Answers for "how to use a API"

how is an api made

The first step in creating an API is designing the API. You want to know what problems your API needs to solve, then determine what endpoints and data are needed. ... So, with your team by your side, you begin to plan out your API. The endpoints (or resources) you choose are the foundation of an API.

what is an api

=> On a bare minimum explanation, API are function prototypes which enable the
   user to use the functionality of any component by making a function call 
   without revealing the internal workings of the component.

=> It is a mode of abstraction from the lower layers of software stack , so as 
   to only provide service when needed for higher layers.

=> An API can manifest in many forms, it can be a simple function call in C,
   it can be web service API such as Twitter or FB API, it can be a library call
   to OS kernel, or can be an interrupt routine.


=> API can be just a standalone call or in form of libraries. API are part 
   and parcel of software interaction and data transfer.

Hope this clarifies.

what is an api

An application programming interface (API) is a computing interface which
defines interactions between multiple software intermediaries.

It defines the kinds of calls or requests that can be made, how to make them,
the data formats that should be used, the conventions to follow, etc.

how do you implement api

My PROCESS TO IMPLEMENT API
First of all
1. Checking API Contract
An API is essentially a contract between the
client and the server or between two applications.
Before any implementation test can begin,
it is important to make sure
that the contract is correct. 
a.	Endpoints are correct,
b.	Resource correctly reflects the object
model (proper JSON/XML structure used in response),
c.	There is no missing functionality
or duplicate functionality, 
d.	Relationships between resources
are reflected in the API correctly. 
Since I have  verified the API contract,
I am ready to think of what and how to test. 
2. Creating test cases
I mostly create the following test case groups:
a.	Basic positive test (happy paths)
b.	Extended positive testing with
optional parameters
c.	Negative testing with 
valid input (trying to add an existing username)
d.	Negative testing with invalid
input (trying to add a username which is null)
e.	Destructive testing 
(sending null, empty string, integer
or other types, odd date format, deleting necessary parameters)
f.	Security, authorization, and
permission tests (sending valid or 
invalid access tokens to permitted or unpermitted endpoints)
3. Executing test cases
For each API request I need to verify some items like:
a.	Data accuracy: Check the request and
response body whether those are as
written on API documentation in terms
of data type and data structure.
b.	HTTP status code: For example,
creating a resource should return 201
CREATED and unpermitted requests 
should return 403 FORBIDDEN, etc.
c.	Response headers: HTTP server 
headers have implications on both 
security and performance.
d.	Response body: Check valid JSON
body and correct field names, types
, and values - including in error responses.
e.	Authorization checks: Check authentication
and authorization
f.	Error messages: Check the error code 
coverage in case API returns any error
g.	Response time: Implementation of response timeout
4. Test flows
We need to implement the next test flow
if previous flow is success:
a.	Single-step workflow: Executing a 
single API request and checking the
response accordingly. Such basic tests
are the minimal building blocks
we should start with, and there’s no
reason to continue testing if these tests fail.
b.	Multi-step workflow with 
several requests: For example, 
we execute a POST request that creates
a resource with id and we then use this
id to check if this resource is present
in the list of elements received by a GET request.
Then we use a PATCH endpoint to update
new data, and we again invoke a GET request
to validate the new data. Finally, 
we DELETE that resource and use GET
again to verify it no longer exists.
c.	Combined API and UI test:
This is mostly relevant to manual testing, 
where we want to ensure data integrity
between the UI and API. We execute requests
via the API and verify the actions through
the UI or vice versa. The purpose of these
integrity test flows is to ensure that although
the resources are affected via different 
mechanisms the system still maintains expected 
integrity and consistent flow.