Scribd
Upload
24 views

Masteringpostman Sample

Uploaded by

Miloš Ristić
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
24 views

Masteringpostman Sample

Uploaded by

Miloš Ristić
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 14

Mastering

Postman
Copyright © 2023 GitforGits
All rights reserved.
Content

Preface ................................................................................................................................ xiv


CHAPTER 1: API LIFECYCLE AND POSTMAN ......................................................... 1
Understanding API Lifecycle ........................................................................................ 2
API Design ....................................................................................................................... 3
API Development ........................................................................................................... 3
API Testing....................................................................................................................... 3
API Deployment.............................................................................................................. 3
API Monitoring................................................................................................................ 4
API Versioning ................................................................................................................ 4
API Retirement ................................................................................................................ 4
Introduction to Postman ................................................................................................. 4
Postman's Capabilities..................................................................................................... 5
Applications of Postman ................................................................................................ 6
Install and Configure Postman ..................................................................................... 6
Download Postman ......................................................................................................... 7
Install Postman ................................................................................................................ 7
Launch Postman .............................................................................................................. 7
Create/Sign-In Postman Account................................................................................. 7
Configure Postman.......................................................................................................... 7
Create New API Project .................................................................................................. 8
Create New Workspace .................................................................................................. 8
Create API Specification................................................................................................. 9
Add Requests for Each Endpoint ................................................................................. 9
Test API Endpoints ........................................................................................................ 9
Save API Project ............................................................................................................ 10
Explore Postman's Interface........................................................................................ 10
Main Interface Components ........................................................................................ 10

iii
Header .............................................................................................................................. 11
Sidebar.............................................................................................................................. 12
Request Builder............................................................................................................... 12
Response Viewer ............................................................................................................ 13
Additional Features and Tools ..................................................................................... 14
Environments and Variables ........................................................................................ 14
Mock Servers................................................................................................................... 14
Monitors .......................................................................................................................... 14
API Documentation ...................................................................................................... 15
Collaboration and Sharing............................................................................................. 15
Integrations ..................................................................................................................... 15
CHAPTER 2: API DESIGN ..................................................................................... 16
Principles of API Design ............................................................................................... 17
Apply Consistent and Meaningful Naming ................................................................ 17
Embrace RESTful Principles........................................................................................ 17
Use JSON for Request and Response Bodies............................................................ 17
Version the API .............................................................................................................. 18
Support Pagination, Filtering, and Sorting ................................................................. 18
Do Clear and Comprehensive Documentation ......................................................... 18
Implement Proper Authentication and Authorization ............................................. 18
Define API Endpoints .................................................................................................... 19
REST API Endpoints .................................................................................................... 19
SOAP API Operations (Endpoints)............................................................................ 20
Write API Endpoints with Python and Flask .......................................................... 21
Install Flask ..................................................................................................................... 21
Create New Python File ................................................................................................ 22
Write Flask Application ................................................................................................. 22
Run the Flask Application............................................................................................. 22
Test the API Endpoint .................................................................................................. 23
Create Request and Response Schema ..................................................................... 23

iv
Open Postman ............................................................................................................... 23
Add New Example ........................................................................................................ 23
Edit Example's Name ................................................................................................... 24
Define Request Schema ................................................................................................ 24
Define Response Schema ............................................................................................. 24
Save the Example .......................................................................................................... 25
Document APIs using OpenAPI ................................................................................ 25
Choose Format (JSON or YAML) ............................................................................. 26
Create OpenAPI Definition File ................................................................................. 26
Define Basic API Information .................................................................................... 26
Define API Server ......................................................................................................... 26
Define API Endpoints .................................................................................................. 26
Define Data Models (Schemas) ................................................................................... 27
Validate and Test OpenAPI Definition ..................................................................... 29
Use Mock Servers for API Design .............................................................................. 29
Install Mockoon ............................................................................................................. 30
Create New Mock Server.............................................................................................. 30
Define API Endpoints .................................................................................................. 30
Define Endpoint's Response ....................................................................................... 30
Start Mock Server .......................................................................................................... 31
Test the API using Postman ........................................................................................ 31
CHAPTER 3: API DEVELOPMENT ........................................................................ 32
Code Backend for API ................................................................................................... 33
Writing Backend Code using Python.......................................................................... 33
Create and Configure Local Server ............................................................................ 36
Manage Authentication and Authorization ............................................................. 37
Testing Basic Authentication ....................................................................................... 37
Testing API Keys........................................................................................................... 38
Checking OAuth 2.0 ..................................................................................................... 38
Write Code for Error Handling ................................................................................... 39

