What is client: A client is a piece of computer hardware or software that accesses a service made available by a server as part of the client–server model of computer networks. The server is often (but not always) on another computer system, in which case the client accesses the service by way of a network.

What is a server:  A server is a computer or system that provides resources, data, services, or programs to other computers, known as clients, over a network. In theory, whenever computers share resources with client machines they are considered servers. There are many types of servers, including web servers, mail servers, file servers and virtual servers.

A web application contains 3 layers: 

Presentation layer: The presentation tier is the user interface and communication layer of the application, where the end user interacts with the application. Its main purpose is to display information to and collect information from the user. Ex; HTML, CSS, JavaScript 

Application/Business layer: The business logic layer is responsible for data exchange and the app’s overall functionality. It contains all the logic for business operations, such as rules and conditions. Ex: Java, .net, C#, Python

Database layer: Are 2 types

The data service layer transfers data from the server to the presentation layer. It separates business logic from the client side and serves as an intermediary between the server and the presentation layer.

The data access layer provides access to your data, including binary and XML files. This is the layer that performs data management operations such as create, read, update, and delete (CRUD).

---

What is API: The term “API” stands for Application Programming Interface. If you break that down word by word, you can get a pretty good sense of what it means. An API is an interface or middleware that can be used to program software that interacts with an existing application. In practice, an API is “a set of functions and procedures” that allow you to access and build upon the data and functionality of an existing application.

Nowadays, when we’re talking about APIs we’re typically referring to web APIs, which expose an application’s data and functionality over the internet. If you look closely, you’ll see that web APIs power our everyday lives:

• When you log into a website using your Facebook profile
• When you switch on Netflix and see dozens of new movies flood the screen
• When you look for flights on Google

… and the list goes on and on

Technically, web APIs usually send data back and forth using HTTP requests. These requests often return textual data in the form of a JSON or XML response.

Why Do we need API : To understand, let’s see the 2 problems in below picture.

Note: Why do we need API, find the explanation here : https://youtu.be/Py5RMqur4yY

What is API testing: API TESTING is a software testing type that validates Application Programming Interfaces (APIs). The purpose of API Testing is to check the functionality, reliability, performance, and security of the programming interfaces. In API Testing, instead of using standard user inputs(keyboard) and outputs, you use software to send calls to the API, get output, and note down the system’s response. API tests are very different from GUI Tests and won’t concentrate on the look and feel of an application. It mainly concentrates on the business logic layer of the software architecture.

API automation Testing requires an application that can be interacted via an API. In order to test an API, you will need to

• Use Testing Tool to drive the API endpoint
• Write your own code to test the API

There are 2 types of Web Services/APIs: 

SOAP API: SOAP is defined as Simple Object Access Protocol. This web service protocol exchanges structured data using XML and generally HTTP and SMTP for transmission. SOAP also uses WSDL (Web Services Description Language) documents to distribute a web service description model. This describes how the SOAP requests (client-side) and responses (server-side) must appear. Additionally, SOAP web Services have standards for security and addressing.

            Pros: Usually easier to consume, more standards (WSDL, etc.), distributed computing

            Cons: Difficult set-up, more convoluted coding, harder to develop

RESTful  API: Means Representational State Transfer. RESTful Web Services are basically REST Architecture based Web Services. In REST Architecture everything is a resource. RESTful web services are lightweight, highly scalable and maintainable and are very commonly used to create APIs for web-based applications..

API developers can implement REST in a variety of ways. When a client request is made via a RESTful API, it transfers a representation of the state of the resource to the requester or endpoint. This information, or representation, is delivered in one of several formats via HTTP, JSON (JavaScript Object Notation), HTML, XLT, Python, PHP, or plain text. JSON is the most generally popular file format to use because, despite its name, it’s language-agnostic, as well as readable by both humans and machines. 

The key elements of a RESTful implementation are as follows:

1. End point/Base URI: Address where API is hosted on the server.

URI: Uniform resource identifiers

2. Resources – The first key element is the resource itself. Let assume that a web application on a server has records of several employees. Let’s assume the URL of the web application is http://demo.codenbox.com. Now in order to access an employee record resource via REST services, one can issue the command http://demo.codenbox.com/employee – This command tells the web server to please provide the list details of  employees. 

Otherhand, Resources represent API/Collection which can be accessed from server. 

Examples:

google.com/maps (base url+ resource)

google.com/search

google.com/images

Note: Along with resources, API can pass path or query parameters.

Path Parameters: Are variable parts of a URL path. They are typically used to point to a specific resource (or sub resource) within a collection such as an employee identified by ID. Ex: http://demo.codenbox.com/employee/1 – This command tells the web server to please provide the details of the employee whose employee number is 1 (here 1 is path parameter).

Or : https://www.google.com/images/111244  

Or https://amazon.com/orders/123  (here 123 is path parameter or sub resource of Orders resource).

Query Parameters: Is used to sort/filter the resources. Query parameters are identified with “?”

Example: https://amazon.com/orders?sort_by=1/10/2022

So, endpoint request URL can be constructed as below:

Base URI/resource/(Query/Path)parameters

URI: Uniform resource identifiers

URL: Uniform resource locator

3. Restful HTTP Methods: These describe what you want to do with the resource. The below diagram shows mostly all the verbs (POST, GET, PUT, and DELETE) and an REST API example of what they would mean.

Let’s assume that we have a RESTful API service defined at the end point . http://demo.codenbox.com/employee . When the client makes any request to this web service, it can specify any of the normal HTTP verbs/Methods of GET, POST, DELETE and PUT. Below is what would happen If the respective verbs were sent by the client considering Employee data.

1. POST (create) – A POST request is used to send data to the server. Means, this would be used to create a new employee using the RESTful API service. 
2. GET (select/read)– The GET method is used to extract information from the given server using a given URI. While using GET request, it should only extract data and should have no other effect on the data. No Payload/Body required. Means ,This would be used to get a list of all employees using the RESTful web service. 
3. PUT (update) – Replaces all current representations of the target resources with the uploaded content. Means, This would be used to update all employee using the RESTful web service
4. DELETE (delete) – This would be used to delete all employee using the RESTful services

Note: Every request will get a response in JSON/HTML/XML/Text etc format.

4. Request Headers/Cookies – Represent the meta-data associate with the API request .These are additional data/instructions sent with the API to process our request. These might define the type of response required or the authorization details.

5. Request Body – Data is sent with the request. Data is normally sent in the request when a POST request is made to the RESTful  API. In a POST call, the client actually tells the REST web services that it wants to add a resource to the server. Hence, the request body would have the details of the resource which is required to be added to the server.

6. Response Body – This is the main body of the response. So in our RESTful API example, if we were to query the web server via the request http://demo.codenbox.com/employee/1 , the web server might return an JSON document with all the details of the employee in the Response Body.

7. Response Status codes – These codes are the general codes which are returned along with the response from the web server. An example is the code 200 which is normally returned if there is no error when returning a response to the client. Here are the list RestAPI response codes.

Note: All the API testing needs body info as JSON except GET API testing. JSON: JavaScript Object Notation is a standard text based data format used in web development to send and receive data. JSON.parse() : Json method in Javascript. Takes JSON string and convert into Javascript object. Lear Postman API Testing step by step: Go through all the tutorials- CLICK HERE..