This installment of the API Testing series will focus on using SmartBear's Ready API testing solution to test an API. If you follow these steps, you'll create an actual API test suite running against the Trello API, a real API with formal authentication tokens.
You can also do the faster version, and read along to get a "feel" for Ready API and whether it's something that you'd like to try. A real follow-through requires some setup. You'll need to install the latest trial version of SmartBear Ready API found here, create an account on Trello.com, and generate an application key and a token to use the Trello API.
The first step in using Ready API is to create a sample test project; you'll use SoapUI NG as the tool to create, record, and run tests within the suite. SoapUI NG is will work with both webservices and REST APIs. First, go to the SoapUI NG tab to get started. Click File -> New -> Project to create a new project. A dialog appears asking a few questions. The dialog allows you to create new projects based on a single URL, to use description files like those that conform to the OpenAPI (OAS) or RESTful API Modeling Language (RAML) specification languages, to use the SoapUI discovery tool, or to create an empty project. A large project might start with an OAS or RAML API description file and, in general, this is one of the big benefits of describing APIs with such a file because it helps to automate the testing process later. In this example, you'll start by working with a URL.
It's time to get out that Trello application key and token. Take the following string and replace YOUR_KEY and YOUR_TOKEN with actual keys available:
Then take the modified URL and paste it into the form field above.
After clicking OK, a popup appears asking if you want to continue describing your API or if you want to create a test case. Select the create test case option, and then click OK. The test case that is created is a basic call to the Trello API that will retrieve a list of every board the user is currently subscribed to. One of the first big challenges of API testing is authentication. Notice that you didn't have to deal with OAuth or even an authorization endpoint to create this project. For now, you're authenticating to Trello by using the application key and token as parameters that are passed in the headers of your API calls. Testing APIs generally requires an authentication profile in SoapUI.
Click the Submit Request button and the results dialog should appear:
This submits a request to the Trello API, nothing more. If the GET authenticates correctly and does not return an error code such as 404, this test will pass. This is testing though, so you'll want something more sophisticated than just sending a call to see if it authenticates correctly. It is time to add some assertions. The purpose of an assertion is to verify that some aspect of a response is what you are expecting. For example, you might want to know that each JSON response has a particular HTTP code.