v
Implement Error Handling in Backend ...................................................................... 39
Simulate Error Scenarios ............................................................................................... 39
Refine Error Handling Code ........................................................................................ 40
Test API Endpoints......................................................................................................... 40
Launch Postman ............................................................................................................. 40
Create New Collection .................................................................................................. 40
Create Requests for Each Endpoint ............................................................................ 41
CHAPTER 4: API TESTING ................................................................................... 43
Types of API Testing ...................................................................................................... 44
Functional Testing.......................................................................................................... 44
Performance Testing ...................................................................................................... 44
Security Testing .............................................................................................................. 44
Reliability Testing ........................................................................................................... 44
Compatibility Testing..................................................................................................... 44
Documentation Testing................................................................................................. 45
Different APIs Tested using Postman ....................................................................... 45
REST (Representational State Transfer) ..................................................................... 45
SOAP (Simple Object Access Protocol) ..................................................................... 45
GraphQL ......................................................................................................................... 45
gRPC (gRPC Remote Procedure Calls) ...................................................................... 45
WebSockets ..................................................................................................................... 46
Postman's Testing Capabilities ................................................................................... 46
Test Scripts ...................................................................................................................... 46
Runner ............................................................................................................................. 46
Mock Servers................................................................................................................... 47
Monitoring....................................................................................................................... 47
Integrations ..................................................................................................................... 47
Test REST API using Python ...................................................................................... 48
Handle API Testing Scenarios..................................................................................... 50
XML Schema Validation ............................................................................................... 50

vi
JSON Schema Validation ............................................................................................. 51
Verify Parsing the Response Data............................................................................... 53
Valid Response Headers ............................................................................................... 54
Negative Testcase Response ........................................................................................ 55
Verify the Response HTTP Status Code ................................................................... 56
Verify Valid Response Payload .................................................................................... 57
End-to-end CRUD Flows ............................................................................................ 58
CHAPTER 5: API SECURITY .................................................................................. 61
API Threats Landscape ................................................................................................. 62
Prevent Injection Attacks .............................................................................................. 63
SQL Injection ................................................................................................................. 63
Command Injection ...................................................................................................... 64
Code Injection ................................................................................................................ 65
Prevent Authentication & Authorization Flaws ..................................................... 66
Protect from MITM Attacks ........................................................................................ 70
Use HTTPS for API Endpoints .................................................................................. 70
Verify SSL/TLS Certificates ........................................................................................ 71
Safeguard Parameter Tampering ................................................................................ 71
Prevent XXE Attacks ...................................................................................................... 73
Prevent DDoS Attacks ................................................................................................... 75
CHAPTER 6: USING POSTMAN CLI ...................................................................... 78
Understand Postman CLI ............................................................................................. 79
Advantages of Postman CLI ........................................................................................ 79
How Postman CLI Benefits API Developers ........................................................... 80
Installing Postman CLI ................................................................................................. 81
Run Collection from Postman CLI ............................................................................ 82
Install Postman CLI ...................................................................................................... 82
Import Sample Collection ............................................................................................ 82
Verify Collection Import .............................................................................................. 83
Install Newman .............................................................................................................. 83

vii
Run the Collection ......................................................................................................... 83
View the Collection Results .......................................................................................... 88
Running Multiple Collections ....................................................................................... 88
Setting Up GitHub Actions using Postman CLI .................................................... 89
Create GitHub Repository ............................................................................................ 89
Install Postman CLI ....................................................................................................... 89
Create Postman Collection ........................................................................................... 89
Create Workflow ............................................................................................................ 89
Choose Template ........................................................................................................... 89
Configure the Workflow ............................................................................................... 89
Add Your Postman Collection ..................................................................................... 90
Run Your Postman Collection ..................................................................................... 90
Save and Commit Your Workflow File ...................................................................... 90
Test Your Workflow ...................................................................................................... 90
Run Collections inside CI/CD Pipeline ................................................................... 90
Create Workflow File..................................................................................................... 91
Define the Workflow ..................................................................................................... 91
Checking out Code......................................................................................................... 92
Installing Newman ......................................................................................................... 92
Running the Postman Collection ................................................................................. 92
Save and Commit Your Workflow File ...................................................................... 93
Verify Your Workflow................................................................................................... 93
Automate Postman Collections ................................................................................... 93
Install Jenkins .................................................................................................................. 93
Install Required Plugins ................................................................................................. 93
Configure Jenkins ........................................................................................................... 94
Schedule the Pipeline ..................................................................................................... 95
CHAPTER 7: API DOCUMENTATION & PUBLISHING ........................................... 96
Importance of API Documentation ............................................................................ 97
Automatic Documentation Generation ...................................................................... 97

