Skip to main content
SpringerLink
Log in

Testing of RESTful Web APIs

  • Conference paper
  • First Online:
Service-Oriented Computing – ICSOC 2022 Workshops (ICSOC 2022)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13821))

Included in the following conference series:

  • 748 Accesses

Abstract

RESTful web APIs nowadays may be considered the de facto standard for web integration, since they enable interoperability between heterogeneous software systems in a standard way, and their usage is widespread in industry. Testing these systems thoroughly is therefore of utmost importance: a single bug in an API could compromise hundreds of services using it, potentially affecting millions of end users. In recent years, there has been an explosion in the number of tools and approaches to test RESTful web APIs, making it difficult for researchers and practitioners to select the right solution for the problem at hand.

In this tutorial, we overview some of the main industrial and research tools for testing RESTful APIs, with a primarily practical approach. We analyze different testing tools and frameworks from three different perspectives: a) manual vs automated testing; b) black-box vs white-box testing; and c) online vs offline testing. First, we show the capabilities of industrial tools and libraries for manual testing of web APIs, including REST Assured [3] and Postman [1]. Then, we delve into some of the main research tools for automatically generating test cases for RESTful APIs such as RESTler [6], EvoMaster [5], and RESTest [7]. Finally, we overview existing industrial Testing as a Service (TaaS) platforms such as RapidAPI [2] and Sauce Labs [4], and we show the latest research advances on the provision of continuous online testing of RESTful APIs (including automated test generation and execution) with the RESTest testing ecosystem [8]. We finish the tutorial outlining some of the most pressing research challenges in the domain of web API testing automation, which will hopefully open a range of opportunities for future researchers working on the topic.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 149.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 199.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Postman. https://www.postman.com. Accessed Nov 2022

  2. RapidAPI. https://rapidapi.com. Accessed Nov 2022

  3. REST Assured. https://rest-assured.io. Accessed Nov 2022

  4. Sauce Labs. https://saucelabs.com. Accessed Nov 2022

  5. Arcuri, A.: RESTful API automated test case generation with EvoMaster. ACM Trans. Softw. Eng. Methodol. 28(1), 1–37 (2019)

    Article  MathSciNet  Google Scholar 

  6. Atlidakis, V., Godefroid, P., Polishchuk, M.: RESTler: stateful REST API fuzzing. In: IEEE/ACM 41st International Conference on Software Engineering, pp. 748–758 (2019)

    Google Scholar 

  7. Martin-Lopez, A., Segura, S., Ruiz-Cortés, A.: RESTest: automated black-box testing of RESTful web APIs. In: Proceedings of the 30th ACM SIGSOFT International Symposium on Software Testing and Analysis, pp. 682–685 (2021)

    Google Scholar 

  8. Martin-Lopez, A., Segura, S., Ruiz-Cortés, A.: Online testing of RESTful APIs: promises and challenges. In: Proceedings of the 30th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering, pp. 408–420 (2022)

    Google Scholar 

Download references

Acknowledgments

This work has been supported by the European Commission (FEDER) and Junta de Andalucía under projects MEMENTO (US-1381595), APOLO (US-1264651) and EKIPMENT-PLUS (P18-FR-2895), by the Spanish Government (FEDER/Ministerio de Ciencia e Innovación - Agencia Estatal de Investigación) under project HORATIO (RTI2018-101204-B-C21), by MCIN/AEI/10.13039/ 501100011033/FEDER, UE under project BUBO (PID2021-126227NB-C22), and by the Excellence Network SEBASENet 2.0 (RED2018-102472-T).

Author information

Authors and Affiliations

  1. Schaffhausen Institute of Technology, Schaffhausen, Switzerland

    Alberto Martin-Lopez

  2. Università della Svizzera Italiana, Lugano, Switzerland

    Alberto Martin-Lopez

  3. Smart Computer Systems Research and Engineering Lab (SCORE), Research Institute of Computer Engineering (I3US), Universidad de Sevilla, Seville, Spain

    Juan C. Alonso

Authors
  1. Alberto Martin-Lopez
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Juan C. Alonso
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Alberto Martin-Lopez .

Editor information

Editors and Affiliations

  1. University of Malaga, Málaga, Spain

    Javier Troya

  2. Politecnico di Milano, Milano, Italy

    Raffaela Mirandola

  3. University of Castilla-La Mancha, Albacete, Spain

    Elena Navarro

  4. University of the Republic, Montevideo, Uruguay

    Andrea Delgado

  5. University of Seville, Sevilla, Spain

    Sergio Segura

  6. University of Cádiz, Cádiz, Spain

    Guadalupe Ortiz

  7. Faculty of Informatics, Universita della Svizzera Italiana, Lugano, Switzerland

    Cesare Pautasso

  8. Karlsuhe Institute of Technology, Karlsruhe, Germany

    Christian Zirpins

  9. University of Seville, Seville, Spain

    Pablo Fernández

  10. ISA, Universidad de Sevilla, Sevilla, Spain

    Antonio Ruiz-Cortés

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Martin-Lopez, A., Alonso, J.C. (2023). Testing of RESTful Web APIs. In: Troya, J., et al. Service-Oriented Computing – ICSOC 2022 Workshops. ICSOC 2022. Lecture Notes in Computer Science, vol 13821. Springer, Cham. https://doi.org/10.1007/978-3-031-26507-5_43

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-26507-5_43

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-26506-8

  • Online ISBN: 978-3-031-26507-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation