Postman Beginner's Course - API Testing

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hi there and welcome to the api testing with postman course my name is valentine i'm a software developer and i like to share my passion for apis with others in a way that is easy to understand when i'm not speaking at a conference or traveling the world i like to share what i know by creating short tutorials and online courses like this one in this course you will understand what bozeman is and why do we need this tool start using postman to interact with apis and write api tests in the last part of the course we'll explore ways to automate the entire testing process you will get hands-on experience using an api throughout the course i'll give you assignments as a way to practice what you have learned if you are serious about api testing you need to practice on your own make sure you check the video description for the course notes i'll be putting there the most important steps you need to take links to resources any updates just in case something has changed so let's get started before we get our hands dirty let's make sure we understand the basics if you are new to apis here is a very quick introduction an api is essentially an interface to a server that has some data or does some actions to understand the concept of an interface think about any power outlet you have in your home it does not matter which device you want to power your laptop a washing machine or a tv the outlet on a wall is designed to accept any plug following a predefined specification an interface is essentially a contract i live here in europe so all sockets have a specific form if i bring a device from the united states or australia this will not work as they have a different interface the apis we are dealing with share a similar concept to use an api we need to know and follow the specification if you are totally new to apis i do recommend watching another course here at free code camp created by craig dennis to get the basics of apis right i think the best way to understand apis is by actually using them let's get back to postman postman is a tool for interacting with web-based apis that is apis that work over the internet an api is like an outlet that a server offers and instead of electricity we get data we use postman to plug into this outlet but instead of using a physical cable we use the internet postman can help us connect to that api and make sure that the process of sending and receiving data is much easier without that interface to the server it will be much harder to communicate so this is why we need postman in this lesson we'll learn how to install postman postman uses a freemium pricing model and for many use cases including this course it is free to use there are two ways of running postman in your browser by going to postman.com or as a standalone app that you have to download and install there is also an old and deprecated google chrome extension don't use that one i'll be using the browser application throughout this tutorial but apps functionality is very similar you will find installation instructions in the course notes i'll go to postman.com and sign up for an account the setup after this is relatively easy and i will not create a team yet this is it postman is actively developed by the time i finished recording editing and publishing this course a new version will be released you may notice slight differences from what you see right now in this video however i can reassure you that the principles stay the same i will update the course notes if there's something really important you need to know the first thing that i like to do when opening postman for the first time is changing to the black theme so in order to do that simply locate this gear icon this will take us to the settings and from the tab with themes i'll select the black theme and simply close this so let's go ahead and start using an api in postman for this course we'll be using an api that allows us to order a book now every time we want to start using an api we need to understand how to interact with that api and the best way to start is always by looking at the api documentation now any api out there that you want to use should have an api documentation that explains you how to use that api explains what's available and so on the api that we'll be using allows us to have a look at a list of books and to order a book so right from the api documentation that you see here and that will be linked in the course notes you'll be able to see that api is available at this specific address and additionally there are some endpoints that we can use endpoints offer different kind of responses and we're going to take a look at them the first endpoint that we should look into is the status endpoint so what i'm going to do is simply copy the address of the api and here inside postman from the workspaces i will select my workspace workspaces in postman allow you to organize your work better let me make this a bit bigger so i'm going to go ahead and open up a new tab and this looks pretty much similar to what you have in a browser it's just a bit more advanced i'm going to paste here the address and after it i'm going to write status all requests that will go to this api must include this address here i'm gonna hit here the send button and what i'm gonna get back is in the lower part of the screen i'm gonna say status okay so this is our first request in postman we have sent a request to this api to this status endpoint and essentially the status endpoint is just telling us that the api is available is working as expected and that we can start using it next let's take a closer look at what has happened here you can load this here in the address that we are using this https protocol https stands for hypertext transfer protocol http and s means secure so it's a secure connection most apis should be using https but for the purpose of what i'm going to demonstrate next http and https are essentially the same thing now just to do a bit of http recap in our communication between the client and the server now in this case the client is postman and the server or the api is this simple books api we are using http messages the http message that goes from postman to the api is called a request and what is coming back from the api is the response the request in postman is represented here on the upper part and essentially postman allows you to configure many things about the request the request will contain the url or the address where you're sending this request in this case we have this is the address of the api and this is the endpoint but we are specifying everything in one address we also have the request method and we'll get into that a bit later we can specify headers and postman has been kind enough and already added a few headers for us and we're going to take a look at those headers a bit later and we also can specify a body which for a get request we don't need to do that we'll never do it for a get request because with a get request we're just trying to get data we're not sending any data for example with the post request we will specify a body now this is essentially what is happening with the request so again just to quickly recap postman allows us to configure the different properties of the http request on the lower part of the screen here this is the response and the response also contains some properties you will find the status code in this case 200. the response will also contain some headers and generally both for the request and the response the headers are like some meta information some additional information that goes with the message it's not always necessary to have this but it just makes the communication a bit easier just to give you an example here what's coming back here is a header called content type and it's telling essentially postman that hey what we have received here is represented as json you'll see here application slash json and using this information postman can look at the response body and say oh i know this is jason so i'm going to display it as json instead of using for example text you can see it doesn't look so nice so these are like some additional things that travel both with the request and the response the response will also contain what is probably the most interesting and most important part the response body essentially the response body contains the entire response whatever we wanted to get as an information from the server will be available in the response body i'm going to point out the different parts of the http request message and http response message throughout the course but i just wanted to do a short recap of what's available and where you can find this information inside postman now let's say that we want to keep this request we already have configured here the api address and let's say you want to reuse it at a later point so what we can do here is click on the save button inside postman and we can also give this request a name for example we can call it api status and we cannot simply save this request as it is we will see here that this save button is disabled we have to create a collection collection is essentially a list of multiple requests typically they are all connected to the same api so if you're working with multiple apis probably will have a collection for each individual api or sometimes even for the same api depending on the use cases so i'm going to go ahead here click on create collection and i'm going to call it simple book api click here on this check mark and now this request will be saved in this collection if i go ahead and close the tab we'll be able to find here in this part here of collections we'll see here the collection itself and if i click on one of the requests inside the collection the tab will automatically open up and i can run that request again typically in postman we try to avoid having addresses or configuration in our requests just in case something changes so i'm going to go ahead select this address here you will see here that postman offers this set as a variable so essentially we can replace this with a variable that we can configure in a single place so let me show you what i mean by that i'm going to click here on set as variable i'm going to select here set as a new variable i'm going to call it base url because this is the url where all our requests will go and we'll just use different endpoints the value that will be saved is available here and should not include the final slash we also have to select the scope now there are different scopes available in postman where you can save this variable i'm going to get into those a bit later for this example we're going to select the collection scope so essentially this variable will be saved in the collection and that's about it i can go ahead and save this request again and you will see here if i hover over this variable that has this very special syntax here with double curly braces in the beginning and two double curly braces at the end you will also see the value that this has if you want to change this variable all we have to do is to hover over the collection name here these three dots will show up i'm going to select here edit and from the variables tab you'll be able to see here the base url variable just in case this set variable option doesn't appear when you select the address don't worry about it you can simply go ahead and manually add the variable here for any variables in postman you will notice the initial value and the current value the initial value is something that will be shared with other people for example if you share this collection with someone else someone in your organization a friend of yours or anyone they will be able to see the initial value and this is fine for this api because this is a public api the address is known so there's no secret there later on we'll be using some secrets and we may not want to share them with others and we're gonna keep them in the current value so you can keep in mind like the current value is what is being used in postman and this is private to you the initial value is something that is not being used when you're sending a request and will be shared with others so if you go ahead and run this request again we'll see that there's absolutely no