viii
Markdown Support ....................................................................................................... 97
Collaboration and Sharing ............................................................................................ 97
Versioning ....................................................................................................................... 97
Code Snippets and SDK Generation.......................................................................... 97
Customization and Theming........................................................................................ 98
Interactive Documentation .......................................................................................... 98
Integration with CI/CD Pipelines .............................................................................. 98
Environments and Variables ........................................................................................ 98
Access Control and Security ........................................................................................ 98
Monitoring and Analytics ............................................................................................. 99
API Mock Servers.......................................................................................................... 99
Import and Export ........................................................................................................ 99
Multi-platform Support ................................................................................................ 99
Automate Generating API Documentation ........................................................... 100
Create Collection ......................................................................................................... 100
Add Requests to the Collection ................................................................................. 100
Add Descriptions and Examples ............................................................................... 100
Generate API Documentation .................................................................................. 101
Publish and Share API Documentation ................................................................... 101
Automate API Documentation Updates ................................................................. 101
Edit API Documentation ............................................................................................ 102
Access the API Documentation ................................................................................ 102
Edit the API Documentation .................................................................................... 102
Save Your Changes...................................................................................................... 102
Update the Published Documentation (Optional) ................................................. 103
Publish, Unpublish and Modify Documentation................................................. 103
Publish the API Documentation ............................................................................... 103
Modify the Published API Documentation ............................................................. 104
Unpublish API Documentation ................................................................................ 104
Publishing APIs on GitHub ....................................................................................... 105

ix
Export the API Documentation ............................................................................... 105
Create GitHub Pages Repository .............................................................................. 105
Clone Repository to Local Machine ......................................................................... 106
Add API Documentation to Repository.................................................................. 106
Push Changes to GitHub ........................................................................................... 106
Configure GitHub Pages ............................................................................................ 106
Access the Published API Documentation ............................................................. 107
Publishing APIs on GitLab ........................................................................................ 107
Export the API Documentation ............................................................................... 107
Create GitLab Repository .......................................................................................... 107
Clone Repository to Local Machine ......................................................................... 108
Add API Documentation to Repository.................................................................. 108
Push Changes to GitLab ............................................................................................ 108
Configure GitLab Pages ............................................................................................. 108
Access the Published API Documentation ............................................................. 109
Publishing APIs on Bitbucket................................................................................... 109
Export the API Documentation ............................................................................... 109
Create Bitbucket Repository ...................................................................................... 109
Clone Repository to Local Machine ......................................................................... 110
Add API Documentation to Repository.................................................................. 110
Push Changes to Bitbucket ........................................................................................ 110
Configure Bitbucket Pages ......................................................................................... 110
Access the Published API Documentation ............................................................. 111
Managing API Versions and Changes .................................................................... 111
Create Collections for Each API Version ............................................................... 111
Add Requests and Documentation for Each Version ........................................... 112
Publish API Documentation for Each Version...................................................... 112
Update API Documentation for Each Version ...................................................... 112
Organize and Share Versioned API Documentation ............................................ 112
API Publishing Best Practices .................................................................................. 113

x
Document Your API .................................................................................................. 113
Use Versioning ............................................................................................................. 113
Secure Your API .......................................................................................................... 113
Test Your API .............................................................................................................. 114
Monitor Your API ....................................................................................................... 114
Provide Support ........................................................................................................... 114
Follow Industry Standards ......................................................................................... 114
CHAPTER 8: API INTEGRATION.......................................................................... 116
Understand API Integration ...................................................................................... 117
Integration to Different Systems ............................................................................... 117
Process of API Integration ........................................................................................ 117
Sample Program to Integrate OpenWeatherMap API ....................................... 118
Data and Functionality Mapping ............................................................................. 120
Overview ....................................................................................................................... 120
Steps to Map Data and Functionality ....................................................................... 121
Test and Validate API Integration ........................................................................... 121
Manual Testing ............................................................................................................. 121
Sample Program of Manual Testing ......................................................................... 122
Automated Testing ...................................................................................................... 123
Sample Program of Automated Testing ................................................................... 124
CHAPTER 9: API PERFORMANCE ....................................................................... 126
Explore API Performance ........................................................................................... 127
Why Measuring API Performance? .......................................................................... 127
Postman Performance Capabilities ........................................................................... 127
Measure API Performance.......................................................................................... 129
Response Time ............................................................................................................. 129
Measuring API Response Time ................................................................................. 129
Error Rate ..................................................................................................................... 130
Calculating API Error Rate ........................................................................................ 130
Throughput................................................................................................................... 130

