<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=490755098261949&amp;ev=PageView&amp;noscript=1">

NEW CASE STUDY: How we built top-rated shopping apps for Crate & Barrel and CB2 :app:

Close Bar

Building Better Mobile Apps With API Response Validation

Nadeem Shaikh
Author
Nadeem Shaikh
Published On
Sep 30, 2024
As QA professionals, it's our job to ensure the quality and reliability of mobile apps. One crucial technique in every QA professional’s toolbox is API response validation. Dissecting server responses into smaller components streamlines the process of scrutinizing each element and validating the expected output.
Here’s what to expect from this blog post:
 👉   An introduction to the fundamentals of API response validation


 👉   The impact and advantages of integrating API response validation into the mobile app development process


 👉   An exploration of various methods and tools for conducting API response validation


 👉   An introduction to status codes and their significance in API responses

Understanding API Response Validation

API response validation involves verifying whether an API's response aligns with the specified set of criteria. This process ensures the API functions as intended, returning the correct data in the appropriate format. API response validation helps developers spot problems or mistakes in the API's answer faster, making it easier to fix them.

The validation process involves comparing the API response against predefined rules and standards to check if it meets the expected criteria. These rules and standards can include data types, data formats, response codes, headers, and more.

There are numerous tools and frameworks available for API response validation, including JSON Schema, Swagger, Postman, and more. These tools help to automate the validation process and provide detailed feedback on any errors or issues detected.

The Impact of API Response Validation

Proper API response validation can ensure a mobile app’s reliability and performance. Here's how:

 ✅   Ensures accurate and complete data from your API


 ✅   Provides consistent API responses


 ✅   Handles errors in a consistent, predictable manner


 ✅   Secures your API, preventing sensitive data exposure


 ✅   Scales your API to handle large data volumes


 ✅   Guarantees API availability


 ✅   Makes your API easy to use and understand


 ✅   Ensures reliable and expected API performance


 ✅   Guarantees compatibility with other applications and systems


 ✅   Assists in troubleshooting and improving API quality

 

Methods for API Response Validation

There’s more than one way to validate API responses. Common methods include:

Checking the status code: This indicates whether the API is functioning correctly.

Checking the response time: This provides insights into the API's performance.

Checking the data: This validates the accuracy of the data returned by the API.

Validating API response data is critical for preventing errors and unexpected results in your application. You can use online JSON validators or create custom validation code to ensure the correct response data format.

API_02

The Importance of Status Code Testing

API_Image

Status codes are three-digit numbers returned by a server in response to a client's request, indicating the request's success or failure. Testing status codes is crucial for several reasons:

Ensures the API is working correctly


Identifies issues with the request


Improves user experience


Enhances API security

Overall, testing status codes ensures successful projects and better experiences for clients and users.

Understanding Status Codes

The origin of API status codes isn’t entirely clear, but they were first popularized by Roy Fielding in his 2000 doctoral dissertation. They provide information about whether a request was successful or if an error occurred. API status codes can be categorized into:

1xx: Informational responses


2xx: Successful responses


3xx: Redirection messages


4xx: Client error responses


5xx: Server Error response

Some commonly seen API responses include:

200 OK - The request was successful.


400 Bad Request - The request wasn't formatted correctly.


401 Unauthorized - The request wasn't authenticated.


403 Forbidden - The user doesn't have necessary permissions.


404 Not Found - The requested resource wasn't found.


500 Internal Server Error - There was a server error.

Essential Postman Scripts for API Validation

Here are some universal checks you can use for validation in Postman scripts:
   For Status Code Validation : Where you need to check for valid case 200 :

pm.test("Status code is 200", function () {

pm.response.to.have.status(200);

});

 

✨   Script / test to validate response schema:

Here is an example schema: 

var schema =

{

  “type”: “object”,

  “properties”: {

    “sessionId”: {

      “type”: “string”

    },

    “firstName”: {

      “type”: “string”

    },

    “lastName”: {

      “type”: “string”

    },

    “email”: {

      “type”: “string”

    },

    “phone”: {

      “type”: “string”

    },

    “additionalItems”: false <- If this is false it will validate there are no additional Items expected in response

  },

  “required”: [ <- The values under required states they are mandatory values

    “sessionId”,

    “firstName”,

    “lastName”,

    “email”,

    “phone”

  ],

  “additionalItems”: false <- If this is false it will validate there are no additional Items expected in response

}

 

✨   For response value assertion:

pm.test("Verify the first name in response", function () {

   pm.expect(responseJson.firstName).to.be.equal(pm.collectionVariables.get("firstName"))

});

 

✨   For response time assertion:

pm.test("Response time is less than 200ms", function () {

pm.expect(pm.response.responseTime).to.be.below(200);

});

 

✨   For comparing a value from the response body:

pm.test("Body matches string", function () {

   pm.expect(pm.response.text()).to.include("string_you_want_to_search");

});

 

Wrapping Up

Proper API response validation ensures the quality and reliability of APIs and helps maintain the security and integrity of their data. As we continue to rely on APIs for robust mobile app development and testing. Every QA professional should understand how to implement these validation practices.
Let's Chat

Need a digital product expert in your corner?

Get In Touch

Or email us:

hello@heady.io