Testing REST api with postman
I am very new to this, so I am approaching it like I would test a sign up form for instance. I have a Rest interface exposed for testing operations: Getting all users, getting users by id, searching users by email, inserting users. I covered all the happy flow options, I covered searching for non-existing user, getting user by non-existing id, inserting 'empty' user.
Is there something I'm missing here?
Some things you may want to consider:
- Badly formed input - how does the API handle badly formed input? Can you send it something from the Big List of Naughty Strings and get back data you didn't expect?
- Security - If the API uses an auth header, can you access anything useful without one? If something else is used, can you bypass it with your tests?
- Flow - can you create a user then do something with that user's credentials? Can you create an empty user then do something with those credentials?
Ultimately, what you can test comes down to a combination of what tests you can imagine, and how much time you have to create and run tests.