API Testing

Tricentis Tosca allows testers to rapidly create API tests from an intuitive business-readable interface and then integrate them into end-to-end test scenarios. Even if you’re new to API testing, it’s simple to get started in minutes.

Why API Testing?

Software testing industry experts such as Gartner and Forrester recommend that testers start shifting more of their testing efforts to the API level—with the ultimate goal of achieving 80% of functional test automation at the API level. API testing is considered a better fit for Continuous Testing, Agile, and DevOps for a number of reasons.

  • API tests are less brittle and easier to maintain than traditional UI tests.
  • API tests can be implemented and executed earlier in each sprint than UI tests.
  • API tests can often verify detailed “under-the-hood” functionality that lies beyond the scope of UI tests.
  • API tests are much faster to execute and are thus more suitable for checking whether each new build impacts the existing user experience.
Tosca API testing

Easily-Maintainable API Tests for End-to-End Testing

Tricentis helps you rapidly define and update API tests in a business-readable interface, then reuse them as “building blocks” across end-to-end tests. SOAP and RESTful (e.g., Swagger) APIs are fully supported.

Since these API tests use the same model-based test automation technology behind all Tricentis automated testing, they are simple to update. For example, if an element or attribute name changes, just update it once, and that change is automatically propagated to all associated tests.

Additionally, you can use Tricentis technologies to enhance and optimize your API tests. Risk-based testing helps you focus on the tests that matter most, and test data management lets you rapidly populate these tests with the exact data you need to achieve maximum risk coverage.

API Testing Tricentis Tosca

Migrate SoapUI Tests to an Enterprise Testing Platform

If your team has already built SoapUI tests, you can automatically import them into Tricentis Tosca. The resulting Tricentis Tosca test cases are model-based, business-readable, and data-driven—facilitating test case maintenance and extension.

Once converted from SoapUI, those API test cases can be reused across multi-channel (mobile, cross-browser, packaged apps, etc.) end-to-end tests as well as complemented with exploratory testing. Moreover, you can take advantage of additional Tricentis capabilities such as synthetic test data generation, risk coverage optimization, service virtualization, test management, and analytics as you extend and optimize those tests.

SoapUI
Sprint

Facilitate Developer/ QA Collaboration on API Testing

Developers’ API testing artifacts are reused and extended to simplify and accelerate API test creation for QA. As developers perform quick sanity tests on the APIs they’re developing, key request/response pairs can be captured via Tricentis Tosca or the free standalone API Scan app. The developers’ efforts can then be automatically converted into business-readable Tricentis Tosca test cases for QA—jumpstarting the process and reducing the learning curve for QA.  If the team is already using SoapUI to check APIs as they’re developed, those tests can also be converted.

From that intuitive interface, even less technical testers and business analysts can easily review and extend the test cases (for example, with more data variations) without worrying about JSON, XML, or XPaths. A technical view is always available in case it’s desired for additional insight or debugging.

Supported Technologies for API Testing

Definition Languages

  • WSDL
  • XSD
  • WADL
  • JSON Schema
  • Swagger
  • OData Definition

Transport Protocols

  • HTTP(s)
  • JMS
  • Rabbit MQ
  • Active MQ
  • TIBCO EMS
  • AMQP (Advanced Message Queueing Protocol)
  • IBM MQ
  • NET TCP
  • TCP
  • UDP
  • OData Standard Protocol

Message Formats

  • XML
  • JSON
  • Text
  • URL-Encoded Parameters
  • Form-Data

Standards

  • SOAP
  • REST
  • ISO 20022
  • FIXML
  • SWIFT

Authentication:

  • Basic Authentication
  • Kerberos
  • SPNEGO
  • NTLM
  • OAuth 2.0