difference so postman will replace this variable with the address and we'll send this request just as before it is just much nicer for us to have it all in one place all right let's go back to using this api so far the status endpoint hasn't been very exciting so let's take a look at the next endpoint and this is the slash books endpoint this will give us a list of books so in postman what we can do is to select the address that we already have here open up a new tab paste the address here because this request is not in a collection you will see here that the base url doesn't get resolved it would say here unresolved variable because the variable is only in a collection and this current request that we have here this tab is not saved in that collection so we're going to go ahead and click here on save the simple books api is already selected just in case you don't see it here or you have multiple collections to select from simply select the respective collection where you want to save the request and i'm going to call this list of books and we're going to also change this to books so if you're looking here at the api you will see that we need to submit a get request to the slash books endpoint so we have here get git is always by default we have here the base url slash books so let's go ahead and click that send button and see what happens again on the lower part of the screen we'll see the response what's important to notice here is that we get the status 200 a status 200 always indicates that a request was understood and that essentially everything was okay so when you see 200 okay this means that everything is fine and you will see here that we have a list of different books what you see here this way of formatting data this is called json and it is very easy to get this information that is essentially just a text and to parse it and use it in essentially any programming language out there so it makes this data very portable from one system to the other going back to the api documentation we'll also notice that there are some optional query parameters and this is what we wanted to take a look in this lecture so what are query parameters well query parameters are some additional data that we can submit with our request for some apis they are mandatory and for some apis they are optional in this case these query parameters are optional so let me give you an example we can add here in postman under query parameters you will see here we have parents selected and right below that we have query params so we can write something like type and let's say we are searching for a crime book so i'm going to write here the value crime you can notice as i type here the address itself has changed as well and you can notice in an address query parameters at a point where you see a question mark and after that you will see something like a key value pair so the key is type then we have the equal sign and then we have a value in this case i expect that this will help us filter through all these books and only get the books that are crime books now this time something different appears here you will see first of all that the status has turned from a status to 100 into a status 400 bad request when you see a status 400 it generally means that you have done something wrong so the api has understood your request but whatever you have sent is not correct and most of the time you will see additional information in the response body it says here and it's very important that you read these errors sometimes they are a bit technical and maybe confusing in the beginning but you just have to bear with these errors and try to understand what's going on so here it will say invalid value for query parameter type the query parameter type is what we're trying to send here this type and it says here must be one of fiction or non-fiction so essentially the response is telling us hey you have sent here something that i didn't expect this is not valid we only accept fiction and non-fiction there is no crime type or something like that so if i select here fiction and replace crime with fiction you will see also the address here has changed then i will get back the list of only fiction books and you can even see here that everywhere it says fiction fiction there is no longer known fiction now these query parameters tend to be a bit confusing in the beginning because it seems quite arbitrary like why should they be called type or why does it work this way and the thing is there is no rule which query parameters are available can only be known by reading the api documentation we can add parameters for example i can invent the parameters like full and we give here the value bar and notice here how the address has changed now we have this end sign between the pairs so this is how you can send multiple query parameters pairs with your request but essentially nothing has changed so we can't send data to the api but it doesn't mean that the api will look for this data and will do anything to change it so this is why it's important to look into the api documentation here it's documented they are optional so these are not required there are two optional query parameters one is type and one is the limit additionally with query parameters in postman what you can do is to simply click on this checkbox and if you unclick it you'll see that query parameter disappears from the address and if at one point you decide that you don't need that query parameter anymore you can simply hover over it and you should notice here this x you can click on it this will delete that query parameter okay time for an assignment now you have to go and study the api documentation and use the limit query parameter and add that to your request and i also encourage you to try out the different values i'm gonna give you a few moments to pause the video and to try this on your own okay so let me show you how i would solve this assignment first of all it's always important to go back to the documentation to understand what's going on it's also important that whenever you're using a query parameter that you use it exactly as it's being stated in the documentation what i like typically to do is to simply copy the name so that i don't enter anything that's wrong make any mistakes in spelling that specific parameter whatever that is we'll see here that it must be a number between 1 and 20. so let's try to understand what this does i'm going to simply paste it here so you can see it has been added it doesn't have any value yet and let's say i'm gonna write here limit two and what i expect this to do is to only give us two results back you will see here now we have four books that are coming back and now with limit two we only get two books back that's great now if i try something else like for example 25 i'll get here a bad request now again we have sent something to the api and the api doesn't allow this so it says here you cannot get more than 20 books in one request for for example performance reason so we have to adapt this to something that is being accepted by the api so we can see back 2 has been valid was saying earlier that it's so easy to write something different so for example if i write limit with a capital l i will not get back only two results there will be more results so essentially we can say that limit with a capital l and limit written all in lowercase there are two different query parameters and the api is only recognizing one of them and totally ignoring the other one it is like writing here foo and with a value 2 makes no difference let's continue exploring this api we now have a list of books but as you can see there's not really a lot of information about each book and the reason for that is because this view here where we see a list of books is a simplified view if you take a look at the documentation here the next endpoint that we can use is to get a single book and this time the path will look a bit different so we're going to copy this path here open up a new tab paste it here and of course you also have to use the base url so the first step is simply saving it in the collection to get a single book this is how i'm going to call this and as soon as the request is inside a collection i can use the syntax with double curly braces so double curly braces and a variable that we're trying to use is base url and this has been detected you're probably wondering what is with this book id here in the address this is what we call a path parameter or a path variable because as the name variable implies it changes all the time this endpoint allows us to specify a value for this path variable which represents one of the books that we are trying to get additional information on we look back at a list of books you will see here that each book has an id you'll see here id 1 ids 3 id4 id6 and so on so let's go ahead and edit here the path variable book id and put in the variable 1. and just a few seconds later we now have only one book that we're getting so this endpoint allows us to get a single book but we now get more detailed information we can see the id and the name we already knew that but we now see information about the author book code the price of the book how many books are in stock and so on so this is the purpose of this endpoint to give us detailed information instead of having here a list of books which contain really a lot a lot of information we can get a specific information from this specific api we just need to know the book id if we enter here a book id that doesn't exist for example 100 what you will get back is 404 not found you probably know 404 not found from browsing the internet when you end up at a page that doesn't exist anymore the same principle applies to apis in this case we're trying to get the book with id 100 and the api is telling us hey there is no book with id 100 this will always be reflected also in the error itself what is interesting about the path variables is that they are different from the query parameters that we have used before first of all you will notice here there is no question mark apart from this this book id key this is not something that will be sent so to make it even more explicit this is what will be sent you will have the base url slash books slash one postman will replace that path parameter with a value we see it here in the editor just a bit nicer it's easier for us to see that and one here will be part of the path just as books is part of the path but books is always there books doesn't change but here we can have id1 we can have id2 we can have id4 and so on this is why we prefer this syntax where we specify here the book id how we call this we can call it book id we can simply call it id it doesn't really matter because as i mentioned the key itself compared to the query parameters will not be sent it's also possible to use both query parameters and path parameters there's nothing preventing you from adding a query parameter called full with a value bar but this is something that the api needs to accept as in the query parameters if you're just sending some random data the api will totally ignore it so let's remove this query parameter and save the request let's say we have identified the book that we want to order so what would be the next step again we have to jump back to documentation and to understand how to submit an order you can now see that the endpoint that we need to use is orders but this time also the http request method we're no longer getting data with post we are sending data so we need to create a post request with postman i'm gonna copy this endpoint and go through the same process once again if creating this request manually is too time consuming you can also go here to your collection to an existing request click on the three dots and click on duplicate we'll create a copy of that request where we already have this request being saved so all we have to do is to enter the new path and we can also change the name so for example here we're gonna name this request order book as you remember we can no longer use a get request if we try get request this will not work we have to select a post request now as you remember with a post request we have to supply a body so if we go here to the body you will see that we don't have a body but we are anyway missing something for this so i'm