xi
Measuring API Throughput ...................................................................................... 130
CPU/Memory Utilization .......................................................................................... 131
Monitoring CPU and Memory Utilization............................................................... 131
Network Latency ......................................................................................................... 132
Monitoring Network Latency .................................................................................... 132
Error Response Time ................................................................................................. 132
Calculating Error Response Time ............................................................................. 132
Time to First Byte (TTFB)......................................................................................... 133
Measuring TTFB ......................................................................................................... 133
Identify and Fix Performance Issues ...................................................................... 134
Response Time Issues................................................................................................. 134
Sample Program to Detect Response Time Exceeding 2s .................................... 135
Detect Higher Error Rate .......................................................................................... 135
Sample Program to Detect Error Rate Exceeding 1% .......................................... 136
Identifying Lower Throughput ................................................................................. 136
Sample Program to Detect Throughput Below 10 Requests/sec ........................ 137
Monitoring CPU and Memory Utilization............................................................... 137
Checking Network Latency ....................................................................................... 137
Sample Program to Notify Latency Exceeding 100ms .......................................... 138
Solve and Optimize API Performance .................................................................... 138
Optimize API Code .................................................................................................... 139
Improve API Architecture ......................................................................................... 140
Use Caching ................................................................................................................. 141
Monitor and Optimize ................................................................................................ 142
CHAPTER 10: API GOVERNANCE........................................................................ 144
Understand API Governance ..................................................................................... 145
Role of API Governance ........................................................................................... 145
Benefits of API Governance ..................................................................................... 146
Create API Governance Framework ........................................................................ 146
Implement API Governance ...................................................................................... 149

xii
Define API Governance Objectives ......................................................................... 150
Establish Principles and Guidelines .......................................................................... 151
Implement Processes and Workflows ...................................................................... 152
Develop Tools and Automation................................................................................ 154
Enforce Compliance and Governance ..................................................................... 155
Continuously Improvise ............................................................................................. 156
Managing API Policies and Standards ................................................................... 158
Define Policies and Guidelines.................................................................................. 158
Setting Up Automated Checks and Validations ...................................................... 158
Monitor API Usage ..................................................................................................... 159
Conduct Compliance Testing .................................................................................... 159
Integrate with External Tools .................................................................................... 160
Enforce Access Controls ............................................................................................ 160
CHAPTER 11: ADVANCED API DEVELOPER SKILLS ............................................. 161
Understand Variables ................................................................................................... 162
Working with Global Variables ................................................................................. 163
Using Local Variables ................................................................................................. 164
Understand Environments ......................................................................................... 165
Administering Environments .................................................................................... 165
Automate API Testing ................................................................................................. 166
Creating Collection ...................................................................................................... 167
Writing Tests ................................................................................................................ 167
Running Tests with Collections Runner .................................................................. 167
Automating Tests using Newman ............................................................................. 168
Automate Deployment using GitHub Actions ..................................................... 169
Writing Custom Scripts in Postman ........................................................................ 171
Postman Best Practices ............................................................................................... 172

xiii
Preface
"Mastering Postman" is the ultimate guide for anyone looking to streamline their API
development process. Whether you're a seasoned developer or just starting out, this book
will take you through every step of the API lifecycle and equip you with the knowledge
and tools you need to create better APIs faster.

Starting with API design, the book covers the best practices for creating APIs that are
intuitive, easy to use, and scalable. You'll learn how to use Postman to test your APIs
thoroughly and ensure they're working as intended before deploying them. The book
then delves into API documentation and mocking, showing you how to create
comprehensive documentation that's easy to understand and use. You'll also learn how to
use Postman to mock your APIs, allowing you to test your code in a safe environment
before deploying it to production. With a focus on Python, Flask, and JavaScript coding,
"Mastering Postman" teaches you how to build APIs that are powerful, efficient, and easy
to use. You'll also learn about API governance, integration, publishing, and the Postman
CLI.

Throughout the book, you'll find practical examples and real-world scenarios that
demonstrate how to apply the concepts you learn to your own projects. You'll also find
tips and tricks to help you become more productive and efficient as you work on your
APIs. Whether you're a developer, a product manager, or a technical writer, "Mastering
Postman" will give you the skills and knowledge you need to create APIs that are robust,
reliable, and easy to use. With this book as your guide, you'll be able to streamline your
API development process and deliver better APIs faster than ever before.

In this book you will learn how to:

Streamline API development process with Postman for faster delivery.


Learn API design, testing, documentation, and mocking with real-world examples.
Build APIs using Python, Flask, and JavaScript for better performance.
Master API governance, integration, and publishing with Postman.
Leverage Postman CLI for advanced API testing and automation.
Collaborate efficiently using Postman collections, environments, and workspaces.

xiv

You might also like