Recently I did a course on exploring API testing by Amber race from test automation university.
https://testautomationu.applitools.com/exploring-service-apis-through-test-automation/
It taught so many amazing things which can be applied to any API testing and really it is powerful. I have tried to put down some important points:
- P.O.I.S.E.D. testing heuristic
P-Parameters
O-Output
I-Interoperability
S-Security
E-Error
D-Data - API Contract:
Request:
– Endpoint
– Header
– Body and data types
– Request type (xml/json)
Response:
– status code
– Header
– Body structure and data type
– Request type (xml/json) – try to convert xml to json and vice versa for structure - To work with API response in mobile devices
use Fiddler or Charles tool - API testing strategy
More reference on exploratory API testing from Ministry of Testing:
https://www.ministryoftesting.com/dojo/lessons/exploratory-testing-an-api?s_id=227301
TechieWolf 