gonna simply click on send and see what happens of this time we're going to get a 401 unauthorized and it says here in the error missing authorization header when working with apis some endpoints as for example status or this book's endpoints they were public and required no authentication essentially anyone can use them other endpoints for example this one where we're trying to essentially create something create an order they can be private and require authentication this is totally up to the api provider there is no hard rule telling you that you know for this case you need authentication for others you don't need for some apis they are totally public but especially if you're trying to create data most of the time you will have to deal with some sort of an application if look here at the api it will also say here that it requires authentication so in order to figure out how to deal with this we have to look into the part of how to get this authentication working so if we scroll further down the page we'll see this part with api authentication it says here to submit or view an order you need to register your api client api client is in our case postman the client server communication is what we're doing we are the client we are sending http messages to the server and the server is responding what essentially means is that we need to register ourselves with the api and it is a way for the api to identify who's sending this request and who's creating the data if there's any data that has been created there are many authentication methods when it comes to apis and it is impossible to go into all of them i just gonna explain to you a very typical use case that you may encounter essentially with any public api that you're trying to use the purpose of this registration is to obtain what is known as an access token nexus token is like a temporary password that you're getting and you can use that password with all your requests and in this way you're authenticating yourself don't worry if it doesn't make sense right now we'll get to it in a second so this time we need to submit another post request and this post request has to go to this endpoint api dash clients and it also needs to include the following json body and here's an example so again i'm gonna simply go ahead and save this order book i'm gonna duplicate it let's call it register api client and endpoint will be slash api clients you can add a final forward slash or not for most apis it will not make any difference as you recall we have to select here the post http request method because the post will allow us to submit a request body i'm going to click here on body and instead of none which essentially means doesn't send any data with a request in order to submit a json request body we have to select here raw and from the drop down that you see here we're going to select json let's jump back to the api documentation and luckily here we also get an example in regards to how this request body should look like so i'm going to simply go ahead and copy this example here and i'm going to paste it here so essentially what we're sending here is we're giving ourselves a name and we're also specifying our email address it's very important that when you're submitting json to ensure that this json is valid for example if i don't put these values between double quotes or if i forget one of these double quotes here something red will show up essentially if you see something red when you're trying to submit json it's not a good sign and you should go ahead and fix it this case everything looks well so i'm gonna click on send this time we get a different status code and this one is 201 created two one created is pretty similar with 200 which means okay everything that starts with two something is typically a good sign means that everything was okay everything which starts with four indicates that there was something wrong with the recurs that we have submitted and if there's anything like 500 it typically indicates a server issue or some other problem so now we have submitted our name and our email and we got back an access token this is the password that we can use in the upcoming request so i'm going to simply double click on it copy it go to our collection click on edit open here the variables close this documentation here i'm going to write here access token now the initial value is something that i don't want to provide just in case i'm sharing this with anyone this is my token i don't want to share with anyone else so i'm not adding it to the initial value current value is what is being used by postman inside this installation i want to make sure that this access token is saved because if i try to submit this request once again with the exact same data i'll get back the error api client already registered and you will see here that we get another status code 409 conflict so it indicates that something went wrong essentially this api client has already been registered so make sure that you use another email address it doesn't have to be a real email address for this api now we have this token so we can close this request and let's go back to our post request now as you remember here it says missing authorization header so we have to go back to this header thing that we kind of avoided so far when working with apis you will not be provided with a form where you can add your username and password so we always need to somehow send this information with our request especially where authentication is necessary typically you will add this authentication information to the headers some apis allow you to add them as query parameters some of them allow you to add them in the body but it's quite common to add them to the headers now there are already a few headers here that postman has added for us and we can take a quick look at them essentially one of the most important ones is user agent which essentially identifies who's making the requests it's also telling like which kind of responses are accepted and so on and here we have to add this authorization header now we don't want to get too technical right now and postman is known for making things a bit easier for us there is this authorization tab here and if i click on it you will see here that we have different types of let's say authorization helper that we can use now i know the list is a bit long and i won't be able to get into each of them but essentially what we have here is a token so we're going to select the beer token and you'll see here a simple form where you can simply add your token now we don't want to add our token here we will use our variable so again using the syntax access token we're going to select it and you will see here it's available so double curly brace in the beginning then exactly the name of the variable as you had it and if this request is saved in the collection and you hover over it you should be able to see the value all right perfect now if we come back to the headers you will see here that postman has auto-generated one header that is called authorization exactly the header that we're missing and it has a value in a very specific way this beer token authorization must include the word beer then a space and then essentially the token so that's about it instead of manually doing this and we can definitely do that manually as well we can use this authorization helper in postman and postman will take care of it it's absolutely the same thing just wanted to show you like what's happening from a technical point of view all right let's hit this send button once again and see what's happening now this time we're not getting a 401 we're still getting a 4 something we're getting 400 band requests and it's just telling us invalid or missing book id so we're trying to submit an order we haven't specified anything but we'll fix that a bit later all right so let's go back to submitting this order we wanted to order a book and we have to tell this api which book we want so if we go here to body and select for example raw and say something like we want book with id1 and submit this request i'm afraid the api will not understand what we mean by this so again we have to look at the api documentation to try to understand how to do this how to submit this information how to specify what we want so in this case in order to submit an order you'll see here an example and again we have to submit a request body in a json format and include these properties and luckily again we have here an example that we can simply go ahead and copy so i'm going to totally replace this with this json here and i wanted to take a moment to talk about json because i know a lot of people just getting started with json sometimes have issues and the most common issue is generating invalid json osman as i mentioned before tries to take care and help you off if you make any mistakes still it's kind of important to understand what json is now json is essentially just a key value way of sending data so for example here the key is book id and the value is 1 and again we have a comma here separating this let's say values that we're sending key value pairs and the next key value pair is the customer name and it has the value john if we try to write something different instead of this column we are adding here an equal sign this is not valid so it has to match the syntax of what json is essentially from a specification point of view we have these quotes here so if you specify one of the keys without using the quotes this is again not valid json so we need to specify these quotes they also have to be double quotes they cannot be single quotes one exception to these quotes and you probably already see it here one is not between codes and you may be wondering why is that well the truth is we're using quotes when we're sending strings the reality is that we are sending a lot of strings for example john is a string if we have an address that's a string as well but one here is a number we can also have a boolean for example if we specify something like true or false that is also fine so there are a few exceptions and if we put for example one between two double quotes this would be valid json but this will no longer be technically speaking a number it will be a string all right so just keep in mind that you need to submit valid information to the api if you're submitting an invalid json well that api will not be able to understand what you mean and let me give an example i'm removing this comma here you will see here postman is trying to warn you you don't care about it still go ahead and you're getting something back like this is not processable i cannot work with this this is what the api is telling you so always pay attention make sure that you understand what postman is trying to tell you make sure that the json that you're sending is valid so welcome to the next assignment and in this assignment you have to create this post request which should be already done by now submit it and see what's happening additionally i want you to see and identify a book inside a collection of books that has a stock of zero so essentially it's not in stock and try ordering that book as well and see what's happening i'm gonna give you a few seconds to pause the video and to do the assignment on your own and i highly encourage you to practice this all right so let me show you how i would solve this assignment essentially we should have a valid json here so if we go ahead and hit the send button what we're getting back here is the status tool one created so we have successfully created this order it even says here the response created true and we're getting back an order right here that's totally fine so it means that we have submitted an order now and this order will be processed of course the order that we send here is very simple doesn't include an address phone number and so on so it's not 100 realistic but the idea remains the same now what's happening if we're trying to submit an order for a book that is no longer available first of all how do we find this book well we have to go back to the list of books here and you can see here with the filters that we already have all of them are available i'm going to remove the full here and you will be able to see here that the book with id2 says here available false so let's take a look inside