Application Programming

Interface
(API)
The client-server architecture or model is an application network separating tasks between clients and servers that
are either within the same system or need to communicate over a network.

In order to access the service provided by the server, the server-client sends the request to another program, which
runs a few programs that distribute work among the clients & share resources with them.
Client – The client can be any computer that requests something from the server. For example – visiting any website
we request the webpage from its domain. So here we act as a client.

Server – On the other hand, the Server is the computer that is designed to serve the requests to the client. For the
same example as above, the client asks for the webpage then the server responds with the webpage to the client.

Types of Client-Server Architecture

1-Tier Architecture

2-Tier Architecture

3-Tier Architecture
1-Tier Architecture

1 Tier Architecture in DBMS is the simplest architecture of Database in which the client, server,
and Database all reside on the same machine. A simple one tier architecture example would be
anytime you install a Database in your system and access it to practice SQL queries. But such
architecture is rarely used in production.
 2-Tier Architecture

A 2 Tier Architecture in DBMS is a Database architecture where the presentation layer runs on a client (PC,
Mobile, Tablet, etc.), and data is stored on a server called the second tier. Two tier architecture provides
added security to the DBMS as it is not exposed to the end-user directly. It also provides direct and faster
communication.
 3-Tier Architecture

A 3 Tier Architecture in DBMS is the most popular client server architecture in DBMS in which the
development and maintenance of functional processes, logic, data access, data storage, and user interface is
done independently as separate modules. Three Tier architecture contains a presentation layer, an application
layer, and a database server.
3-Tier database Architecture design is an extension of the 2-tier client-server architecture.
What is an API?
API is the acronym for Application Programming Interface. It is a software interface that allows two
applications to interact with each other without any user intervention.
APIs provides product or service to communicate with other products and services without having to know
how they’re implemented.
Advantages of API Services
➢ API supports traditional CRUD (Create Read Update Delete) actions as it
works with HTTP verbs GET, PUT, POST, and DELETE.

➢ API helps you to expose service data to the browser

➢ It is based on HTTP, which is easy to define, expose in REST-full way.

What is a Web Service?
A Web service is a collection of open protocols and standards which are widely used for exchanging
data between systems or applications.
Software applications are written using various programming languages and running on multiple
platforms. It allows you to use web services to exchange data over computer networks.
Types of Web Services
Web services should be implemented in various ways. The two types of widely used web services are SOAP and
REST web services.

SOAP (Simple Object Access Protocol )– SOAP is a protocol which was designed before REST came into the
picture. The main idea behind creating SOAP was to ensure that programs built on different platforms and
programming languages could securely exchange data.

REST (Representational State Transfer ) – This was designed specifically for working with components such as
media components, files, or even objects on a particular hardware device. Any web service which is defined on
the principles of REST can be called a RESTful web service. REST uses the normal HTTP verbs of GET, POST, PUT
and DELETE for working with the required components.
Advantages of Web Services
➢ Offers faster communications within and across organizations

➢ Each service exists independently of other services.

➢ Interoperability has the highest priority.

➢ Using Web services, your application helps you to publish its message or function to the rest of the world.

➢ Web services help solve interoperability issues by giving different applications a way to link their data.

➢ Web services help you to exchange data between different applications and different platforms.

➢ It allows applications to communicate, exchange data, and shared services among themselves.

➢ Web services are specifically designed to be used as a web page request and help you to receive data.
What is API Testing?
API testing is testing that APIs and its integration with the services. API testing is a type of software testing where
application programming interfaces (APIs) are tested to determine if they meet expectations for functionality,
reliability, performance, and security.

What to Test in API Testing?

➢ Validate the keys with the Min. and Max range of APIs (e.g maximum and minimum length)
➢ Have a Testcase to do XML,JSON Schema validation.
➢ Keys verification. If we have JSON, XML APIs we should verify it's that all the keys are coming.
➢ Verify that how the APIs error codes handled.

Why you should perform API Testing?

➢ Many of the services that we use every day rely on hundreds of different interconnected APIs, if any one of
them fails then the service will not work.
➢ Right now, Internet uses millions of APIs and they should be tested thoroughly.
What is REST API?
As REST is an acronym for REpresentational State Transfer, statelessness is key. An API can be REST if it follows the below
constraints.

1. Uniform Interface

2. Stateless

3. Cacheable

4. Client-Server

5. Layered System

6. Code on Demand
Uniform Interface
The uniform interface constraint defines the interface between clients and servers. In other terms, First constraint of the
REST API states that the Client and server has to communicate and agree to certain rules based on resources(they should
communicate with same resource like json, xml, html , txt) and with proper encoding like UTF-8 extra.

Stateless
APIs in REST are stateless and Client and server doesn’t worry about the state of the request or response.

Cacheable
According to the World Wide Web, clients can cache responses. Responses should therefore, implicitly or explicitly, define
themselves as cacheable. Its upto server when they want the cache to expired etc.
Client-Server

Client and Server are two different entity, It means that servers and clients may also be replaced and
developed independently, as long as the interface is not altered.

Layered System

It means that the between client and server there can be any number of layered systems it does not
matter

Code on Demand

Server can store the Code or logic to themselves and transfer it whenever needed rather client side logic.

If any API fulfill all the constraints then we can it REST API.
HTTP – Fundamentals
HTTP is an application layer protocol designed within the framework of the Internet protocol suite.

There is Client which perform a request resource which can be HTMLPage, file extra from Server and server
perform the response to the client back using the same protocol known as HTTP.

HTTP is a stateless protocol. In other words, the current request does not know what has been done in the
previous requests.
What is an Cookies?

Cookies are usually small text files, given ID tags that are stored on your computer's browser directory or
program data subfolders.

GET /spec.html HTTP/1.1

Host: www.example.org
Cookie: theme=light; sessionToken=abc123

➢ Record the user's browsing activity.

➢ Which pages were visited in the past.
➢ Contain the name of the domain & Lifetime.
What is Authentication?

➢ Authentication is a process of presenting your credentials like username, password or another secret key to the
system and the system to validate your credentials or you.

➢ In the API terms Authentication is used to protect the content over web mean only a valid user with valid
credentials can access that API endpoint.

➢ These credentials tell the system about who you are. Which enables the system to ensures and confirms a user’s
identity.
HTTP Methods explained

HTTP Methods Description

GET Request to read a Web page

HEAD Request to read a Web page’s header
PUT Request to Store a Web Page
POST Append to a named resource (e.g ..,Web Page)
DELETE Remove the Web Page
TRACE Echo the incoming request
CONNECT Reserved for future use
OPTIONS Query certain options
HTTP Request

1) The GET method requests a representation of the specified resource. Requests using GET should only
retrieve data.
2) The HEAD method asks for a response identical to a GET request, but without the response body.

3) The POST method submits an entity to the specified resource, often causing a change in state or side
effects on the server.
4) The PUT method replaces all current representations of the target resource with the request payload.
5) The CONNECT method establishes a tunnel to the server identified by the target resource.

6) The DELETE method deletes the specified resource

7) The PATCH method applies partial modifications to a resource