API testing has become integral to software quality assurance (QA) processes in today’s rapidly evolving technology landscape. As applications increasingly rely on APIs to communicate and exchange data, ensuring functionality, reliability, and security has become paramount for delivering high-quality software products. For QA professionals, API testing offers a unique opportunity to validate the behavior of individual components, uncover potential defects, and ensure seamless integration across different systems and platforms.
API testing involves verifying the functionality of application programming interfaces (APIs) by sending requests to API endpoints and analyzing the responses. Unlike traditional GUI testing, which focuses on the user interface, API testing targets the underlying logic and functionality of the software, allowing QA teams to test business logic, data validation, error handling, and performance characteristics directly at the API level.
What is API Testing?
For background, API (Application Programming Interface) is a computing interface that enables communication and data exchange between two software systems. A software system that executes an API includes several functions/subroutines that another software system can perform. API defines the types of requests that can be made, how to make requests, data formats that can be used, etc., between two software systems.
According to Imperva: “API testing involves verifying the API’s functionality, reliability, performance, and security. This type of testing typically involves sending requests to the API and checking the responses to ensure that they match the expected results. API testing could also be automated using specialized software tools, saving time and reducing the risk of human error.” In a nutshell, API testing consists of testing the backend of our software, interacting directly with the database by sending queries and receiving answers.
Benefits of API Testing
The importance of API testing for QA professionals cannot be overstated. Here are some key reasons why API testing is crucial in the software development lifecycle:
- Early Detection of Defects: API testing allows QA teams to identify defects and issues in the early stages of development before they escalate into more serious problems. By testing APIs independently of the user interface, QA professionals can catch bugs early and prevent them from impacting the application’s overall functionality.
- Improved Test Coverage: APIs often have complex interactions and dependencies that are not easily testable through the user interface alone. API testing enables QA teams to achieve better test coverage by directly testing individual API endpoints’ underlying functionality and behavior, ensuring that all possible scenarios are thoroughly tested.
- Automation and Efficiency: API testing lends itself well to automation, allowing QA teams to automate repetitive tasks, perform regression testing, and execute test suites more efficiently. Automation reduces manual effort, speeds up the testing process, and enables QA professionals to focus on more critical aspects of testing, such as test design and analysis.
- Enhanced Reliability and Stability: APIs are the backbone of modern software applications, enabling seamless integration with third-party services, data sources, and platforms. By rigorously testing APIs for reliability, stability, and performance, QA teams can ensure that applications function as expected under various conditions and deliver a positive user experience.
- Security and Compliance: API testing plays a crucial role in validating the security and compliance of software applications. QA professionals can use API testing to identify vulnerabilities, enforce security policies, and ensure that APIs adhere to industry standards and regulatory requirements, such as GDPR, HIPAA, and PCI-DSS.
Salesforce APIs
Salesforce offers a variety of APIs that developers and QA’s can use to interact with Salesforce Data and functionality programmatically. Some of the commonly used Salesforce APIs include:
- SOAP API: A protocol for exchanging structured information in the implementation of web services. SOAP API allows developers to create, retrieve, update, or delete Salesforce records using XML messages.
- REST API: A lightweight, stateless communication protocol that provides a more flexible and intuitive way to interact with Salesforce data and services using HTTP methods like GET, POST, PUT, DELETE, etc.
- Bulk API: Designed to process large sets of data asynchronously, Bulk API is suitable for loading or deleting large volumes of Salesforce data.
- Metadata API: Allows developers to retrieve, deploy, create, update, or delete metadata in Salesforce orgs, such as custom objects, fields, workflows, and more.
- Streaming API: Enables developers to receive notifications in real-time about changes to Salesforce data that match specific criteria.
In this article, we are going to focus on Salesforce SOAP API which can be leveraged for a variety of testing tasks, including integration, functional, regression, security, performance, and data migration testing. It enables automated testing of Salesforce applications by interacting with Salesforce objects and data, validating functionality, ensuring data integrity, and assessing performance under different scenarios. Its versatility makes it a powerful tool for quality assurance, ensuring the reliability and effectiveness of Salesforce applications.
Why Java?
Java is a popular, versatile, and widely used programming language known for its simplicity, platform independence, and extensive ecosystem of libraries and frameworks. Leveraging Java for Salesforce backend testing offers several benefits:
- Strong Community Support: Java has a large and active community of developers, providing access to a wealth of resources, tutorials, and forums for assistance.
- Compatibility: Java seamlessly integrates with Salesforce SOAP API, making it easy to build robust and scalable backend testing solutions.
- Extensive Tooling: Java boasts a rich set of testing frameworks and libraries, such as JUnit, TestNG, Mockito, and REST Assured, which facilitate automated testing and validation of Salesforce APIs.
- Performance and Reliability: Java’s performance, reliability, and scalability make it well-suited for handling complex backend testing scenarios involving large datasets and concurrent requests.
I prefer Java for its robustness, providing incredible compatibility, security, and scalability as a strongly typed language. Moreover, it is the most widely used language in automation projects related to Salesforce (in my experience). Additionally, it is easy to integrate with CI/CD platforms, allowing for continuous improvement in the development process.
Motivation & Possible Usages
- Test data creation: Automated tests with Selenium often require data to function properly. Preexisting data is essential for the correct execution of test cases. Using the SOAP API, testers can create, modify, and delete data, saving time compared to creating them manually through the UI, especially when dealing with large volumes of data.
