Postman

Postman is a platform to build, test, design, modify, and document APIs. It simplifies each step of the API lifecycle. You can run tests from design level (with mock server) to implementation.

Install Postman

https://www.postman.com/downloads/

Documentation to start : https://learning.postman.com/docs/getting-started/introduction/

How to start

  • You can import existing collection (most often as json file).
  • You can create a new collection.

If you start with a new API you can import OpenAPI specification. The collection will be divided into folders according to the endpoints hierarchy. Postman uses the schemas defined in the OpenAPI to generate request and response bodies.

Import specification

When setting up a new collection, define environment variables (environment variables are higher in the hierarchy).

Set authorization methods: Bearer token. Add TOKEN to the collection variables.

Authorization

Token from Keycloak

Token can be gained in two ways:

  • Calling Keycloack API : {{server}}/auth/realms/{{realm}}/protocol/openid-connect/token

    Set variables:

    • server: Keycloack server address

    • user, password: for Keycloak user

    • realm: Keycloak realm

    • client_id: Keycloak client

Variables

Add variables to the request body:

Request body

Save the token received by the API (Test section):

Token

Call this request to get and save a token, next calls will use it for authorization. If you set Authorization on collection level, you can set the type of requests authorization as “Inherit from parent”.

  • Logging to Keycloak

Define Authorization on the collection level:

Authorization

If you click Get New Access Token you can log on to Keycloak application and if logging ends with success you will receive the token:

Authorization

Testing

Create requests - organize them into folders. Add assertions. Use variables to simulate more sophisticated scenarios.

  • Validate response status.
 pm.test("Should verify status code", () => pm.response.to.have.status(200))
  • Validate response schema.

If you have response example you can generate schema from it using one of the on-line tools (e.g. https://easy-json-schema.github.io/).

let resBody;

const schema = {
    "type": "object",
    "properties": {
        "data": {
            "type": "object",
            "properties": {
                "contactExist": {
                    "type": "boolean"
                },
                "contactPerson": {
                    "type": "string"
                },
                "email": {
                    "type": "string"
                },
                "phone": {
                    "type": "string"
                },
                "mobile": {
                    "type": "string"
                },
                "isEditable": {
                    "type": "boolean"
                }
            },
            "required": [
                "contactExist",
                "contactPerson",
                "email",
                "phone",
                "mobile",
                "isEditable"
            ]
        }
    },
    "required": [
        "data"
    ]
}

//Tests-------
pm.test("Should be validated by schema", () => pm.response.to.have.jsonSchema(schema))

https://learning.postman.com/docs/writing-scripts/script-references/test-examples/

Try to test all sad and happy paths.

When tests are ready you can run them by collection, folder or individual one.