Introduction

To
Postman
What is an API?

API stands for Application Programming Interface. It is a set of rules and

protocols that allows different software applications to communicate with
each other. APIs work like messengers: they take your request to a system,
get the needed data or action, and deliver the response back to you.
Types of APIs
Web APIs (HTTPAPIs)Definition: These Open APIs (Public APIs):
APIs allow applications to communicate
over the internet using the HTTP/HTTPS These are publicly available APIs that
protocol. anyone can use.

➢ REST APIs (Representational State Examples:

Transfer):Used for simple, ▪ Google Maps API: Developers use this
lightweight communication. to embed maps in their apps or
websites.
▪ Example: A weather app fetching the
current temperature from a server. ▪ OpenWeather API: Fetch weather
data for any city.
➢ SOAP APIs (Simple Object Access
Protocol):Used for more complex
systems requiring high security and
structure.
▪ Example: Payment processing in
banking systems.
Types of APIs
Internal APIs (Private APIs): Partner APIs:
These are designed for use within an These are shared with specific
organization to improve its internal business partners to allow limited
operations. access to systems.

Examples: Examples:
▪ A company's HR system ▪ Uber’s API for restaurants to
communicating with the payroll integrate delivery services.
system to process salaries. ▪ Expedia’s API for hotels to manage
▪ A logistics company's tracking app room bookings via their platform.
accessing its database to update
shipment statuses.
Types of APIs
 Composite APIs: GraphQL APIs:
 These combine multiple API calls Allows clients to request exactly the
into a single request, reducing the data they need, reducing over-fetching
number of round trips between client or under-fetching data.
and server.
Examples:
 Examples:
Facebook's GraphQLAPI: Fetch a user's
▪ An e-commerce website fetching posts and friends list in a single,
product details, reviews, and seller customized query.
information in one request.
▪ A travel app retrieving flight options,
hotels, and car rentals
simultaneously.
Types of APIs- Real-Life Analogy
Open API: Like a restaurant menu—anyone can order.
Internal API: Like the chef’s recipe—only kitchen staff can
access it.
Partner API: Like a special menu for VIP customers—only
certain people get access.
Composite API: Like ordering a combo meal—one request
gives you everything you need.
GraphQLAPI: Like customizing your meal order—ask for
exactly what you want (e.g., burger without pickles, fries,
and soda).
Collections Multiple Request Types
➢ What it Means: You can group similar ➢ What it Means: Postman supports
API requests into folders for easy different API actions like:
organization.
➢ GET: Fetch data
➢ Example: For a shopping app, you
can group the APIs for login, product ➢ POST: Send data
search, and checkout into one ➢ PUT: Update data
collection. It’s like putting related
files into one folder for quick access. ➢ DELETE: Remove data
➢ HEAD:A HEAD request is similar to a
GET request, but it only fetches the
headers (metadata) of the response,
not the actual data (body).It’s useful
to check if a resource exists or to get
details like size or type without
downloading the full content.
➢ OPTIONS: An OPTIONS request asks
the server what actions are allowed
for a resource.
It’s often used to check which HTTP
methods (like GET, POST, etc.) are
FatimaBharwana supported by the server for that
resource.
Test Development Environment Support
➢ What it Means: Add tests to check if ➢ What it Means: You can test the
APIs work correctly, like verifying same APIs on different setups
they give the expected output or (development, testing, or live)
show a "200 OK" status. without making new requests for
each.
➢ Example: You’re testing an API to
check your bank balance. A test ➢ Example: Test your app on:
ensures it shows your balance ▪ A testing server:
correctly and doesn’t display an test.myapp.com
error.
▪ The live server: myapp.com
By switching environments, you
use the same test requests
without changes.
CI/CD Integration Debugging
➢ What it Means: Postman works with ➢ What it Means: Postman has a
tools that automate testing every console to find and fix issues in APIs.
time you update your app or add new
➢ Example: If the login API gives an
features.
error, you check the console to see
➢ Example: When you release a new the problem (e.g., you forgot to
feature for your app, Postman include the password).
automatically runs all API tests to
check that everything still works.
Header
The header section contains key tools for creating and managing API requests and
environments.

New: Create a new request, collection (group of requests), or environment

(test setup).
Import: Import environments or collections from files, links, or code
repositories.
Runner: Run multiple API tests using the Collection Runner tool.
Workspace Name: Displays the active workspace (e.g., My Workspace) and
allows you to share it with team members.
Response Section
This area displays the results of an API request after you hit "Send." It includes:

Response Body: The actual data returned by the API (e.g., JSON, XML).
Status Code: Indicates the success or failure of the request (e.g., 200 OK, 404
Not Found).
Time: How long it took for the server to respond.
Sidebar
The sidebar organizes your API requests, collections, and history for easy navigation.

Collections: Group API requests into folders for better management.

History: View past requests and re-run them if needed.
Builder Section
This is the central workspace where you create and execute API requests.

Request Tab: Contains the request type (GET, POST, PUT, DELETE, etc.) and
the API URL.
Send Button: Executes the API request.
Save Button: Saves the request for future use.
Tabs in Builder:
Params (Query Parameters)
➢ What it is:Query parameters are extra pieces of information added to the URL
to filter or modify a request. They look like ?key=value in the URL.
➢ Example:
▪ Scenario: You want to search for "laptops" on an e-commerce site.
▪ URL: https://example.com/search?query=laptops&page=2query=laptops is
the parameter saying, "Search for laptops."page=2 specifies which page of
results to display.
➢ Usage:
When calling an API to get user details:
https://api.example.com/users?userId=123
The userId=123 tells the API to fetch data for user 123.
Tabs in Builder:
Authorization
What it is:This ensures only authorized users can access a resource. It
involves tokens, API keys, or login credentials.
Example:
▪ Scenario: You use a food delivery app. The app needs your login token to
confirm who you are.
▪ Authorization Header:
Authorization: Bearer your-token-here
Usage:
For secure APIs:
API Key: Authorization: API-Key abc123xyz
OAuth Token: Authorization: Bearer token123
Tabs in Builder:
Headers
What it is:Metadata sent along with a request to give the server more
information about what you're sending.
Example:
▪ Scenario: When uploading an image, the server needs to know the file type.
▪ Header: Content-Type: image/png
Usage:
To tell the server you're sending JSON data:
Content-Type: application/json
Example: Adding headers for language preferences:Accept-Language: en-US
Tabs in Builder:

 Body
 What it is:The actual data sent in a request, typically used in POST or
PUT requests
 Example:
▪ Scenario: You sign up for a service and send your details.
▪ Body (JSON format):
▪ { "name": "John Doe", "email": "john@example.com", "password": "123456"}
 Usage:
 For creating a new blog post via an API:
 { "title": "My First Blog", "content": "This is the body of my
blog post."}
Tabs in Builder:
Pre-req. (Pre-request Scripts)
What it is:Code that runs before sending the API request to set or modify data
dynamically.
Example:
▪ Scenario: Generating a unique user ID for each signup request.
▪ Script:
pm.test("Status code is 200", function () { pm.response.to.have.status(200);});
Usage:
pm.test("User ID is correct", function () {
pm.expect(pm.response.json().userId).to.eql("12345");});