API usage is increasing considerably representing themselves as an entire vertical. Traditionally, APIs were developed and implemented internally. However, the present date APIs are sold in marketplaces reducing businesses to reinvent the wheel in implementing everything ground up.
This is a piece of good technological progress for software testers, why?
Sooner or later in the testing journey, one will come across testing APIs from close proximity and you just cannot ignore or move on without getting your hands on them. The APIs are now growing beyond boundaries and presenting themselves in a wider arena in marketplaces. This opens up pandora’s box with a spectrum of opportunities for the software testing community.
One can make their career entirely dedicated to the API realm, by up-skilling in all aspects of handling APIs right from its inception to delivery. Most passionate software testers often ask me about how to start the journey with APIs and move forward with the same. To reach a goal you have to start somewhere and to start you need a plan.
So what is the plan?
Start by reading the API documentation, there are several ways to propagate the documentation of API.
The documentation specifies all the details relevant to effectively using the API. For all APIs, it is important to specify the functions, classes, return type, arguments, etc it is even more important for customer-facing APIs.
Why is documenting APIs important?
- Documentations help in increasing awareness and reducing the overall onboarding costs.
- Support and Maintenance can be offloaded to the documentation saving time.
- This ease brings higher user adoption.
There are multiple tools available in the market for API documentation purposes Postman, Swagger, Theneo, Stoplight, apiDoc, etc. A fundamental understanding of what is expected in the market from a documentation perspective is in itself a good start to getting familiar with APIs.
What should I learn about API documentation?
- Digital tools/hubs available to document
- Formats of documentation
- Migrating existing documentation to new systems
- Compliance for documentation (especially in trading, banking, and Enterprise APIs), etc
Good progress would be to pick up an understanding of executing the APIs. By and large, at this stage, the APIs will remain black-box and all you have to do is understand how to trigger an API. At this stage, you will start learning more about the API structure, verbs, response formats, URI structure, statuses, authorizations, etc. This is the juicy part and most crucial part of the API testing journey.
The rest of your journey with APIs is dependent on how strong you build the understanding at this stage.
Spend as much time possible to get a deeper understanding of the technical concepts and implementation.
Do I have to learn programming to test API?
Digesting a code walkthrough always comes in handy, however, at this stage, you can still get away without having to dive deeper into the programming aspects. Thanks to the plethora of low-code/no-code tools available in the market which assists you in testing the APIs.
Invest your time in digging out various scenarios against APIs. The wiser technique is to first execute it as-is and get to know what a particular API is expected to do. Once you have the hold and understanding of the API extend yourself in identifying all possible surrounding scenarios to strengthen the API.
Tip: Always use the open APIs for your learning purposes. Twitter, Facebook, Instagram, etc are the platforms that openly provide APIs to integrate with their platform. APIs available for learning/training purposes is a good start, but they will fail to give a good exposure with regards to authorization concepts as most of these test APIs are restricted to GET operation.
The idea is to dive deeper and touch the bed of the ocean.
Assuming you have reached the place where APIs are no more intimidating but rather appear more friendly, The moment is ripe to slowly dive into programming. As you continue the journey the obvious path is to choose to specialize in one area or all areas of the API lifecycle depending on the learning appetite.
Specializations demand technical expertise and a deeper understanding of the code structure and implementations. Many test engineers stop exploring any further opportunities due to the challenge of diving deep programmatically.
The one who loves to base themselves technically longer in their career has little or no choice but to specialize at some point. When it comes to APIs the choices are
- Authorization and Security test
- Penetration tests
- Performance tests
- Compliance tests
Except for “Compliance ” which demands the knowledge of regulations and taste of business, the rest of the specialization demands the knowledge of software coding. Extending the understanding with supportive tools and technologies will be an inherent requirement and understanding from this role.
Which one should I pick?
There is no one above the other, all the 3 specializations are equally in demand right now and may stay in demand for the coming decade.
Should I have to specialize in all the areas?
The beauty of specializations is you can dive as deeper as you wish to. But this may need a tremendous amount of effort and focus to survive.
This is the only piece that stands out and falls mostly to the devOps field. Unless you have plans to make a carer in DevOps production monitoring of APIs may not fall in your lap of responsibility. Most businesses make use of cloud tools to keep track of their production APIs. In case of any issues are detected, development teams are informed about the failures and fixed within the SLAs defined.
However, if you are in a pre-startup or start-up setup, there will be an opportunity for you to dive into the production monitoring of the APIs. In large-scale Enterprise organisations, this opportunity is hard to come by unless you make a career choice towards Ops.
APIs are the future and you see them everywhere, there is no way one can plan their career in the IT industry without having to interact with APIs. Every role in close proximity to the application development will be impacted directly or indirectly. Instead of feeling terrorized make friends with the API concepts.
APIs provide a wonderful opportunity to all those technically inclined and would love to remain in such roles with generous pay.
Leave a Reply