DEV Community: Loveline Chioma Ezenwafor

Building Scalable API Test Automation with Postman + Newman — My Gradific API Testing Project

Loveline Chioma Ezenwafor — Wed, 05 Nov 2025 22:14:38 +0000

In modern backend ecosystems, ensuring the reliability and security of APIs isn’t optional — it’s critical. As a QA Engineer transitioning from Customer Experience and Support, I recently completed an automated API testing project for the Gradific Learning Platform.

This project involved building a robust Postman + Newman test automation workflow with validations, error handling, performance checks, and structured reporting.

Here is how I approached it 👇

🎯 Project Goals

✅ Automate CRUD API testing
✅ Validate security and error responses
✅ Enable dynamic test data generation
✅ Reuse variables for maintainability
✅ Generate execution reports via CLI
✅ Create bug logs + execution documentation

APIs Tested:
• ✅ Authentication
• ✅ Workspaces
• ✅ Tracks
• ✅ Assignments

🛠 Tools & Technologies Used
Tool: Postman
Purpose: Build & execute API test collection

Tool: Faker.js (built-in)
Purpose: Generate dynamic payloads

Tool: Newman
Purpose: Command-line automation

Tool: HTML/JSON Newman reports
Purpose: Execution documentation

Tool: Google Sheets
Purpose: Bug reporting

Key Testing Techniques Applied
Testing Category: Positive & Negative Scenarios
Example: Valid vs invalid tokens

Testing Category: CRUD Testing
Example: POST, GET, PATCH/PUT, DELETE

Testing Category: Security Testing
Example: Unauthorized access

Testing Category: Performance Testing
Example: Response time < 500ms

Testing Category: Data Integrity
Example: ID reuse across calls

Testing Category: Script assertions
Example: JS-based validation

Final Deliverables Included

📌 Automated Test Collection (Postman)
📌 Newman HTML + JSON Reports
📌 Full Bug Report & Execution Logs
📌 Professional documentation for handoff

This is a complete end-to-end API QA workflow

Key Learnings

🔹 API behavior can differ from docs → validation is essential
🔹 Performance matters, not just correctness
🔹 Dynamic test data prevents false positives
🔹 Automation unlocks scalability and confidence

My API Testing & Postman Automation Journey with Gradific API

Loveline Chioma Ezenwafor — Wed, 29 Oct 2025 22:09:04 +0000

Over the past week, I worked on a detailed API Testing & Presentation Task using the Gradific REST API documentation. This assignment pushed me deeper into advanced API testing concepts such as CRUD operations, nested endpoints, authorization flows, and Postman collections.

Here’s a breakdown of what I did ✅

✅ Task Overview

I was required to:
1. Review the API documentation
2. Select 4 resources (including Authentication)
3. Perform full CRUD operations on each
4. Test nested endpoints where applicable
5. Create:
• 80 total test cases (20 per resource)
• A Postman collection for all requests
• Professional documentation files (.docx and .xlsx)

🔐 Authentication Challenges

Initially, every request returned:
Cannot POST /api/docs

later:
Cannot POST /api/auth/register

Eventually, I got the API responding, but then encountered:
Invalid authentication token

While debugging, I discovered that the API requires a valid JWT for protected routes — meaning I needed to:

✔ Authenticate first
✔ Retrieve a token
✔ Add it to every request header

This taught me how token-based security impacts testing workflows and how to handle protected endpoints properly.

🛠 Tools & Skills Used
Tool / Concept
Postman

How I Used It
CRUD operations, environments, token automation

Tool / Concept
HTTP Headers

How I Used It
Added Authorization tokens

Tool / Concept
Status Code Validation

How I Used It
Confirmed expected responses

Tool / Concept
API Documentation

How I Used It
Navigation & endpoint selection

Tool / Concept
Test Documentation

How I Used It
Excel + Word formatted test suites

📌 Deliverables I Produced

✅ Full Postman Collection
✅ 80 detailed test scenarios
✅ Functional + auth testing across 4 resources
✅ Documentation files ready for review

This experience helped me:
• Understand backend dependencies
• Build confidence in API automation setup
• Strengthen debugging and problem-solving skills
• Work with REST APIs beyond simple GET/POST calls

🎯 Key Takeaways
• Not all API failures mean the API is “down” — authentication matters!
• Test cases should include both positive and negative scenarios.
• Clear documentation is vital for QA engineering roles.
• API testing is as much about logic as it is about tooling.

🙌 Wrapping Up

This project confirmed my passion for Quality Assurance Engineering and backend testing. I’m excited to build more with Postman, automation scripts, and CI pipelines as I advance in this field.

If you’re working on APIs:
👉 Always start by validating authentication flow
👉 Read the docs twice before assuming the endpoint is wrong 😅

Thanks for reading! Feel free to connect with me on my journey ❤️

Test Plan and Non-Functional Requirements (NFR) Document

Loveline Chioma Ezenwafor — Wed, 22 Oct 2025 00:43:00 +0000

🧠 MyJourney as a QA Engineer at HNG: From Requirements to Quality Strategy

During my #HNGi13 experience at @HNGInternship, I had the opportunity to take on a real-world QA task: building a Test Plan and Non-Functional Requirements (NFR) document for a Language Learning AI Game (Delve).

