Postman

How to use POSTMAN tool for testing WebAPI

This article is about testing WebAPI using Postman tool.It is one of the important topics in programmers world.Normally most of the programmers think about testing webapi using postman.They have lots of questions mind like "How to pass get request of webapi to postman tool" and in turn what they will receive i.e response. The postman tool consists of "Collections","APIS", "Environments" in the LEFT SIDE PANE.The right side pane is use to send or receive webapi request.
Collections: The user can create new collections for storing all the request APIs.

In the right side pane just click "+" symbol to create a new request

The programmers mostly use the below tabs to test WebAPI.

PAYLOAD:

In simple terms, the payload is an information that you send and receive from the server.The body of your http request and response message.The payloads are identified using curly braces "{}".

JSON PAYLOAD:

For Eg:- This is the simple JSON payload which you are passing to server.Here emailid and password are passed through JSON payload and it will be look like the below one.


                                   {
                "Email":'usmtechworld@gmail.com',
                "password":'xxxx'
                }

XML PAYLOAD:


                                   {
                <email"> 'usmtechworld@gmail.com' </email">,
                <password"> 'xxxxx' <password">,
              
                }

OVERHEAD DATA:


                                   {                                       {
                        "status":"OK",
                        "data":
                            {
                                "message": "Login Successful"
                            }
                }

In the above example,The real payload is "Login Successful" and remaining thing such as data,status are overhead data.

Authorized way of using APIS:

Mostly clients wants their api to be authorized.For eg:- i have a product called usmtechworld.If any third party client needs to access my product then they need to get authorization from my product in the form of "accessToken".If the client has my accesstoken then only they can access my other APIs such as getproducts,getauthors etc from my resource API.
To get "Accesstoken" from my usmtechworld product, the client needs to send their credentials such as emailid,password,granttype and whatever other additional securities needed to access my resource api.

What are the things get passed in the Headers and Body of Get Request

Sample Access token API:


                                    REQUESTS:

                https://usmtechworld.com/usmidentity/connect/token    

                Headers:

                content-type: application/x-www-form-urlencoded


                Body:

                select "Raw" option and give following 

                username='usmtechworld@gmail.com'&password='xxxx'&grant-type=password

and it will give response as

RESPONSE:


                                    "access_token":"dfdfdsfsdfdsf4fggfghfgdsffdstgner4w36754",

                "expires_in":"20/3/2022"

and you can send whatever extra parameter you need in response.