Skip to main content
Specialized Testing

What Is API Testing?

API testing is the practice of verifying that application programming interfaces work correctly by sending requests directly to endpoints and validating responses for functionality, reliability, performance, and security.

Start a Free Mock Interview

Free to start · 7-day trial on paid plans

In Depth

API testing operates at the service layer, bypassing the UI to test business logic directly. This makes it faster, more stable, and more targeted than E2E testing. A comprehensive API testing strategy covers functional testing (correct responses for valid inputs, appropriate errors for invalid inputs), contract testing (response schema matches the documented specification), security testing (authentication, authorization, injection attacks, rate limiting), performance testing (response times, throughput under load), and negative testing (malformed requests, missing required fields, boundary values).

For REST APIs, testing involves verifying HTTP methods (GET, POST, PUT, DELETE), status codes (200, 201, 400, 401, 404, 500), response bodies (JSON schema validation, data correctness), headers (content-type, cache-control, CORS), and idempotency. For GraphQL, testing focuses on queries, mutations, error handling, N+1 query detection, and depth limiting.

Tools like Postman (manual and automated), REST Assured (Java), SuperTest (Node.js), and pytest with requests (Python) are industry standards. Many teams maintain Postman collections or OpenAPI specifications as the source of truth for API behavior, enabling automated contract validation.

Why Interviewers Ask About This

API testing is critical for SDET roles and increasingly expected for QA generalists. Interviewers ask about it to assess your ability to test beyond the UI and understand system architecture.

Example Scenario

A POST /orders endpoint should return 201 with the order ID for valid requests. API tests verify: valid request returns 201, missing required field returns 400 with a descriptive error, expired auth token returns 401, insufficient inventory returns 409, and the response body matches the OpenAPI schema. This set of tests covers the main scenarios in under a second.

Interview Tip

Discuss the types of API tests you write (happy path, error handling, schema validation, security). Mention specific tools and how you organize API test suites for maintainability.

Related Terms

Explore related glossary terms to deepen your understanding.

Contract TestingContract testing is a technique that verifies that two services (a consumer and a provider) can communicate correctly by testing each side independently against a shared contract that defines the expected request and response structure.
Mocking vs StubbingMocking and stubbing are both techniques for replacing real dependencies with test doubles, but stubs provide canned responses to calls while mocks additionally verify that specific interactions occurred.
Load TestingLoad testing is the practice of simulating expected or peak user traffic against a system to verify that it meets performance requirements (response time, throughput, error rate) under realistic load conditions.
Test PyramidThe Test Pyramid is a testing strategy that prescribes a large base of fast, isolated unit tests, a smaller middle layer of integration tests, and a thin top layer of end-to-end tests.
Data-Driven TestingData-driven testing is a test automation approach where the same test logic is executed multiple times with different input data sets, separating test data from test scripts.

Related Resources

Dive deeper with these related interview prep pages.

API Tester Interview PrepAPI Testing Resources & ToolkitsPostman Interview QuestionsREST Assured Interview QuestionsAPI Testing Tools QuestionsSDET Interview PrepQA Mock Interview PracticeTop 20 QA Interview Questions (2026)

Ready to Ace Your QA Interview?

Practice explaining api testing and other key concepts with our AI interviewer.

Join 1,200+ QA engineers already practicing with AssertHired.

Start Your Free QA Interview

Free to start · 7-day trial on paid plans

Written by Aston Cook, Senior QA EngineerLast updated: March 2026