Introduction

This post has been created to provide a short and comprehensive guide on how to use Postman. Without this tool, a QA might not be able to live long and prosper during the troubled times a Sprint could lead to.

What is Postman?

Postman is a tool used in development, as well as in testing and it might be one of the most powerful tools a QA could use. It comes in handy when there is no UI (yet) or when we simply want to validate an API by testing all sorts of values and fields. You can send a request and examine the response without using a terminal (yay!).

What do I need?

Download Postman from their official Website – https://www.postman.com/downloads/ . Install and set it up based on the recommandations.  When you are done, scroll down and let’s see what we can do!

Getting started:

Let’s briefly go through the UI first:

Screenshot 2020 03 20 at 20.37.59

I’ve marked the sections we need to pay high attention to. Here’s a short description of each part:
1 – The drop-down will let you select the Method (e.g. GET, POST, PATCH, etc.);
2 – This text box is where we enter the URL we need to make the request to;
3 – The “Send” button will perform our request;
4 – This section is where more “details” can be added. We can include a body for POST requests, for example, or maybe some Headers;
5 – In this section, we can see the response. On the top right side of this part, we’ll see the status code, the size of the request and the time it took the request to be completed.

Now, what will we do with this information? For starters, we can change the Method. The most common methods used are POST, GET, PATCH and DELETE. Most of the GET requests do not require a body, although the other methods, in most cases, do. Also, not all the endpoints support all the possible methods.

Furthermore, we can add Parameters, Headers, different types of Body or Authentication details. This will require a little bit more knowledge as of what a request needs and how it genuinely works. Maybe your endpoint will not return a 200 status code without a proper Authentication. That’s what you’ll have to find out!

Copy as cURL:

This guide could not be complete without presenting the Import – Paste Raw Text function which will come in handy if you need to quickly test a request and you don’t know where to start.

Here are some steps:

  1. Open the DevTools of your testing browser and go around the request – you’ll need to identify it.
  2. Right click on your request and click on “Copy as cURL”.
  3. Now, go to Postman, click on “Import”, select “Paste Raw Text”, paste your request there and click on the “Import” button.

From this step forward, the sky is the limit. And the non-200 status codes for which you’ll want get ready to add tickets.

Tips for QA:

  • After performing a POST, do a GET and check the response. It should contain all the data from the POST request – this is the quickest way to check if the endpoint works as it should;
  • Edit and change the JSON to try to trick/break the client;
  • If the validation on the Backend side works, make sure to check it on the Frontend side as well – the validations on both sides should match;
  • Define and use Variables – this will let you quickly adapt a whole bunch of requests or tests that suffered changes;
  • Group and organise your requests using Folders and Sub-folders under Collections section;
  • Integrate Tests to quickly assess every response, request and body;
  • Add Scripts and use the Runner to create the most successive test suite.

Conclusions:

  • Postman is a day to day tool to any developer and a great helper to any QA.
  • Learning, discovering and using Postman not only will be quick and easy, but will come in handy sooner than you think;
  • Postman allows for repeatable and reliable tests that can be automated and used in a variety of environments;
  • Even though, at the beginning, creating an API test suite looks like it’s a titanic work, it will pay off in the end;