What is Request Validation?
- Request Validation means verifying that the data you are sending to the API in the request (body, headers, parameters) is correct, structured properly, and matches the expected API contract.
- Example: If an API expects a User object with fields {id, name, email}, your request body should have exactly these fields, with valid values.
When using POJO:
- You first create a Java POJO class (Plain Old Java Object) with fields like id, name, email.
- You create an object of this POJO and send it as a request body.
- Since the POJO defines structure and types, it automatically validates that the request matches the expected schema before sending.
When using POJO:
- You can map the API response directly into a POJO object.
- Then validate fields using assertions.
- If the API response is missing a field or has the wrong type, the mapping will fail or the assertions won’t match — this helps you ensure the response contract is correct.
What is Response Validation?
- Response Validation means verifying that the API response you get back has the correct structure, keys, and values as per the expected contract.
- Example: If the response should return a User object {id, name, email}, you validate whether the API actually returned all these fields with correct types and expected values.
How to Validate Request & Response using POJO in Rest Assured
1. Define POJO Classes
- Create Java classes representing request and response objects.
- Each class has private fields, constructors, getters, and setters.
2. Request Validation
- Create an object of the Request POJO.
- Populate it with required values.
- Pass it to the Rest Assured request body.
- The POJO ensures the structure of the request matches what the API expects.
3. Send Request
- Rest Assured converts the POJO into JSON and sends it to the API.
4. Response Validation
- Deserialize the API response back into the Response POJO.
- Validate fields by comparing actual values against expected ones.
- If a key is missing or data type mismatches, deserialization or assertion will fail.
Here’s how you can create a POJO class, send a POST request to https://reqres.in/api/users, and validate the response and status code using Rest Assured in Java.
1. POJO Class for Request
Below is POJO class of API request, having two attributes that are name and job. In POJO class below, we have parameterized constructor of the class and respective getter and setter methods for the attributes.
public class User { private String name; private String job; public User() {} public User(String name, String job) { this.name = name; this.job = job; } // Getters and Setters public String getName() { return name; } public void setName(String name) { this.name = name; } public String getJob() { return job; } public void setJob(String job) { this.job = job; } }
2. POJO Class for Response
Below is POJO class of API response, having four attributes that are name, job, id and createdAt. In POJO class below, we have respective getter and setter methods for the attributes.
public class UserResponse { private String name; private String job; private String id; private String createdAt; public UserResponse() {} // Getters and Setters public String getName() { return name; } public void setName(String name) { this.name = name; } public String getJob() { return job; } public void setJob(String job) { this.job = job; } public String getId() { return id; } public void setId(String id) { this.id = id; } public String getCreatedAt() { return createdAt; } public void setCreatedAt(String createdAt) { this.createdAt = createdAt; } }
3. Rest Assured Test Code
import io.restassured.RestAssured; import io.restassured.http.ContentType; import io.restassured.response.Response; import static org.hamcrest.Matchers.*; import static io.restassured.RestAssured.*; public class PostUserTest { public static void main(String[] args) { // Base URI RestAssured.baseURI = "https://reqres.in/api"; // Request Body User user = new User("Himanshu", "Engineer"); // POST Request Response response = given() .contentType(ContentType.JSON) .body(user) .when() .post("/users") .then() .statusCode(201) .body("name", equalTo("Himanshu")) .body("job", equalTo("Engineer")) .extract().response(); // Deserialize Response to POJO UserResponse userResp = response.as(UserResponse.class); // Print Response Fields System.out.println("ID: " + userResp.getId()); System.out.println("Created At: " + userResp.getCreatedAt()); } }
Code explanation:
(a) Set base URI of the API.
(b) Create object of request POJO class User.java, by putting values - Himanshu, Engineer in User constructor.
(c) Set POST request to the API
(d) De serialize response to the POJO class
(e) Print response fields on console.
Maven Dependencies
<dependencies> <dependency> <groupId>io.rest-assured</groupId> <artifactId>rest-assured</artifactId> <version>5.3.2</version> <scope>test</scope> </dependency> <dependency> <groupId>com.fasterxml.jackson.core</groupId> <artifactId>jackson-databind</artifactId> <version>2.16.1</version> </dependency> </dependencies>
Suggested Posts:
1. Test Basic Authentication of API in RestAssured
2. Validate JSON Schema in RestAssured
3. Extract Response by JSONPath in RestAssured
4. Validate Keys in API in RestAssured
5. How to Test SOAP API in RestAssured