense compliant for blog publishing.

What Is a DELETE API?

A DELETE API is an HTTP method used in RESTful web services to remove an existing resource from the server.

It typically requires a unique identifier (such as an ID) to specify which resource should be deleted.

Simple Definition

DELETE = Remove an existing resource from the server

Example of DELETE API

If you have a user stored in a database with ID 123, you can delete that user using:


DELETE /users/123

This request tells the server to remove the user with ID 123 permanently.

Common Response Status Codes for DELETE API

When testing a DELETE API, understanding response codes is essential.

Status Code	Meaning
200 OK	Deletion successful (with response body)
204 No Content	Deletion successful (no response body)
404 Not Found	Resource does not exist
401 Unauthorized	Authentication required
403 Forbidden	Permission denied
500 Internal Server Error	Server-side issue

Most DELETE APIs return 204 No Content when deletion is successful.

Why Test DELETE API?

Testing a DELETE API is critical to ensure system integrity and data safety.

Here’s why:

1. Confirm Resource Is Actually Removed

Just because API returns success doesn’t mean data is deleted. Testing verifies actual deletion.

2. Validate Correct Status Codes

Ensures server follows API contract.

3. Check Unauthorized Access Handling

Ensures only authorized users can delete data.

4. Prevent Accidental Deletions

Ensures no unintended resources are removed.

5. Validate Error Scenarios

Ensures proper handling of invalid or non-existing resource IDs.

In production systems, improper DELETE API handling can lead to major data loss issues.

How DELETE API Works in REST Architecture

The flow is simple:

Client sends DELETE request with resource ID.
Server verifies authentication and authorization.
Server removes resource from database.
Server returns appropriate HTTP status code.

Example:


DELETE https://example.com/api/users/2

Testing DELETE API Using Playwright Java

Many people know Playwright as a UI automation tool. However, it also provides powerful API testing capabilities using APIRequestContext.

With Playwright Java, you can:

Send DELETE requests
Send GET, POST, PUT requests
Validate status codes
Validate headers
Verify resource deletion
Combine API and UI automation

And all of this without launching a browser.

Example Scenario

We will test this DELETE API:


https://reqres.in/api/users/2

This example API is taken from reqres.in for demonstration purposes.

Step-by-Step Guide to Test DELETE API in Playwright Java

Let’s go through the steps in detail.

Step 1: Add Maven Dependency

Add the Playwright dependency in your pom.xml file:


<dependency>
    <groupId>com.microsoft.playwright</groupId>
    <artifactId>playwright</artifactId>
    <version>1.44.0</version>
</dependency>

Always use the latest stable version available.

Step 2: Java Code to Test DELETE API

Here is the complete working example:


import com.microsoft.playwright.*;

import java.util.Map;

public class DeleteAPITest {
    public static void main(String[] args) {
        try (Playwright playwright = Playwright.create()) {
            // Set up base URL and headers
            APIRequest.NewContextOptions options = new APIRequest.NewContextOptions()
                .setBaseURL("https://reqres.in")
                .setExtraHTTPHeaders(Map.of(
                    "Content-Type", "application/json"
                ));

            APIRequestContext request = playwright.request().newContext(options);

            // Send DELETE request
            APIResponse response = request.delete("/api/users/2");

            // Print response details
            System.out.println("Status Code: " + response.status());
            System.out.println("Status Text: " + response.statusText());

            if (response.status() == 204) {
                System.out.println("DELETE API test passed");
            } else {
                System.out.println("DELETE API test failed");
            }

            request.close();
        }
    }
}

Code Explanation (Step-by-Step)

Let’s break down the code for better understanding.

(a) Set Base URL


.setBaseURL("https://reqres.in")

This defines the base API endpoint.

Instead of writing full URL every time, we only use relative path.

(b) Add Headers

.setExtraHTTPHeaders(Map.of("Content-Type", "application/json"))


Headers are necessary when API expects specific content type or authentication tokens.

(c) Send DELETE Request


request.delete("/api/users/2");

This sends DELETE request to remove user with ID 2.

(d) Validate Status Code


response.status();

Expected successful status = 204 No Content

(e) Close Request Context


request.close();

Always close context to release resources.

Expected Output


Status Code: 204
Status Text: No Content
DELETE API test passed

This confirms that the resource was successfully deleted.

How to Verify Resource Deletion (Important Step)

A professional way to confirm deletion is:

Send DELETE request.
Send GET request for same ID.
Validate GET returns 404 Not Found.

Example:


APIResponse getResponse = request.get("/api/users/2");
System.out.println("GET after DELETE Status: " + getResponse.status());

Expected:


404 Not Found

This confirms the resource is permanently removed.

Negative Testing for DELETE API

Always test negative scenarios.

1. Delete Non-Existing Resource


DELETE /users/9999

Expected response:


404 Not Found

2. Unauthorized Delete Request

If authentication token is missing:

Expected:


401 Unauthorized

3. Forbidden Request

If user doesn’t have permission:

Expected:


403 Forbidden

Negative testing ensures system security and stability.

Measuring Response Time

Performance matters in API testing.

Example:


long start = System.currentTimeMillis();
APIResponse response = request.delete("/api/users/2");
long end = System.currentTimeMillis();

System.out.println("Response Time: " + (end - start) + " ms");

You can define acceptable threshold such as:

Response time < 2000 ms

Best Practices for DELETE API Testing

Here are professional best practices:

1. Always Validate Status Code

Never assume success.

2. Confirm Actual Deletion

Send GET request after DELETE.

3. Test Security

Validate authentication and authorization.

4. Test Edge Cases

Invalid IDs
Large data sets
Concurrent deletion requests

5. Use Assertions Framework

Integrate with TestNG or JUnit for structured validation.

Combining API and UI Testing

Playwright allows you to combine API and UI tests efficiently.

Example scenario:

Use POST API to create user.
Use DELETE API to remove user.
Launch browser.
Verify deleted user does not appear in UI.

This approach increases automation reliability and speed.

Common Interview Questions on DELETE API

What is DELETE API?
What status code is returned for successful DELETE?
What does 204 No Content mean?
How do you confirm resource deletion?
How to automate DELETE API using Playwright?
What are common negative scenarios?

If you are preparing for automation interviews, mastering DELETE API testing is essential.

Advantages of API Testing

Faster than UI testing
More stable and reliable
Detect backend issues early
Suitable for CI/CD pipelines
Supports microservices testing

Modern automation frameworks always include API testing as a core component.

Conclusion

A DELETE API is used to remove an existing resource from the server in RESTful applications. Proper testing ensures that:

Resource is actually deleted
Correct status codes are returned
Unauthorized access is blocked
No unintended data is affected

Using Playwright Java, you can:

Send DELETE requests
Validate status codes
Confirm deletion with GET request
Measure response time
Handle negative scenarios
Integrate API and UI testing seamlessly

If you are learning automation testing or preparing for interviews, mastering DELETE API testing with Playwright will significantly enhance your skills.