- Retrieving data from the org using Queries: Many business workflows depend on user permissions and record creation/update, which can affect other records. While obtaining this information through the UI is ideal, it can sometimes be slow and prone to page refresh errors. Using SOQL queries via the SOAP API can be a reliable alternative to overcome these shortcomings of UI testing.
- Validation of business logic: The SOAP API allows testers to interact with Salesforce’s objects and execute operations to validate business logic and workflows implemented in Salesforce. This ensures that the system behaves as expected under different scenarios, improving the overall quality and reliability of the application.
- Integration testing: The SOAP API enables testers to perform integration testing by interacting with external systems or services connected to Salesforce. This ensures that data flows seamlessly between Salesforce and other systems, validating end-to-end functionality and data consistency.
- Bulk data operations: For scenarios where large volumes of data need to be processed, the SOAP API provides bulk data operations such as insert, update, upsert, delete, and queryAll. This is particularly useful for testing scenarios involving data migration, data loading, or data synchronization between Salesforce instances.
- Validation of security settings: Testers can use the SOAP API to validate security settings such as object permissions, field-level security, and record-level security. Testers can ensure that data access controls are correctly enforced by querying these settings and verifying their configurations.
- Performance testing: The SOAP API can be leveraged for performance testing by simulating concurrent requests and measuring response times. Testers can assess the system’s scalability and performance under different load conditions, helping identify potential bottlenecks and optimize resource utilization.
- Automated data cleanup: After executing automated tests, the SOAP API can automate the cleanup of test data, ensuring that the Salesforce org remains clutter-free and maintains optimal performance. This includes deleting test records, resetting test environments, and restoring the org state for subsequent test runs.
Step-by-Step Guide
Prerequisites
- Must have a developer org or a sandbox with admin credentials.
- Must have IntelliJ and Java JDK Installed.
Steps
- Before you use the WSC framework, make sure that you have a working of the Java JDK.
- Navigate to https://mvnrepository.com/artifact/com.force.api/force-wsc in your browser.
- Select the WSC version you want to download. We recommend downloading the version that matches the API version of Salesforce that you’re using.
- To view all files, select View All
- Note: If you can’t find a pre-built version of WSC that works with the API version you’re using, you can build the .jar file from the source. Navigate to https://github.com/forcedotcom/wsc and follow the instructions on “Building WSC.” Download the file ending in uber.jar. For example, download the force-wsc-57.0.0-uber.jar file.
2. Save the WSC .jar file in a known location. You use it to generate stub files with the WSDLs from your Salesforce organization.
3. Go to Setup in Salesforce.
4. To download WSDL files directly from your Salesforce organization:
- Log in to your Salesforce developer organization in your browser.
- From Setup, enter API in the Quick Find box, then select API.
- Download the appropriate WSDL files for the API you want to use.
- This will open a new tab in your browser, displaying your WSDL file. Save this file to your local machine with the name sfdc.wsdl. Put it in the same folder where you downloaded the WSC .jar files.
5. Generate Java stub file
To use the SOAP API with Java, we need to generate .jar stub files for use in our application project. We run the following command on the console to generate the stub file (in the location you have both files):
java -classpath force-wsc-56.0.0-uber.jar com.sforce.ws.tools.wsdlc sfdc.wsdl sfdc_stub.jar
6. Add those files as External Libraries into the IntelliJ:
- Go to Project Structure.
- Go to Libraries -> New Project Library.
7. Reset your security token by going into Personal Settings → Reset my security token.
- In case you do not see the option, use one of those URLs:
Code Snippet
package wsc;
import com.sforce.soap.enterprise.EnterpriseConnection;
import com.sforce.soap.enterprise.sobject;
import com.sforce.ws.Connection;
public class Main {
public static void main(String[] args) {
ConnectorConfig credentials = new ConnectorConfig();
credentials.setPassword("YourPassword!apPenDdedSecurityTkn");
credentials.setUsername("yoursalesforceusername@yourdomain.com");
EnterpriseConnection connection;
try {
connection = Connector.newConnection(credentials);
Lead le = new Lead();
le.setLastName("AcmeEnterprises");
le.setCompany("JavaPush");
le.setIndustry("Hospitality");
connection.create(new Lead[]{ le });
} catch (ConnectionException e) {
e.printStackTrace();
}}}
Obs: When you set your password don’t forget to append the security token. E.g:
- Password: ExamplePassword123
- Token:KSDnh123fdsfpo1235
credentials.setPassword("ExamplePassword123KSDnh123fdsfpo1235");
Bonus Track: How to add the local external library to the POM
To add a local external library to the POM (Project Object Model) in a Maven project, you can use the systemPath attribute within the <dependency> tag. Here’s how you can do it:
- Locate the External Library: First, ensure you have the external library (JAR file) stored in a local directory on your system.
- Update the POM File: Open your project’s pom.xml file in a text editor or an IDE.
- Add Dependency: Inside the <dependencies> section of the pom.xml, add a <dependency> tag for the external library. Set the systemPath attribute to the absolute path of the JAR file on your local filesystem.
Example:
com.sforce
my-library
1.0
system
${project.basedir}/src/test/resources/WSDL files/sfdc.jar
com.sforce
my-library2
1.0
system
${project.basedir}/src/test/resources/WSDL files/force-wsc-60.1.1-uber.jar
Bonus Track: Repository link with examples
This Repository link contains examples of creating, updating, deleting, and querying objects inside Salesforce using Maven, TestNG, and the Force-WSC library.