that book to see what's happening so i'm going to go to the get single book endpoint and specify a book id to and you'll see here that the current stock is zero so i'm wondering what's gonna happen if we try to order this book and we're gonna get back a 404 not found i'm gonna say this book is not in stock try again later so this is the assignment when we're trying to test apis and especially when we need to send data we have a tendency of reusing essentially the same data over and over again and most of the time this will prevent us from identifying issues with the api especially if we've been asked to test and ensure that that api will work properly this case there are not so many things that can go wrong we already tested what's happening with the book id that is in stock and another one that's not in stock you can also try and play out with different values but how about if we get some support from postman in trying out different values and for example here for the customer name how about you know generating a random customer name so that we don't send all the requests with john unfortunately there is a functionality hidden in postman that allows us to send random data with our request and that is a special kind of variable it's called a random variable so i'm gonna remove john here but make sure that i keep the double quotes because if we're trying to send a string without double quotes you know it it's not gonna be valid json so i'm gonna open here two double curly braces enter the dollar sign and as soon as i do this you will see here a huge list of variables that are available now i'm not gonna go through all of them i'm gonna write here random and let's say we want a random full name all right so let's click here on send and again we're gonna get the error that the book is not in stock so let's try a different one and now again a new request has been sent the problem now is we're sending something but we have no idea what we have sent fortunately postman has another neat functionality and that is the postman console it is a bit technical and a bit geeky but it is important to use it as one of the most important tools when you are using postman you can find a postman here right at the bottom of the screen should say console and it will open up inside postman typically you should already have like a long list of things here that we don't need at this point so what i'm going to do i'm going to click here on clear let's submit this request once again and now this time we'll see here the post request going out with a full address at the orders endpoint i can expand it by clicking here you will see here the request headers these are not interesting but also the request body so let's click here on the request body this will open up an additional window here inside the console and you will be able to see the request body that we have sent the postman console is particularly useful for debugging when something goes wrong when you don't understand what's going on always come back to the postman console and take a look at the request see what happened there you'll see here the book id is one this is the customer name that we have sent so this has been randomly generated by postman if you don't need it anymore the first x here is for closing the request body and the other one is for closing the console that's it i want to take a short break now from postman and so far in the course you have seen many ways on how to use postman but in this session i wanted to get a bit into how not to use postman so just to make clear you have seen that we have used postman to interact with apis postmate is not a tool for dealing with user interaction think about if you have a website with a form or buttons and you need a tool to click through those boostman is not a tool that deals with such things it's just working with apis postman is also not a tool for doing any performance testing or any kind of tests where you need to send a lot of requests in a very short time frame and also postman is not designed for security testing you can use it for security testing but this is not the primary focus of the tool there are many other tools out there which i think do a much better job at helping you test to see if an api is really secure so i hope this short lesson has helped you understand if postman is the right tool for what you're trying to do we have already submitted a few orders so maybe now it's time to take a look at how many orders we have in order to take a look at that again we have to look at the api documentation to see if there's anything that can help us in this regard see here right below submit an order there's also this get all orders endpoint which is essentially the same endpoint slash orders but this time we only have a get request we're not trying to create an order we're just getting an order we're getting essentially all the orders that we have so let's go back in postman and we're gonna be lazy again and simply duplicate this request get all book orders will be the name of our request because we have duplicated this we also have the authorization header with us so this request again requires authorization and instead of post we're going to simply select get and luckily if looking here inside each order we'll see a list of all the orders that we have each order has an order id which you can see here it's no longer a number it's a string it says here which book we have ordered who's the customer name also the quantity and such information and these other orders have been created using this random full name functionality that we have found from postman and this has ensured that we can now have different names that we're sending so essentially these are all the orders that we have in this assignment i'm asking you to take one of these existing orders and to view it individually so instead of viewing all the orders take one order id and find out if there's an end point that allows you to view a single order id give you a few seconds to pause the video and after that i'll show you how to solve this all right so let's jump back into the api documentation and see what we can do you will see here we have an endpoint get an order and the structure of this endpoint is pretty similar to the one where we were trying to get an individual book so just gonna go ahead and copy this go back in postman duplicate one of the requests that we have and i'm going to replace here orders with this endpoint make sure there are no spaces or anything like this because this will break and postman will send this request to the wrong endpoint i'm gonna simply rename this to get an order and additionally we need to specify this order id so if i'm just sending this as it is right now essentially postman will not send anything so we will send the request to the orders endpoint so you will see all the orders just in case you're wondering what happened there and if i type in some value that doesn't exist i will get back a 404 not found so i need to get a real order so the real order let's say would be this one for john i'm gonna paste here the order id exactly as it was in the other request and now we will see an individual order that you are getting here so that's it you know if i'm looking at this order right now i'm not really happy with the customer name john it's not the full name so how can we change this now if we go back and use the post request once again to order book will essentially create two orders so i was wondering if there's any way how we can update this and luckily there is so here at the api documentation will notice this endpoint which says update an order and it will use the http request method patch to update this existing order and it will require authentication and it only allows us to update the customer name depending on the api you could update the entire order itself or only some specific properties depends from api to api and again here we're gonna get an example on how to do this so let's try to update this order i'm going to simply copy here this customer name and essentially the structure is the same as the one with getting an order so for that reason i'm gonna duplicate this rename it so that i can easily identify it and for some reason the parameter here got lost maybe i forgot to save it here before creating it absolutely no worries i can simply go ahead and copy this from here we'll have the exact same request i'm gonna try it again with get i'm noticing that this is the order that we're trying to update so i'm gonna select here patch and patch is again one of these http methods that allows us to send a body so i'm going to click here on body i'm going to select raw and again we're sending json i'm going to paste it here so let's add here another value and we can even use this postman random variable here so let's say a random last name this would be a good one all right so let's save it let's run it again and we're not getting back anybody and this is totally fine because the status will be indicated through the http response status and this is 204 again 204 indicates that everything was okay so we're trying to get that order again you will see here now the customer name is john anderson and we have managed to update the same order so the order id remained the same the book that we're ordering remain the same the only thing that changed is the customer name now let's assume that we already have too many orders here and that we're trying to you know delete some of them with patch itself we can just update information but we need a way now to delete this order let's say we already wanted to test something but we no longer need it so going back to the api documentation you can notice that there's also an endpoint for deleting an order essentially the path for all these operations from getting an order updating an order or deleting an order remained the same the only thing that changed was the http request method we had used get we had used patch we had used post to create an order and now we are using delete so delete doesn't require anybody we just have to specify in this case which one is the order id again what we're using here is just an example and it's always important that you study the api documentation of the api that you're trying to use just because a respective endpoint works in one way with one of the http methods for this api it doesn't mean that all apis work exactly the same so to update an order i'm going to simply go ahead here click here on duplicate i'm gonna call it delete order and i have to select the correct http method this one is delete the order id is already pre-filled here so all i have to do click on send i'm going to get here 204 no content but if we're still unsure if this worked properly we can go back to get an order so if we're trying to get the same order that we have deleted you notice it's no longer here and especially if we try to look at all the orders that we have you will see now we have one order or less so obviously the delete order worked properly let's save this as well and it will also show up correctly here in the collection you can notice that we already have quite a few tabs open so let's go ahead and close them so what you can do is simply close all tabs and if there are any unsafe changes you'll have the possibility of saving those changes if you have a lot of tabs and you don't need them anymore because they only contain temporary data you can simply click here on the three dots and select force close all tabs and you will not be asked welcome to the second part of the course where we start laying the foundations for automating the testing of this api as you have seen so far we started working with the api but there's still a lot of manual work involved if someone changes the api we have to retest everything manually and this is not very fun and also time consuming instead of verifying the api with our own eyes we want to let postman do this for us by writing api tests we also want to avoid any manual intervention like copy pasting data from one request to the other automation means that we let postman do the work and we only step in if something goes wrong by the end of the course you will know how to test this api with just one command or only one click this is the most exciting part of the course so let's get started alright so let's