In today’s software development processes, test automation plays a critical role. Especially when it comes to ensuring the reliability and functionality of APIs, test automation is indispensable. In this article, I will talk about what test automation is and how to write API tests using the RestAssured library. 

Figure 1: API Automation Testing Using REST-assured with Java  

What is Test Automation? 

Test automation is the practice of using automated tools and scripts to execute software testing processes instead of performing them manually. The main goal is to run repetitive tests quickly and reliably, accelerate the testing cycle, and minimize errors. It helps improve quality while saving both time and cost. 

Figure 2: Manual Testing Vs Automation Testing

What is RestAssured? 

Figure 3: The Role of API Testing in Software Development 

RestAssured is a Java-based API test automation library designed to simplify the validation of RESTful web services. It is a powerful and flexible tool that is widely used in API test automation. Supporting data formats such as JSON and XML, it allows easy handling of both HTTP and HTTPS requests. 
 
RestAssured can be seamlessly integrated with popular testing frameworks like JUnit and TestNG. It supports all HTTP methods, including GET, POST, PUT, and DELETE. What sets RestAssured apart from other libraries is its built-in support for the Behavior-Driven Development (BDD) approach. Additionally, it enables flexible response validations using the Hamcrest Matchers library. 

Figure 4: RestAssured Flowchart 

Setting Up RestAssured 

To start using RestAssured, you need to add the RestAssured library to your project using a build management tool such as Maven or Gradle. 
If you’re using Maven, simply add the following dependency to your pom.xml file: 

Figure 5: RestAssured Dependency in the pom.xml File 

Using RestAssured 

To start using RestAssured, you first need to import the necessary libraries. 

Figure 6: Importing Required Libraries in Java 

Now, let’s write test scenarios using RestAssured that cover basic CRUD operations with the JSONPlaceholder API. 
JSONPlaceholder is a test API that works with mock data and is commonly used for testing purposes. 

1.Retrieving User Information with a GET Request 

This test retrieves the information of a specific user using a GET request and performs validations to ensure the user exists and the returned data is accurate. 
It verifies that the HTTP response status code is 200 and checks the correctness of the user information. 

Figure 7: Retrieving User Information with a GET Request 

Let’s go over the functions used in this example step by step: 
• RestAssured.baseURI - This defines the base URI of the API being tested. 
• given() - This step sets up the preconditions or prerequisites of the test. It is used to specify parameters or headers required before making the request. For example, configuring the base URI, setting request headers, or defining query parameters. 
• when() - This represents the action phase of the test. Here, HTTP methods like GET, POST, PUT, and DELETE are used to make the actual request. 
• then() - This phase verifies the outcome of the request and checks whether the response meets the expected conditions. It validates things like the response status code, the response body content, and the presence of specific data. Using statusCode and body, the status and content of the response are validated. 
• statusCode(200) - This asserts that the HTTP response status code should be 200 (OK). 
• extract() - This is used to extract the response as a Response object. This object allows for further validation or manipulation of the response data during the test. For example, it can be used to retrieve specific values from the response body, check headers, or pass data to subsequent test steps. 

2. Creating a New User with a POST Request 

This test creates a new user using a POST request and validates the response content. 
Although the JSONPlaceholder API does not actually persist the data, we still receive a successful response. 

Figure 8: Creating a New User with a POST Request 

3. Updating User Information with a PUT Request 

This test updates an existing user using a PUT request and validates the response content. 
In the JSONPlaceholder API, the update operation is accepted, and the test returns a status code of 200. 

Figure 9: Updating User Information with a PUT Request 

4. Deleting a User with a DELETE Request 

This test deletes a specific user using a DELETE request and verifies the response status code. 
While the JSONPlaceholder API doesn’t actually remove the data, it still returns a success status (200 or 204). 

Figure 10: Deleting a User with a DELETE Request 

More Advanced Test Scenarios 

Now, let’s go beyond basic CRUD operations and write more comprehensive test scenarios—such as error handling, data validation, and performance testing—to explore different aspects of API testing. 
With these examples, we can test how the API responds to various conditions, including error cases and filtering scenarios. 

5. Response Time Performance Check 

This test checks the response time of a specific request. 
To ensure the API is performing efficiently, we verify whether it responds within a predefined time limit. Performance is a critical factor, especially for real-world APIs. 

Figure 11: Response Time Performance Test 

 
6. Filtering Posts by a Specific User 

This test filters posts by a specific user using the userId parameter and performs validation. 
This allows us to verify that only the results belonging to the specified user are returned. 

Figure 12: Filtering Posts of a Specific User 

7. Testing Error Handling with an Invalid ID 

This test checks how the API responds to an invalid request by sending a GET request with a non-existent ID and verifying that it returns a 404 error. 

Figure 13: Error Scenario Test with Invalid ID (404) 

8. Sending a POST Request with Incorrect Data Type 

It’s important to verify whether an API returns the appropriate error message when it receives unexpected data types. 
For example, we can send an invalid POST request by providing a numeric value in a field that expects an email address.