Forensics with FTK Imager Part 2

In my last blog I discussed the interface of FTK Imager tool and talked about various files of NTFS, a widely used tool in terms of Cyber Forensics, and also why I like this tool is because it has so…


Test an API of a microservice

Before going to discuss about the topic, let’s understand what is a microservice.

A microservice is basically an independent service that provide a unique business capability.

Few microservices examples from an eCommerce business,

Above mentioned microservices provides different services which ultimately drives to perform one complex business scenario through an application.

A microservice can be a service provider to another microservice OR can be a consumer from another microservice.

Simple microservice architecture.

Simple microservice architecture

As testers, we must perform testing on each API in microservice to make sure microservices which we have developed performing its dedicated business requirement as per the acceptance criteria without impacting consumers.

A microservice may expose one or more API endpoints which mostly perform CRUD (POST, GET, PUT & DELETE) operations related to its capability.

For example,

Order microservice may expose endpoints to,

Let’s move on to the topic.

Testing a microservice includes testing one or more APIs. To explain it in a more explanatory way, I am taking a dummy API.

Fetch all orders of a given customer


Here I am going to give a checklist which I have used to test an API like this.

Positive Scenario

In our case, data in our database could change frequently. Therefore, as a precondition, we are inserting known records to database through an automation scripts. So that we can verify the exact expected response. Also as a post-condition we are deleting the records which we have inserted in the precondition.

Note: Positive scenario may differ than above according to the type of request (POST, PUT or DELETE)

Negative Scenario

Send API requests for below mentioned scenarios and verify status codes and messages in the response. This is to make sure exceptions are handled properly in the APIs.

#4 — Invalid request with bad request status code (400)

Assume the correct key is “AIzaSyAv5Ywug3w9MSGqAjydRL85BcQhpEm4PUQs”.Send an API request with incorrect key.

Send an API request with incorrect resource (i.e. “orde” instead of “order”)

Invalid the database connect (i.e. incorrect username or password)

Add a comment

Related posts:

3 healthcare and biotech blockchain companies to watch in 2018

In a previous article we presented the basics of cryptocurrency and blockchain. We admit, there is a lot of of hype behind cryptocurrencies causing large swings in market cap. However, there are some… Read more

How marketplaces can nurture customer engagement with video

The changes that COVID-19 is forcing on businesses all over the world are vast and sure to bring long-lasting implications across a broad variety of domains. In today’s installment of our four-part… Read more

Javascript history

As the web gained popularity, a gradual demand for client-side scripting languages developed. At the time, most Internet users were connecting over a 28.8 kbps modem even though web pages were… Read more