Over the past week, I worked on a detailed API Testing & Presentation Task using the Gradific REST API documentation. This assignment pushed me deeper into advanced API testing concepts such as CRUD operations, nested endpoints, authorization flows, and Postman collections.
Here’s a breakdown of what I did ✅
✅ Task Overview
I was required to:
1. Review the API documentation
2. Select 4 resources (including Authentication)
3. Perform full CRUD operations on each
4. Test nested endpoints where applicable
5. Create:
• 80 total test cases (20 per resource)
• A Postman collection for all requests
• Professional documentation files (.docx and .xlsx)
🔐 Authentication Challenges
Initially, every request returned:
Cannot POST /api/docs
later:
Cannot POST /api/auth/register
Eventually, I got the API responding, but then encountered:
Invalid authentication token
While debugging, I discovered that the API requires a valid JWT for protected routes — meaning I needed to:
✔ Authenticate first
✔ Retrieve a token
✔ Add it to every request header
This taught me how token-based security impacts testing workflows and how to handle protected endpoints properly.
🛠 Tools & Skills Used
Tool / Concept
Postman
How I Used It
CRUD operations, environments, token automation
Tool / Concept
HTTP Headers
How I Used It
Added Authorization tokens
Tool / Concept
Status Code Validation
How I Used It
Confirmed expected responses
Tool / Concept
API Documentation
How I Used It
Navigation & endpoint selection
Tool / Concept
Test Documentation
How I Used It
Excel + Word formatted test suites
📌 Deliverables I Produced
✅ Full Postman Collection
✅ 80 detailed test scenarios
✅ Functional + auth testing across 4 resources
✅ Documentation files ready for review
This experience helped me:
• Understand backend dependencies
• Build confidence in API automation setup
• Strengthen debugging and problem-solving skills
• Work with REST APIs beyond simple GET/POST calls
🎯 Key Takeaways
• Not all API failures mean the API is “down” — authentication matters!
• Test cases should include both positive and negative scenarios.
• Clear documentation is vital for QA engineering roles.
• API testing is as much about logic as it is about tooling.
🙌 Wrapping Up
This project confirmed my passion for Quality Assurance Engineering and backend testing. I’m excited to build more with Postman, automation scripts, and CI pipelines as I advance in this field.
If you’re working on APIs:
👉 Always start by validating authentication flow
👉 Read the docs twice before assuming the endpoint is wrong 😅
Thanks for reading! Feel free to connect with me on my journey ❤️
Top comments (0)