At first glance, it seemed simple, read a document and write a plan.
But true QA work starts with understanding the product, not just testing it.

🧩 Step 1: Understanding the Requirements

I began by reviewing the Functional Requirements Document (FRD), breaking it down into user goals, workflows, and acceptance criteria.
It covered everything from signup/login to AI speech recognition, gamification, subscription management, and progress tracking.

I learned that good testing starts with clarity, every unclear requirement becomes a potential defect in disguise.

🧪 Step 2: Building the Test Plan

Next, I created a comprehensive Test Plan outlining how quality would be achieved, not just tested.
My plan included:

Scope & Objectives: Define what’s in and out of testing.
⁠Approach: Manual + Automated testing using tools like Selenium, Postman, and JMeter.
⁠Risk & Mitigation: Predict what could go wrong and plan recovery.
⁠Deliverables: Reports, defect logs, test cases, and summaries.

⚙️ Step 3: Defining Non-Functional Requirements

Beyond functional checks, I focused on how well the system performs.
My NFRs covered:

Performance: 500ms API response time target.
⁠Security: Encryption, secure sessions, and rate-limiting.
⁠Usability: Mobile responsiveness and accessibility (WCAG 2.1).
⁠Reliability: 99.9% uptime with automated backups.

This part deepened my appreciation for the invisible side of QA, quality you can’t see, but always feel.

💡 Key Takeaways

QA is proactive, not reactive. It starts before a single test is run.
⁠Clarity + Collaboration = Quality. A well-documented plan saves time and prevents chaos.
⁠Metrics matter. Non-functional requirements define user satisfaction in numbers.

Click here to see my Test Plan and Non-Functional Requirements (NFR) Document

The Effects of Performance Appraisal: A Study of 7up Bottling Company in Aba, Abia State

Loveline Chioma Ezenwafor — Tue, 21 Oct 2025 01:00:51 +0000

In my undergraduate research project, I explored how performance appraisal systems influence employee motivation and productivity in structured organizations.

This study focused on 7up Bottling Company, Aba, examining how transparent feedback and fair evaluation practices can improve employee engagement and business performance.

Through questionnaires, data analysis, and field research, I discovered that effective appraisal systems not only measure productivity but also foster trust, communication, and professional growth.

This experience helped me sharpen my skills in research design, data analysis, and organizational behavior, while deepening my interest in human resource development and leadership strategy.

✨ Key Skills Gained:
• Research & Data Analysis
• Human Resource Management
• Organizational Leadership
• Business Strategy

Project: CrystalPure Water Company – Business Plan Development

Loveline Chioma Ezenwafor — Tue, 21 Oct 2025 00:38:54 +0000

I developed a comprehensive business plan for CrystalPure Water Company, a proposed startup aimed at providing clean and affordable sachet and bottled water in Nigeria. The plan includes a full market analysis, startup cost estimates, marketing strategy, and a 6-month launch timeline.
This project demonstrates my ability to apply business strategy, operations planning, and project management skills to a real-world venture idea.

📌 Key Highlights:
• Developed a market feasibility study and cost analysis for a scalable water production business.
• Created a step-by-step launch plan (Month 1–6) ensuring realistic implementation.
• Applied strategic, financial, and operational thinking aligned with NAFDAC and business registration standards.
• Integrated growth and sustainability planning for expansion into bottled water production.

📂 Portfolio Upload Options:
• Upload your Word or PDF file as an attachment (or share via Google Drive/Dropbox).
• Add a short visual — e.g., a one-page summary or timeline graphic.
• Optionally, link to your Dev.to post describing the journey of writing your first business plan.

👉 Read the full business plan here

Project: CrystalPure Water Company – Business Plan Development

Loveline Chioma Ezenwafor — Tue, 21 Oct 2025 00:26:53 +0000

Read the full business plan here

🐞 My QA Bug Report Project — Testing the Delve.fun Web Application

Loveline Chioma Ezenwafor — Thu, 16 Oct 2025 20:28:02 +0000

📌 Project Overview

As part of my HNG Internship QA tasks, I reviewed the Delve.fun web application to identify and report 10–15 bugs or usability issues.
My goal was to analyze the product like a real-world Quality Assurance Engineer — focusing on functionality, UI/UX, and overall performance.

🧠 Testing Approach

Before diving into the tests, I explored the application to understand its core purpose and flow.
I performed manual testing using both a desktop browser and mobile simulation tools, focusing on:
• UI Consistency — fonts, alignment, responsiveness, color contrasts
• Functionality — clickable buttons, broken links, missing validations
• Performance — page responsiveness, lag, and animation smoothness
• Edge Cases — invalid inputs, empty fields, and error message handling

🧰 Tools Used
• Browser Developer Tools (Chrome DevTools, Safari Inspector)
• Google Sheets — for structured bug documentation
• Google Docs — for reporting and summarizing findings

💡 What I Learned

This task taught me the importance of detailed observation and reproducibility in QA testing.
I learned how even small inconsistencies can affect user trust and product performance.
Documenting bugs systematically also improved my communication and reporting clarity — key skills for a QA Engineer.

