EMBRACE API Testing
I am always looking for new ways to teach software testing, along with keeping my technical skills up to date. I decided to revisit my knowledge of APIs and API testing. In doing so, I came across a TestBash talk by Shivani Gaba on moving from GUI testing to API testing. I thought she explained it very well and it would be a useful watch for anyone new to the topic or revisiting. You can find it on the Ministry of Testing website — Moving from GUI to API. Testing Challenges Faces. Lessons Learned.
For me, Shivani broke down the complex and made it very simple. I liked how she shared her honest personal journey of being a little bit terrified of moving into API testing, saying she was familiar with testing the GUI level. However, over time Shivani explained by breaking it down — how you can get involved testing here. It is not as complicated as you may first think.
I reached out to Shivani to give this feedback and also, my intentions of sharing this on my blog with her permission. In the talk she talks about EMBRACE, which stands for endpoint, method, body, request/response headers, authorisation, codes and execution time. This has stuck in my head and I thought it would be a great way to teach other people. More people need to know about it!
Before we get into that. What is an API at all?
It stands for application programming interface. The name sounds a bit complicated, but what I’d suggest focusing on is the word interface. You can see it as a messenger to talk between the client and the server.
Examples of an API
One of the examples given by Shivani was thinking about ordering from a restaurant. You are the client and order some food from the waiter. The waiter then sends your order to the chef. The waiter is what you would call the API. It is sending instructions to the server.
Another example could be you need to get a dinner recipe from your friend down the road. You send your son to run quickly down the road to ask for the recipe, he retrieves the recipe and brings it back to you. Your son is acting as the API.
EMBRACE
This stands for Endpoint. Methods. Body. Request/Response Header, Authorisation and Execution Time.
Endpoint
An endpoint is a component of an API. I like to think of them as a bucket that has things in them. So for example, on Spotify you have a bucket full of albums. The bucket of the album is the endpoint.
In a more technical explanation, endpoints are the locations of the resources, and the API uses endpoint URLS to retrieve the requested resources. There are quite a few examples on this website. https://blog.hubspot.com/website/api-endpoint.
Methods
There are different methods that basically do different actions. So going back to a bucket of albums. You could get an album, create or update a new album, update an existing album or delete an album altogether.
GET — Read/retrieve response
POST — Create/update new resource
PATCH — Update existing resource
DELETE — Delete a resource
Body
A body, how I like to think about it, is a container. Like an envelope that sends the message. A request body is data sent by the client to your API. A response body is the data your API sends to the client
Request/response headers
There are headers that you need to think about.
Content type e.g. application/json
Authorisation — You have a key that you add to authorise that the API has permission to gain access to the data.
Authentication / Authorisation
I’ve added authentication here — providing the right identify, authorisation — do they have access for the data?
Code —
These are the responses that you get back from the API. You can read more on this website https://developer.mozilla.org/en-US/docs/Web/HTTP/Status
1 xx Informational
2 xx Success
3 xx Redirection
4 xx Client Errors
5 xx Server Errors
Execution time
How long does it take for a response? If something is going to be taking a long time, then it will cause a lot of frustration.
Conclusion
Consider using EMBRACE to teach API testing to others. When you break it down, it’s not as scary as it may seem to be.
References:
- Moving GUI to API testing by Shivani Gaba https://www.ministryoftesting.com/dojo/lessons/moving-from-gui-to-api-testing-challenges-faced-lessons-learnt-shivani-gaba?s_id=13075840
- Endpoint examples https://blog.hubspot.com/website/api-endpoint
- Codes https://blog.hubspot.com/website/api-endpoint
