- Validate status code
- Validate payload
- Validate state
- Validate headers
- Performance sanity
01 Validate status code
1. All requests should return 2XX HTTP status code
2. Returned status code is according to type of HTTP request:
<> 200 OK for GET requests
<> 201 for POST or PUT requests creating a new resource
<> 200, 202, or 204 for a DELETE operation and so on
02 Validate payload
1. Response is a well-formed JSON object
2. Response structure is according to data model
<> schema validation: field names and field types are as expected
<> including nested objects
<> field values are as expected
<> non-nullable fields are not null, etc.
03 Validate state
1. For GET requests, verify there is NO STATE CHANGE in the system
2. For POST, DELETE, PATCH, PUT operations
<> Ensure action has been performed correctly in the system
<> Performing appropriate GET request and inspecting response
<> Refreshing the UI in the web application and verifying new state (only applicable to manual testing)
4 Validate headers
Verify that HTTP headers are as expected, including contenttype, connection, cachecontrol, expires, accesscontrol-allow-origin, keep-alive,
and other standard header fields – according to HTTP request type.
05 Performance sanity
Response is received in a timely manner with respect to time expected for each request process time. Discuss with Dev team or PO.
Negative Scenarios
1. Missing or invalid authorization token
2. Missing required parameters
3. Invalid value for endpoint parameters
4. Invalid UUID in path or query parameters
5. Payload with invalid model (violatesschema)
6. Payload with incomplete model (missing fields or required nested entities)
7. Invalid values in nested entity fields
8. Invalid values in HTTP headers
9. Unsupported methods for endpoints
10. Wrong content-type in payload
No comments:
Post a Comment