DEV Community

Mauricio Choqueña Choque
Mauricio Choqueña Choque

Posted on

Applying API Testing Frameworks — A Hands-On Example with REST Assured

Why API Testing Frameworks Matter

APIs are the backbone of modern software — they connect frontends, mobile apps, microservices, and third-party integrations. If an API breaks silently, everything built on top of it breaks too. That's why API testing frameworks exist: to validate that endpoints return the right status codes, the right data structure, and the right values, automatically, on every code change.

There are dozens of tools in this space — Postman, SoapUI, Karate DSL, JMeter, Swagger, Katalon Studio — each with different trade-offs between ease of use, coding requirements, and CI/CD integration. This article focuses on one of the most widely adopted code-based frameworks: REST Assured, a Java DSL built specifically to make testing REST APIs readable and maintainable.

Why REST Assured

Unlike GUI-based tools (Postman, SoapUI), REST Assured is a library, not an application — tests are written in Java and run like any other unit test (JUnit/TestNG), which means they plug directly into existing CI pipelines (Jenkins, GitHub Actions, GitLab CI) without any extra setup.

Key features:

  • BDD-style syntax (given() / when() / then()), close to plain English.
  • Built-in JSON/XML response validation — no need to manually parse responses.
  • Works seamlessly alongside Selenium/Serenity for combined UI + API test suites.
  • No need to be an HTTP protocol expert to write solid tests.

A Real Example

Here's a real, working REST Assured test against a public test API (reqres.in, commonly used for practicing API testing):

import io.restassured.RestAssured;
import io.restassured.response.Response;
import org.junit.jupiter.api.Test;

import static io.restassured.RestAssured.given;
import static org.hamcrest.Matchers.*;

public class UserApiTest {

    @Test
    public void testGetSingleUser() {
        given()
            .baseUri("https://reqres.in/api")
        .when()
            .get("/users/2")
        .then()
            .statusCode(200)
            .body("data.id", equalTo(2))
            .body("data.email", containsString("@reqres.in"))
            .body("data.first_name", notNullValue());
    }

    @Test
    public void testCreateUser() {
        String requestBody = "{ \"name\": \"morpheus\", \"job\": \"leader\" }";

        Response response =
            given()
                .baseUri("https://reqres.in/api")
                .contentType("application/json")
                .body(requestBody)
            .when()
                .post("/users")
            .then()
                .statusCode(201)
                .body("name", equalTo("morpheus"))
                .body("job", equalTo("leader"))
                .extract().response();

        System.out.println("Created user ID: " + response.jsonPath().getString("id"));
    }
}
Enter fullscreen mode Exit fullscreen mode

What this example shows in practice:

  • given() sets up the request (base URL, headers, body).
  • when() performs the action (GET, POST, etc.).
  • then() validates the response — status code, JSON fields, string patterns — all in a single fluent chain.
  • No manual JSON parsing, no raw HTTP client boilerplate: the assertions read almost like a specification of what the API should do.

Public Repository Example

You can see this exact pattern in real open-source repositories that use REST Assured against public test APIs:

Both repositories can be cloned and run locally with Maven or Gradle to see the tests execute against a live API.

Comparing to Other Frameworks

Framework Type Coding required Best for
REST Assured Java library Yes (Java) Teams already using JUnit/TestNG, CI-first workflows
Postman/Newman GUI + CLI runner Minimal Quick manual testing, exploratory testing, non-devs
Karate DSL Gherkin-based DSL Minimal BDD scenarios without full Java knowledge
JMeter GUI + scripting Minimal Load testing repurposed for functional checks
SoapUI GUI Minimal (Pro: Groovy) SOAP-heavy legacy systems

REST Assured sits closer to the "developer-first" end of the spectrum — it requires knowing Java, but in exchange gives full programmatic control: loops, conditionals, data-driven tests from CSV/JSON files, and direct integration into the same test suite as unit tests.

Conclusion

Choosing an API testing framework is less about which tool is "best" overall, and more about matching the tool to the team. For a team of developers already comfortable with Java and JUnit, REST Assured turns API contracts into readable, maintainable, CI-friendly test code — with no separate GUI tool to install or maintain. For teams with mixed technical backgrounds, a GUI-first tool like Postman may still be the faster path to adoption.

The best way to evaluate any API testing framework, as always, is to clone a real repository — like the ones linked above — and run the suite yourself.

Top comments (0)