Post

Bonus Tutorial: API Testing with Postman

Posted
By Rajnish kuamr 4 min read

Bonus Tutorial: API Testing with Postman – Why & How? πŸš€

πŸ“Œ Why Should You Test APIs Before Frontend Integration?

Before integrating APIs into the frontend, it’s critical to test them independently. Here’s why:

βœ… Early Bug Detection – Find API issues before they affect the UI.
βœ… Faster Debugging – Identify if an issue is in the backend or frontend.
βœ… Smoother Integration – Ensure API responses match frontend expectations.
βœ… Security Testing – Test authentication, roles, and protected routes.
βœ… Automation Ready – Save test cases for future automated testing.

Instead of constantly switching between frontend & backend, Postman lets you test APIs efficiently before connecting them.

πŸ”§ Getting Started with Postman

1️⃣ Install Postman

  1. Download & install Postman.
  2. Open the Postman app and create a free account (optional but useful for saving requests).

πŸš€ Testing Flask API with Postman

We will test the following API endpoints:

  • User Signup
  • User Login
  • Protected API (JWT Authentication)
  • CRUD Operations: Tasks Management
  • Role-Based Access Control (Admin & Manager Actions)

1️⃣ Testing User Signup API

πŸ“Œ Endpoint: POST http://127.0.0.1:5000/signup

πŸ”Ή Steps in Postman:

  1. Open Postman and select POST request.
  2. Enter the API URL:
    1

    http://127.0.0.1:5000/signup
  3. Go to the Body tab β†’ Select raw β†’ Choose JSON.
  4. Enter this JSON data:
    1
2
3
4
5

    {
  "username": "testuser",
  "email": "testuser@example.com",
  "password": "testpassword"
}
  5. Click Send and check the response.

βœ… Expected Response:

1
2
3
4

{
  "username": "testuser",
  "email": "testuser@example.com"
}

2️⃣ Testing User Login & Generating JWT Token

πŸ“Œ Endpoint: POST http://127.0.0.1:5000/login

πŸ”Ή Steps in Postman:

  1. Select POST request.
  2. URL:
    1

    http://127.0.0.1:5000/login
  3. Body β†’ raw β†’ Select JSON and enter:
    1
2
3
4

    {
  "email": "testuser@example.com",
  "password": "testpassword"
}
  4. Click Send.

βœ… Expected Response (with JWT Token):

1
2
3
4

{
  "msg": "successfully logged in",
  "token": "eyJhbGciOiJIUzI1..."
}

⚑ Copy the JWT token – You’ll need it for testing protected APIs.

3️⃣ Testing Protected API with JWT Authentication

πŸ“Œ Endpoint: GET http://127.0.0.1:5000/hello

πŸ”Ή Steps in Postman:

  1. Select GET request.
  2. Enter URL:
    1

    http://127.0.0.1:5000/hello
  3. Go to Headers tab.
  4. Add a new header:
    • Key: Authorization
    • Value: Bearer <JWT-TOKEN>
      (Replace <JWT-TOKEN> with the token copied earlier.)
  5. Click Send.

βœ… Expected Response:

1
2
3
4

{
  "msg": "hello world! from flask restful",
  "user_name": "testuser"
}

πŸš€ If you don’t send a valid JWT, it returns 401 Unauthorized.

4️⃣ Creating a Task (Admin/Manager Only)

πŸ“Œ Endpoint: POST http://127.0.0.1:5000/tasks

πŸ”Ή Steps in Postman:

  1. Select POST request.
  2. URL:
    1

    http://127.0.0.1:5000/tasks
  3. Headers β†’ Add Authorization Header:
    1

    Authorization: Bearer <JWT-TOKEN>
  4. Body β†’ raw β†’ JSON:
    1
2
3
4
5

    {
  "title": "Fix Backend Bug",
  "description": "Resolve API timeout issue",
  "deadline": "2025-02-20"
}
  5. Click Send.

βœ… Expected Response:

1
2
3

{
  "message": "Task created successfully"
}

πŸ“Œ If the user isn’t an admin/manager, it returns:

1
2
3

{
  "message": "Unauthorized access"
}

5️⃣ Fetching All Tasks (Admin/Manager Only)

πŸ“Œ Endpoint: GET http://127.0.0.1:5000/tasks

πŸ”Ή Steps in Postman:

  1. Select GET request.
  2. URL:
    1

    http://127.0.0.1:5000/tasks
  3. Headers β†’ Add Authorization Header:
    1

    Authorization: Bearer <JWT-TOKEN>
  4. Click Send.

βœ… Expected Response:

1
2
3
4
5
6
7
8
9

[
  {
    "id": 1,
    "title": "Fix Backend Bug",
    "description": "Resolve API timeout issue",
    "status": "pending",
    "deadline": "2025-02-20"
  }
]

6️⃣ Assigning a Task to a User (Manager Only)

πŸ“Œ Endpoint: PUT http://127.0.0.1:5000/task/1/assign

πŸ”Ή Steps in Postman:

  1. Select PUT request.
  2. URL:
    1

    http://127.0.0.1:5000/task/1/assign
  3. Headers β†’ Add Authorization Header:
    1

    Authorization: Bearer <JWT-TOKEN>
  4. Body β†’ raw β†’ JSON:
    1
2
3

    {
  "user_id": 2
}
  5. Click Send.

βœ… Expected Response:

1
2
3

{
  "message": "Task assigned successfully"
}

7️⃣ Viewing API Stats (Admin/Manager Only)

πŸ“Œ Endpoint: GET http://127.0.0.1:5000/stats

πŸ”Ή Steps in Postman:

  1. Select GET request.
  2. URL:
    1

    http://127.0.0.1:5000/stats
  3. Headers β†’ Add Authorization Header:
    1

    Authorization: Bearer <JWT-TOKEN>
  4. Click Send.

βœ… Expected Response:

1
2
3
4
5

{
  "total_users": 5,
  "total_tasks": 10,
  "completed_tasks": 3
}
FeaturePostman API TestingFrontend Integration
Faster Debuggingβœ… Directly test backend❌ Requires UI interactions
Error Identificationβœ… Isolates API errors❌ Hard to debug API issues
Role-Based Testingβœ… Easily switch tokens❌ Requires logging in/out
Security Testingβœ… Test unauthorized access❌ Harder to simulate
Automated Testingβœ… Save requests & automate❌ Requires frontend setup
No UI Dependencyβœ… Works standalone❌ Needs UI components

πŸ”Ή Conclusion: Testing APIs with Postman before frontend integration makes development smoother, debugging faster, and reduces errors before they impact users! πŸš€πŸ”₯

πŸ“Œ Next Steps

  • πŸ”₯ Automate Postman tests using Pre-Request Scripts
  • πŸ“Š Learn API monitoring with Postman Collections
  • πŸ› οΈ Integrate APIs with React/Angular Frontend

Happy Testing! πŸš€πŸŽ―

bootcamp
bootcamp vue flask
This post is licensed under CC BY 4.0 by the author.