get started with writing api tests so far we have manually tested this api and we went through all these requests and essentially we created sort of like workflow we first of all checked if the api status is correct and we got a list of books we looked at a single book we ordered that book we took a look at all the orders we got an individual order we updated that order and then finally we deleted it and of course for some of these operations we also needed to register ourselves with this api the way we have looked at this is take for example this api status well essentially for postman as long as the request has been sent and something is coming back this has been a successful request response interaction postman has no idea unless we tell postman too if this was successful or not and we tell this by inspecting the response we typically are looking at the response we're not looking so much at request because we already know the request look at the response and we're looking at for example the status code we think here 200 and we're looking here at the body and we're seeing status okay so instead of us manually looking at this information let's tell postman to do this for us and in order to do that we're gonna switch here to this part of the request where it says here tests and this is where we can write tests what you can write in this window here is programming code it's javascript if you want to be very specific about us luckily if you're not really into programming or you're just getting started with it don't worry i will try to make things as easy as it gets postman here has this window with this so-called code snippets they essentially allow you to quickly do a few things with javascript without writing a lot of code and especially for us as beginners right now that's totally fine the most simple test that we can write is to test that the status code is 200 so if we scroll here the snippets you should be able to identify one of the snippets which says here status code code is and if you click on it this code will be generated now if for some reason the snippets have changed or you cannot find it anymore don't worry you simply can go ahead and type it as you see it here now this is a piece of code that will be executed when the response has arrived and postman will check if the status is 200. and you can even see here from the assertion that we're writing here it's kind of like easy to understand it says here pm.response not to have status 200 so it's relatively easy to read so again you know what's happening here and also postman knows what's happening here so let's submit this and now if we were paying attention here in the test results it will say one from one and if you click on it you will see here a path mapping green says status is 200 200. whenever we are writing tests we always must ensure that it will also fail just in case we made any mistakes when typing this code here it's totally possible may break this test or may always show that it's working when it sometimes is not working so let's try and fail this test we can fail these tests by entering here an address that doesn't exist so for example if i write here status foo and simulate that api will send me something else back i can get this test to fail and you will see here we expect the status code to be 200 but we're getting this assertion error expected response to have status 200 but got 404 as you see here 404 i'm gonna fix it back but this was just a small test to indicate that what we have written here is working properly all right now if the status code is let's say good but not enough for our use case we may also want to take a look at the response body for most apis the response body will be written in json this is just a very simple way to send data from the api to postman or to any let's say programming language and to transform it and use it there essentially the data that is coming back is relatively easy to use and understand by other programming languages so let's try and write a test that will verify that the status is indeed okay now the first step that we need to do is to parse the response and people generally wonder when they hear about parsing is like why do we need to parse it and the reason for that is what you see here this is json but this is essentially just text it's not an object that we can use inside javascript so for that reason in javascript what we will do is we're going to define a variable so const response will define a javascript variable and we're going to initialize it equal and this is something that comes from postman so i'm going to write pm.response this holds the response and we are going to call a function called json and a function call in javascript is always like this so inside this response variable in javascript we will now have the response which will be parsed from json into a javascript object if you want to take a look inside and see what is the value of response we can go back to our old friend the postman console by default the postman console will not record the values of different variables that are available unless instructed we can use for example console.log which is again a function and we'll specify in this function parameter and that parameter is the response so let's go ahead and open the console again i'm going to clear everything that you see inside here hit send one more time and you will see here the request that has been sent this is locked by default and then you will see here from our console.log statement you will see here this javascript object which has been created from parsing the json response the way this is represented looks pretty similar to json but it is not json it is a javascript object all right now let's say we're trying to get to this okay here and we have here an object that has a property called status now in javascript there are two ways on how we can get to that property we can write response that status and we can lock that information and you'll see here now it says okay or the alternative is to write this status between the square brackets as a string and this is sometimes needed when dealing with names that contain let's say a hypen or some other special characters maybe a space or something like that that will break the syntax so this is another way to use it but most commonly i would see it in this way both of them will get back with okay now we have accomplished a very important thing and that is getting to the data that we are trying to test if we cannot read it if we don't have it in our console after using it with console log there's no point in writing a test yet so especially if you're a little bit confused about json and javascript and parsing and everything make sure first that you see what you're trying to test inside console.log all right so now we already have it there we know that it exists so let's write another test a test in postman always starts with pm.test and pm.test is a function that takes two parameters so you can see here pm.test this is a function the first parameter will be the name of the test so let's say here status should be okay it's totally up to you what to write inside here and the second parameter this is a bit more tricky we have to specify the second parameter after a comma and this will be a so-called callback function and this has a syntax like this one or it can start like function this one these two syntaxes are compatible with one another this one here is a bit more modern now i'm gonna hit here enter and this is where we can start writing our assertions by default if we leave this test empty it will not do anything it doesn't really matter what we have here for a name it will show it here as past even though we have no assertions now we're gonna start with something very simple and what we're gonna do here is write something like pm.expect and we can expect for example one dot 2 eql to equal 1. you have to be very careful when you're writing the syntax and it has to look exactly like i have it here let's hit send again if i'm seeing expected 1 to equal 2 we expect this to fail it will say here assertion error expected 1 to deeply equal 2. don't worry about this deeply equal essentially it's failing and it's telling that one doesn't be equal to all right now how can we make this assertion that status is okay we already know that this object here with this property contains okay so let's check if it contains okay so instead of this expect hardcoded value one i'm gonna paste it here and here between double quotes i'm gonna write okay so let's send it again we'll see that it passes and if i write something else for example not okay it will fail and i will say expected okay too deeply equal not okay so this is an additional test that we have written on top of checking that the status is 200. if for some reason where again let's call here the foo status for endpoint that doesn't exist we expect some things to happen so first of all we'll get here 404 not found but also here this entire code that we have here will also fail because we're no longer getting json this is not possible so it will fail all together but this is just a very simple way on how you can ensure that this simple endpoint is working properly it is now time for another assignment based on what you have learned in the previous lesson i want you to write a status code test for all the requests inside the collection and i also want you to make sure that those tests will fail if needed i'm going to give you a few seconds to pause this video and after that i will show you how i will create this all right so there's nothing preventing us from getting started with what we already have i'm just going to change here be the syntax make it a bit more modern but as i mentioned before this is absolutely equivalent and shouldn't make any difference i'm going to copy this and let's take it here to the list of books click here on tests kind of paste it and again the status that i'm getting is 200 i'm seeing here the test results are working if i'm trying something else let's say books it will fail with a 404 so this is perfectly fine getting a single book again pasting absolutely the same test and i will be absolutely sure that this will fail as well okay order book now this is interesting let's see what happens if we simply paste this test here and you'll see here that the status that we're getting is 201 created that the test will fail we can adapt this here to check for the status 201 and also make sense to adapt the test name this is of course not necessary but it's just a good thing to keep it consistent all right so this one is now passing as well these other ones are absolutely the same and i'm not going to waste a lot of time making sure that they work as they will always return here 200 right this is another interesting one trying to here to get an order and that order doesn't exist anymore so we're getting 404 not found and also our test is failing so this is a good thing that this has happened we can look back here at the order book result we can get one of this order ids put it here in the parameters and running here the test we'll see that the status is 200 so this has worked we have to do the same for the next one where we are patching it so if i'm switching between too many tabs here i'm now inside a patch request pasting the test i should have gotten a 204 and i'm expecting for 200 so i'm going to change here 200 in 204 and now this one is passing as well deleting an order is pretty similar i'm gonna first let it fail i got in here 404 not found i should also get a 204 getting now the right order id and putting it inside a parameter okay another test that is passing and also this with the registration of the api client i have to identify the right test and i'm going to paste it here as well if i recall correctly because we are creating something we expect here to get to 1. obviously for saying the same data again this will not work but now we have a simple test that tests that each individual requests in this collection returns back the status code and as you have already seen this is already a pretty important test this already gives us a pretty good idea if that request was successful or not as you have noticed in the previous assignment one thing is particularly annoying and that is copy pasting this order id from one request to the other essentially we start here after we have this order book we're getting an order id and after that we want to go through all the other requests we have to paste it over and over again and to be honest we don't like that very much now i mentioned in the beginning of the course that postman has different variable scopes and essentially those variable scopes are collection variables that you have seen so far there are also global variables which is a variable type that is available inside the entire workspace for all collections not just for a specific collection or they are also environments environments they are useful if you have different environments so for example if you're developing software and you have a local development environment local host you have a testing development environment and you have a production development environment then you can define multiple environments and you can easily switch within them and having here for example the base url you can easily swap that with testing environment or a production environment or localhost getting a bit of topic right now in terms of this the problem that we're trying to solve is to use a postman variable to store this order id so what i'm going to do here is i'm going to copy the value and i'm going to click here on this eye icon right here in the corner and what we're going to do here is to define a global variable just as well we could have defined this inside our collection as a collection variable but to be honest this is sort of like a transactional data we don't really want to save it inside the collection we can just you know throw it in these global variables and not worry so much about it so we're going to click here on this edit i'm going to define here the variable key which is order id of course you can call it as you wish i don't really care about the initial value i just gonna paste here the current value the current value is now this one now next time when we create this request we can take this order id again if you lost it here you can simply click here on this eye you'll see here the values and you can even click here on the current value and easily change it make sure you don't add any spaces or new lines where you're pasting data so now at the next request the get all book orders there's nothing that we need to change but then when we have here get an order instead of manually specifying this parameter here i'm gonna use here double curly braces order id you'll notice that this is the order id that we have just saved so i will even copy this variable here go to the next request replace this as well go to the delete order replace this here as well so next time when we're clicking here on orders let's see gonna happen so we're gonna get a new value let's get here a new value again click on the environment replace it here if i'm trying to get an order i will see that order and it should be exactly the same so we can cross check what we have here for a variable to what we're getting back in the response i can update that order i can go back and look at the updated information and of course i can go ahead and delete that order and if i'm trying to get it again it will not be there anymore and as you have noticed the postman tests have been executed in the background and they already give us an idea if everything went okay or not so we don't even have to look at response body or anything like that in this case we went outside of what was expected in terms of the flow but the rest of the tests were useful and now we have managed to reduce a bit the amount of manual labor that we have to do in order to test this out if we look back at the collection we'll notice that we still have a few requests that contain some let's say hard-coded data and it all starts with this list of books where we have looked at some of these books we have identified a book id and we have used a book id in some of the upcoming requests for example get a single book we have here an id that is hard coded and of course then the next request with ordering the book we have again the id here so this kind of like hard-coded data makes our tests and our entire collection a bit susceptible to changes for example if that book is being removed and having like this hard-coded value there will not do us any good so for that reason we have to find a way to make everything a bit more dynamic so looking at this list of books let's say for example we want to get the first non-fiction book that we can find here so as you already remember essentially we can add here a filter so we can add here the filter type and say we're looking for a non-fiction book so we can change that here and for sending this again we'll only get non-fiction books so let's try again to set this to a variable and see what happens the question is like how can we get this information previously we have manually set this variable but we still want to avoid getting this we want to set this variable automatically and this is totally possible so let's go here to the scripting part where we have the tests and we also have here the response so let's imagine that we want to get to this id here id 2. first of all we're going to define a new variable called response and we're going to do the parsing opm.response.json will parse the response.json into a javascript object open up again the console send the request and we'll see here the data that we have this data format is different than what we had before because it is a list of books or how is it called in javascript it's an array now recontains multiple objects so this book i with id2 this is an object then there is the next object with the other book with id5 if we try inside the console log to do something like response dot id you'll see here that it says undefined and the reason for that is because we first have this array so we need to get that data from the array first and then we have an object where we can call the property id [Music] the array that we have has keys essentially a way that allows us to access that information for example if i write here a square bracket and i say zero this will get us the first element from the array computer science we always count from zero so this is why the first element has the key zero let me demonstrate this you will see here we get this two now the problem here is that this first book is not available so what we have to do is to get the second book on the second book we'll have the key one trying to get that and we'll get id number five here that's all good the problem is if this data set changes or for example the first one will become available or the second one will become unavailable having this hard-coded data here will kind of like cause us some issues for example even if something changes in the parameters we're no longer setting this non-fiction filter here the id that we can get if we keep it hard-coded like this will be different all the time and we don't want this this will be too risky so we have to look into a different way of handling this because this is an array we can use a specific function then this array has so we can define here a new constant let's call it for example none non-fiction books and we can get a response i'm gonna use the method filter and inside here we can define a condition now the condition that we're going to define here is inside another function where we will receive a parameter book and then with this book we can define a condition so for example book dot available and we can decide here if available should be true from the two books that we have here we can notice that the first one is not available but the second one will be available and let's just assume all the time we'll know that we'll get one of these books so now what we can do is from this non-fiction books we can get the first element that we get because we will know that this will be available filter will throw out any books that are not available and will only give us the books that are available and then by specifying non-fiction books 0 we'll essentially get the first book that is available and that is a non-fiction book and you will see it here being locked in this way you have managed to get to this property that is really hidden inside the response without actually having to write something hard-coded with the only assumption that all the time we should find at least one non-fiction book that is available for most apis this is a assumption that's quite valid the criteria that you use here totally depends up to you you can search for a specific name or by any other characteristic if you find yourself in a situation where you need to filter a list of different objects and extract only one now so far this hasn't helped us a lot so what we want to do next is to also actually set that variable luckily postman has another code snippet that we can use and the code snippet is called set a global variable so i'm going to click on it it will be generated here and all we have to do here is to specify the following we'll specify here the book id this is the name of the variable you can call it as you wish and then we also have to specify the value and when you're specifying the value you want to make sure that you're not putting anything between codes because this will be a string but since we have here a javascript object we will be putting that now of course we don't want to have the object itself we want to get only a property of that object so i'm going to write here that id so we're getting this object and we know that the property id is 5. after sending this you can click on this i icon here and you will see pretty similar to the other variable that we have manually set that now book id has value five so it means that now we can get an updated book id with our requests and we don't have to do anything else now just in case something does happen and no book is being found it kind of makes sense to test so just in case we don't have any books there is a postman test that will let us know hey we couldn't find any non-fiction books and in this case we're not gonna be directly asserting the response but kind of like indirectly through this filter that we have so let me show you what i mean by that let's go ahead and write a new test pm.test and let's say here book found this is the name of the test this will be the callback function and inside let's try to write an assertion instead of logging this i'm going to define a variable called book and i'm going to write a few expectations so i'm going to use pm.expect i'm going to expect book to be an object so first of all we expecting that book is an object and additionally we can write other assertions for example pm.expect book that available to be true and this is absolutely the same as writing pm.expect book available to equal true it's just a different way of writing it so again this just ensures that everything is as we expect it to be what we're setting here instead of using this we can use this book.id and we can also try to make this fail now it may fail in a different way we can write here for example instead of equals true we can set a filter that will never exist and we're gonna get here actually first of all a type error because we're trying to get property id of something that's undefined essentially postman will anyway warn us that something didn't went well but this additional test that we can write a just good place to ensure that we document how the api should behave and we document what we expect to get back so i'm going to fix this and let everything run properly so for example just to ensure that everything works properly we can also surround this by something like let's say if book only then we're setting this global variable so let's make this fail again and then we'll see here that we don't get this error anymore from javascript which says here book found has failed so it hasn't found a book and then we're making the expectation undefined to be an object so this is a way to get around that javascript error that you have seen previously but apart from that this is how we ensure that what we have written here in terms of javascript is being properly handled just in case something unexpected happens and now it's time for another short assignment for you we have identified here a book and we have seen that it is