🔗 Project Deliverables
• 🗂️ Bug Report Sheet Full Report

API Testing for DummyJSON Endpoints using Postman

Loveline Chioma Ezenwafor — Thu, 20 Feb 2025 22:46:15 +0000

Introduction

As part of my API testing experience, I worked on testing multiple endpoints from DummyJSON, a free API for testing and prototyping. I focused on the following resources:

Auth (User Authentication).
Products (CRUD operations on products).
Todos (Task management).
Quotes (Retrieving random or category-based quotes).

Using Postman, I tested various HTTP methods, validated response structures, ensured proper error handling, and verified the relationships between different resources (nested endpoints). Below is a detailed breakdown of my approach and findings.

Test Approach

1️⃣ Setting Up the Postman Collection
I created a Postman Collection named "DummyJSON API Tests" and structured it into folders:

✅ Auth
✅ Products
✅ Todos
✅ Quotes

Each folder contained multiple requests for different API operations, such as GET, POST, PUT and DELETE.

2️⃣ Status Code & Response Validation

For each test, I ensured proper status codes and error messages:

200 OK for successful retrieval.
201 Created for successful creation.
400 Bad Request for missing/invalid data.
404 Not Found for non-existent resources.
401 Unauthorized for failed authentication.

I also validated the response body structure, ensuring that required fields such as id, title, message, and status were present and correctly formatted.

Conclusion

This testing process improved my understanding of API workflows, CRUD operations, authentication, and error handling. Using Postman, I successfully validated multiple scenarios, ensuring DummyJSON's API performed as expected.

View the detailed DummyJSON's API report here and complete Postman collection here

Comprehensive Test Cases for Authentication, Alert & Notifications, and Onboarding on Telex App.

Loveline Chioma Ezenwafor — Fri, 14 Feb 2025 02:26:02 +0000

Introduction
Telex.im is for IT professionals such as DevOps, Product Managers, Project Managers, Software Engineers, and Security teams, who need to get real-time notifications per deliverables and achieve efficient communication with teammates and their deployed solutions. Telex.im is a developers' communication tool that ensures seamless communication between both humans and machines.

Methodology
🔐 Authentication is the gateway to any secure application. A well-tested authentication system ensures data protection, prevents unauthorised access, and enhances user trust. In this blog, we dive into detailed test cases for the authentication module of Telex.im, covering Sign Up and Login functionalities.

🚀 Why Authentication Testing is Critical
Authentication failures can lead to security breaches, account takeovers, and data leaks. Testing helps identify weaknesses in:
✅ User registration flow
✅ Login and session management
✅ Password and multi-factor authentication
✅ Error handling for invalid credentials

To ensure comprehensive coverage, I developed 25 test cases, addressing positive scenarios, negative cases, and edge conditions.

📌 Authentication Features Tested:
Sign-Up Process
Key Test Cases:

Successful account creation with valid credentials
Attempt to sign up with an already registered email
Sign up using an invalid email format
Magic link verification for authentication

Login Process
Key Test Cases:

Successful login with correct credentials
Login attempt with incorrect email or password
Authentication using a magic link
Account lockout after multiple failed login attempts
"Forgot Password" functionality to reset access

For full transparency, I have documented all test cases in a Google Sheets document. You can access it here

My Exploratory Testing on Cars.ng

Loveline Chioma Ezenwafor — Mon, 03 Feb 2025 22:32:57 +0000

Introduction
In the evolving digital marketplace, user experience plays a crucial role in determining the success of a platform. As part of my exploratory testing exercise, I conducted an in-depth usability and functionality test on Cars.ng, a platform designed for buying and selling vehicles in Nigeria. This blog post outlines my testing process, findings, and recommendations for improvement.

Methodology
To ensure a thorough evaluation, I tested Cars.ng on both desktop (Windows) and mobile (iOS) devices using the latest versions of Google Chrome. I focused on key user flows such as registration, car posting, filtering, messaging, and contacting sellers.

Findings
I uncovered several usability and functionality issues, including incomplete form validation, broken features on mobile, and poor security measures. The most critical issue was the inability to contact sellers via phone or WhatsApp, which significantly impacts user experience.

Recommendations

Improve Mobile Experience: Mobile users should be able to post cars, access filters, and view messages without UI glitches.
Fix Contact Functionality: Buyers should be able to contact sellers via phone or WhatsApp.
Validate Registration Inputs: Ensure phone numbers, passwords, and other details are validated before account creation.
Fix Search Functionality: Filters should display only relevant car models to improve user experience.
Ensure Security: The website should implement basic security measures like email or phone verification.

Conclusion
Cars.ng has potential but requires crucial fixes to enhance usability, security, and overall functionality. My exploratory testing provided actionable insights that can help improve the platform's performance.

For a detailed bug report, you can check my documentation here.