available i wanted to give you the opportunity to write an expectation on your own and i want you to expect that this book is from the type non-fiction even if we have used this parameter here and we specified that is non-fiction just wanted to test it again and also try to make it fail i'll give you a few seconds to pause the video and to do the assignment on your own and after that i will show you how i would solve it all right this is pretty easy i'm going to simply duplicate the last expectation that we have here because from the structure is already the way it should be and i'm going to change here property from available to type and the type that we're interested in is non-fiction so let's fix this error here from above in true and we have tests that are passing let's disable the type and maybe we can even change it to fiction but essentially the first available book that we found was a fiction book so for that reason the test is failing so now we have ensured that whatever we're getting back is indeed a non-fiction book because this was the original requirement and after one assignment what is better than doing another assignment because practice really matters now this assignment will have two points the first of it is i want you to use this variable book id that we have saved here and you've seen that it has been properly saved as a global variable i wanted to use it in a get single book and also in order book this is in the request body and this is here as a parameter since you're already looking at a get single book request how about checking again if inside here so let's write for example five i'd like to check that the current stock is actually greater than zero and i'm going to give you a small hint on how to do this so i'm going to go ahead here just simply copy the structure of the test here let's say i'm going to write it is in stock so this would be the name of the test and the expectation would be pm.expect one two be above two a very simple expectation here that will help you out when asserting that the current stock is greater than zero and you will see here that one is not above two so it's not working i'll give you a few seconds to pause this and after that i will continue solving the assignment all right so the first part of the assignment is super super easy we only have to replace here any hard-coded values with what we have here book id as a global variable and you can see it's being rendered and we also have this order book and inside here is again super simple you only have to get that right and we can test if it's working properly we're getting no errors so all good there going back to the test that we wanted to check here the property that we want to use is this current stock so as you recall first of all we have to parse the response so we define a variable called response and we're using pm.response dot json we're parsing that and what we can do here is to expect that response that current stock to be above zero super simple the problem that you're getting here is you're gonna get this weird error it says stock is not defined and you'll probably not understand what is this referring to the problem is this dot syntax this dot notation when getting properties from an object works with this kind of like simple properties that are one word when you have this dash here this hyphen here this would kind of like break the syntax and you have to fall back to the other syntax with square brackets so we adding here this square bracket we are putting it the name of the property as a string here can be single quotes or double quotes use as you wish and that will get us the right property and we'll see here now it is in stock we're trying to get something that's not in stock for example book id 2 i think it was not in stock we'll have here failing test expected 0 to be above 0 so that's not working but with our book id here it's working properly all right so this was the assignment now it seems that we have all elements that can help us do proper test automation we have written api tests that ensure the api response as we expect the api to respond and generally how we expect the api to work and we also have added all these variables and essentially we don't have to copy paste anything anymore from one request to the next one the next step is to move into the direction of automation we want to take this request and instead of going request by request from one request to the other and running this manually we will use a built-in tool from postman this is the collection runner and the collection runner allows us to execute the entire collection with just one click so let's see how this works first of all i have too many requests here open again so i'm gonna simply go ahead and close all of them i don't need them everything is saved and here in the lower part of the screen it's a bit hidden you'll find this button a runner so i'm gonna click on it in earlier postman versions you could start to run it directly from the context menu of the collection itself not sure if this will be added back but just in case if you're watching this a bit later on maybe this has come back here in the collection just saying all right so this is essentially the runner and in order to run this collection we're gonna essentially drag and drop it here and here is the run order the run order is in which order will this request be executed now for example here the way we have organized the requests here in the collection this is how they will be executed for example here the way we did it is before actually ordering a book we first registered our api client so it may make sense to do this somewhere before that of course this is not impacted so if we don't want this anymore we can simply close this all together open the collection runner again drag it here you will see the new order you also have the possibility of reordering requests or disabling some requests that you don't need okay so this is in terms of in which order will this request be executed there are some other things that we want to do one very important one is to save the responses and just in case something goes wrong by saving the responses we'll be able to take a look at what has happened okay so let's click on this button and let the runner do his job now as you can notice some of the requests have been successful in terms of testing and some of them have failed for example here register api client this has failed and we already knew that sending the same data will cause this to fail so no big surprise there there are also some other ones who have failed here for example get an order has failed now if you want to better understand what has happened we can take a look here and we're looking here at the request we'll see that we have this order and let's try to understand like what has happened here you'll notice here that we have this order id but this is the order id that we have manually hard coded here we are not updating this with every execution and yeah this is your next assignment do you have any idea how we can fix this i will give you a few seconds to pause this video and to try to do this assignment on your own all right obviously manually hard coding this it's not the best approach and as you can see we totally forgot that this thing was manually added so what we have to do here is to fix this order so where is this coming from it's coming from this post request order book and we have added a test but we're not doing anything else so let's submit it again this is the property that we're interested in if we want to be very sure that this is working properly we can use again console.log but just gonna speed it up a bit so again we're parsing the response i have to do this all the time and it's not pm.request.json it's pm.rt i have to be careful what i'm writing and we're going to set the global variable and we're going to be careful to name it order id so this is the key this is how the name of the variable will be and we're going to get it from response dot order id you see i'm always copy pasting this because i don't want to make any mistakes in terms of how i name this let's run it again we inspect it and what do we see here it is absolutely the same order id as we have in the response so it means this has been updated and let's go back to our execution and see if this helps us get rid of the error i'm gonna click here on run again and now you can see that apart from the register api client which has failed the rest of them are working properly and we have at least a status code test that is ensuring that everything is working properly so good job there is still something very annoying about this register api client request on one hand we don't want to get rid of it because we may need it later on but the same time when we're automating now the execution it's kind of annoying to have it in there and luckily there is a way how we can influence the order in which the requests are executed and let me give you an example i'm gonna go here to this api status request i'm gonna go to the tests and what postman allows us to do is to specify here in the code where postman should go with the next request and currently this is done by writing postman this is instead of pm which is let's say the newer way how we're interacting with postman this postman entirely is a bit older and may get replaced later on maybe at the time we are watching this currently in the version that i'm using is still working just saying but it allows us to specify where the next request should go and this goes by saying set next request you'll see here the autocomplete and here we will not specify an url but it will specify the name of the request so for example here how about skipping this so the normal execution goes from here to here to here to here how about if we tell postman hey after you've checked the api status go to the list of books so we have to get here the name of this request exactly as it is i'm going to simply copy the name and put it here as a string so going back to the collection runner i'm going to hit here this one and if you look here you will see we had api status we have you know registered the api client no it's no longer there we have jumped directly to the list of books and you know the flow continued we didn't want to skip any other requests and you can see here that the register api client is not present an alternative to doing this is to move this right here at the end and for example you can go to this delete order request and specify postman set next request and this time we don't want to go anywhere else we just want to say stop so in order to say stop we simply say specify null null means don't go anywhere else don't go here for example gonna write again this one with the api status has absolutely no effect it will go to the list of books just as instructor but this is also the normal behavior what has changed here is that the delete order request will be essentially the last request because it will instruct postman hey stop the loop now the thing with this loops is well it can get crazy so you have to be very careful when you're using these conditions and especially when you want to stop something if you just want to skip something that's totally fine but just going to demonstrate what's happening if i'm going to set it to list of books so it's running and running and running so it will essentially run forever because we don't have any condition that's telling it to stop it will continue running endlessly so i'm going to manually stop it here but especially if you want to do automation it's probably not a good idea to have a job running all the time so just be very careful the conditions that you're writing and use the collection runner to test it out before you do anything else so we have managed to automate this with a collection runner we still need to do this manual click there and how about a way to run this collection all the time but not to worry about doing that click and there is a functionality that is built in imposement and that is the monitors you can notice here from collections a bit further down you have monitors but also from the context menu of the collection you can select here monitor collection so monitor collection or clicking here on monitors and clicking on create a monitor will take you to this page so let's see here the monitor name will be check books api say for example we want to make sure that this books api is working all the time without us having postman open or without starting the collection runner and we can define a frequency so for example we can decide to run it every day run it every weekday and so on so there are a lot of configurations that we can select here and i will not get into all of them of course what's important here if you go this way you have also to select the collection kind of important so we're using the simple book api the only collection available in this workspace i'm going to go ahead here click on create and once this monitor has been created you don't need to do anything else it will start on its own and you will get a notification by email something went bad of course just for testing purposes i will run it manually once but if you don't write menu it will start on its own according to the schedule this execution will happen on the postman infrastructure and is totally decoupled from your browser your computer or anything else it is a relatively easy way to check if something is working in this case you will see here that it says unhealthy something went bad so we can scroll a bit down here and we'll see this report and it will show us what has happened and you will see here that the test that we had here the first request that we have they are working but as soon as we do something with orders it will not work anymore the test will fail and would say here 401 unauthorized so what's going on there are not so many information in regards to this and you'll kind of have to guess like what has happened as you remember at one point we have created inside our collection this token which we have manually generated and we haven't specified it in the initial value now when we have created this monitor essentially we have shared this collection with postman and because we haven't provided the access token they don't know what they should do so this is why this will fail so if we go ahead and add the current value to the initial value save it go back to the monitor and run it again you will see now that it has worked perfectly unfortunately when something doesn't work well here it's a bit harder to debug because you don't have access to all the information that you would normally have inside postman but especially when everything works properly still a pretty powerful tool now typically when anything fails around automation or with a collection runner or here with a postman monitor it is typically regarding missing postman variables or something that hasn't been properly set so it's always a good idea to check that first the most important tool when trying to automate a collection run is newman a newman is a cli tool that can take a postman collection run all the tests and at the end also generate a report if you know how to use newman you can run a postman collection with api tests on any professional server that deals with building and testing software like for example jenkins gitlab ci teamcity or anything else that you use we're not going to look into specific integrations but i wanted to show you how we can properly use newman in order to use newman locally on your computer you need to have node.js installed and i've added some details on how to do that inside the course nodes i've opened here terminal and i already have new one installed so i'm going to write here newman version and this will indicate that newman has been properly installed on my computer now you're probably wondering how can we get access to the postman collection that we have and run it with newman and that is definitely a very good question first of all you can go to your collection click on this three dots and export this collection as a json file i've created a new folder to hold this collection and i'm going to simplify a bit the name so it's going to be postman underscore collection.json let me go ahead and save it an alternative way to doing this is simply clicking here on the context menu of the collection clicking on share collection getting a public link and this public link will be generated you need to pay attention that this link does not automatically get updated when you update something inside your collection and every time you make a change and use this public link you have to come back here and click on update link to make those changes visible there's also a third way which i'm not gonna show by using a postman api postman also has an api that allows you to get to these collections by using an api key that will add in the course notes some details about it so there are three ways on how we can do it and i'll be demonstrating two of those so from the terminal window that i have i'm gonna go inside the folder where i have saved this collection this is a simple book api and you will see that the postman collection is here so i can simply use newman run and then i'm going to specify the path to the collection now you can notice that the entire execution has been successful all the tests have been generated properly and everything seems to be working fine the alternative to using it as a file is something like newman run specifying here the link where the collection is this can be essentially anywhere where it's reachable over http i'm going to simply copy the link that we have here as a public link and absolutely the same thing will happen the reason why this may fail is again due to variables or missing tokens that you may have in your collection which either are not set as the initial value or are only available as a global variable or something that hasn't been exported if you're using for example environment you need to export those environments as well and also specify them here probably one of the most important things when working with newman is the possibility of generating reports and one of the reports everyone in the postman community absolutely loves is the html extra report which will generate an html report now it is not only nice to have a good looking report but it's also super helpful when you're trying to debug something that went wrong this report will contain anything that you log it will contain the full request and the full response to really really a lot of data i'm going to link you in the course notes also this reporter and how you can install it and i'll also go through the installation steps and how to configure it in a bit so this is the command that you need to run in order to install this reporter i already have it here and in terms of the usage you can notice here that we have here newman run and it's the collection and all we have to do is specify the reporter we can use reporters which is my preferred way of specifying any flags or any additional information to a command because it's just much easier to read so this is the newman run command i'm gonna write here reporters we're gonna still keep the cli reporter this is the cd reporter what you're seeing here and without any spaces comma i'm going to write html reporter and you're writing these commands it has to be exactly as it is so it's not html report it's html extra sorry but you have to write reporters space and then specify the reporters it's not reporters equals or anything like this so be very careful what you're writing and also as you've seen i've written the wrong reporter name so this has been executed and i will look inside the folder to see how this report looks like so inside a folder you'll notice that an additional folder has been created it's called newman and it contains here an html report that you can open by double clicking on it what you'll see here is absolutely like an overview of what has happened in terms of requests and responses you see how many requests have been sent you can go to the requests you can investigate what happened with each request for example order book you can open it up you can see that has been a post request you can see the address you can see which request headers have been sent so for example if you're having like any problems with authorization you'll see here if the proper token was sent if you see here for example a postman variable that hasn't been resolved it's probably one reason why something failed so it really gives you a lot of information in a very nice and easy to read format both for newman and for the html reporter there are tons of configurations that you should know or especially if you want to get started with this you really have to get very familiar with the documentation try to understand which flags are available what you can configure you can specify the names of the reports and many other things we are coming towards the end of the course and i wanted to give you the big picture in terms of automation and why newman is so important and where does everything that you have learned fit here's a pretty realistic project that i have is an api and essentially this api has a built pipeline this is a piece of software that goes through a build process so this is where the code is being compiled it has some internal tests that are being executed unit tests and also some code quality then this api is being deployed to a server and then i have here a stage of doing api testing so once i have deployed this api somewhere i'm using a postman collection in human to run some tests and to ensure that the api is working properly and just in case something is not working properly i rely on the postman test and on human to notify me and tell me inside this pipeline hey the last change that you have done caused some issues there were some tests that failed and this is where everything fits in together so for example if i go to this api testing stage here and i'm looking inside the job well what i will see here is the newman execution i have here newman run i'm running a collection i'm also specifying some environments so one environment here that i'm using i'm also specifying reporters like cli reporter html extraj unit and specifying where i should save a specific reporter and so on in addition to this in addition to getting all this information here you can go here to browse and i will see here inside the newman folder i'll have the html reporter and here i'll be able to debug if something went wrong way to understand what has happened and so on so this is essentially how everything comes in place we have an api that we want to use and test and ensure that it's working properly we have gone through the manual process of testing it but once we are happy that the api works and we have understood how it works we have documented that functionality by writing api tests and we have taken this execution of the test through different stages first of all within postman just to make sure that everything worked properly but then we have used that collection and using newman we could essentially automate this execution run and integrate these postman collections with many other tools we're showing here the example we get live ci you can do the same with jenkins with teamcity circleci or any other continuous integration continuous deployment server that you may be using we have accomplished so many things in a very short amount of time i know this was a lot to take in but i hope it was useful and that this has opened your appetite for learning more if the scripting part was difficult and you are still confused about javascript variables objects arrays you can benefit from taking a basic javascript programming course suppose you want to learn more about api testing and postman in that case you can explore topics around data-driven tests where you use an external csv or json file to fit different data sets in your request or schema validation where you essentially test the structure of the response in one go instead of going property by property or you can go deeper into authentication and learn about oauth2 you will find links to more advanced tutorials that show different things you can do with postman in the course notes hope you have enjoyed this course and i would be very happy to see you again bye now
Info
Channel: freeCodeCamp.org
Views: 318,370
Rating: 4.9715891 out of 5
Keywords:
Id: VywxIQ2ZXw4
Channel Id: undefined
Length: 129min 37sec (7777 seconds)
Published: Mon Mar 01 2021
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.