Postman API Prüfung

📋 Kopieren Sie alle Befehle 📄 PDF generieren

Umfassende Postman Shortcuts und Workflows für API-Entwicklung und -Test.

Hauptnavigation

Shortcut	Description
Ctrl+N	New Request
Ctrl+Shift+N	New Collection
Ctrl+O	Open
Ctrl+S	Save
Ctrl+Shift+S	Save As
Ctrl+Enter	Send Request
Ctrl+R	Reload
Ctrl+W	Close Tab
Ctrl+Shift+W	Close All Tabs
Ctrl+T	New Tab
Ctrl+Shift+T	Reopen Closed Tab

Verwaltung

Shortcut	Description
Ctrl+L	Focus URL Bar
Ctrl+M	Change HTTP Method
Ctrl+Shift+P	Open Command Palette
Ctrl+K	Search Collections
Ctrl+H	Show/Hide Sidebar
Ctrl+Alt+C	Open Console
Ctrl+Alt+E	Open Environment Quick Look

Textbearbeitung

Shortcut	Description
Ctrl+A	Select All
Ctrl+C	Copy
Ctrl+V	Paste
Ctrl+X	Cut
Ctrl+Z	Undo
Ctrl+Y	Redo
Ctrl+F	Find
Ctrl+G	Find Next
Ctrl+Shift+G	Find Previous
F3	Find Next
Shift+F3	Find Previous

Umwelt und Varianten

Shortcut	Description
Ctrl+Alt+E	Environment Quick Look
Ctrl+Shift+E	Manage Environments
\\{\\{variable\\}\\}	Variable Syntax
pm.environment.get("var")	Get Environment Variable
pm.environment.set("var", "value")	Set Environment Variable
pm.globals.get("var")	Get Global Variable
pm.globals.set("var", "value")	Set Global Variable

HTTP Methoden und Statuscodes

Gemeinsames HTTP Methoden

Method	Purpose	Example
GET	Retrieve data	Get user profile
POST	Create new resource	Create new user
PUT	Update entire resource	Update user profile
PATCH	Partial update	Update user email
DELETE	Remove resource	Delete user account
HEAD	Get headers only	Check if resource exists
OPTIONS	Get allowed methods	CORS preflight

HTTP Status Codes

Code Range	Type	Common Codes
2xx	Success	200 OK, 201 Created, 204 No Content
3xx	Redirection	301 Moved, 302 Found, 304 Not Modified
4xx	Client Error	400 Bad Request, 401 Unauthorized, 404 Not Found
5xx	Server Error	500 Internal Error, 502 Bad Gateway, 503 Unavailable

Pre-Request Scripts

Gemeinsame Pre-Request Script Beispiele

```javascript // Set timestamp pm.environment.set("timestamp", Date.now());

// Generate random data pm.environment.set("randomEmail", "user" + Math.random().toString(36).substring(7) + "@example.com");

// Set authentication token const token = pm.environment.get("auth_token"); pm.request.headers.add(\\{ key: "Authorization", value: "Bearer " + token \\});

// Generate UUID const uuid = require('uuid'); pm.environment.set("requestId", uuid.v4());

// Base64 encode credentials const username = pm.environment.get("username"); const password = pm.environment.get("password"); const credentials = btoa(username + ":" + password); pm.environment.set("basicAuth", credentials); ```_

Testskripte

Grundlegende Hinweise

```javascript // Status code tests pm.test("Status code is 200", function () \\{ pm.response.to.have.status(200); \\});

pm.test("Status code name has string", function () \\{ pm.response.to.have.status("OK"); \\});

// Response time test pm.test("Response time is less than 200ms", function () \\{ pm.expect(pm.response.responseTime).to.be.below(200); \\});

// Header tests pm.test("Content-Type is present", function () \\{ pm.response.to.have.header("Content-Type"); \\});

pm.test("Content-Type is application/json", function () \\{ pm.expect(pm.response.headers.get("Content-Type")).to.include("application/json"); \\}); ```_

JSON Prüfverfahren

```javascript // Parse JSON response const responseJson = pm.response.json();

// Test JSON structure pm.test("Response has required fields", function () \\{ pm.expect(responseJson).to.have.property("id"); pm.expect(responseJson).to.have.property("name"); pm.expect(responseJson).to.have.property("email"); \\});

// Test specific values pm.test("User ID is correct", function () \\{ pm.expect(responseJson.id).to.eql(123); \\});

pm.test("Email format is valid", function () \\{ pm.expect(responseJson.email).to.match(/<sup>[</sup>\s@]+@[<sup>\s@]+.[</sup>\s@]+$/); \\});

// Test array responses pm.test("Response is an array", function () \\{ pm.expect(responseJson).to.be.an('array'); \\});

pm.test("Array has correct length", function () \\{ pm.expect(responseJson).to.have.lengthOf(5); \\}); ```_

Variable Extraktion

```javascript // Extract data from response const responseJson = pm.response.json();

// Set environment variables pm.environment.set("userId", responseJson.id); pm.environment.set("userToken", responseJson.token);

// Extract from headers const location = pm.response.headers.get("Location"); pm.environment.set("resourceUrl", location);

// Extract using regex const responseText = pm.response.text(); const match = responseText.match(/token:\s*"([^"]+)"/); if (match) \\{ pm.environment.set("extractedToken", match[1]); \\} ```_

Sammlung Runner

Laufende Sammlungen

```javascript // Collection variables pm.collectionVariables.set("baseUrl", "https://api.example.com"); pm.collectionVariables.get("baseUrl");

// Data-driven testing // Use CSV or JSON files for test data // Access data using pm.iterationData.get("fieldName")

// Workflow control postman.setNextRequest("Request Name"); postman.setNextRequest(null); // Stop execution ```_

Authentication Workflows

Auf den Wunschzettel

javascript // Pre-request script for login pm.sendRequest(\\\\{ url: pm.environment.get("baseUrl") + "/auth/login", method: "POST", header: \\\\{ "Content-Type": "application/json" \\\\}, body: \\\\{ mode: "raw", raw: JSON.stringify(\\\\{ username: pm.environment.get("username"), password: pm.environment.get("password") \\\\}) \\\\} \\\\}, function (err, response) \\\\{ if (response.code === 200) \\\\{ const token = response.json().token; pm.environment.set("authToken", token); \\\\} \\\\});_

OAuth 2.0

```javascript // OAuth 2.0 configuration const clientId = pm.environment.get("clientId"); const clientSecret = pm.environment.get("clientSecret"); const tokenUrl = pm.environment.get("tokenUrl");

pm.sendRequest(\\{ url: tokenUrl, method: "POST", header: \\{ "Content-Type": "application/x-www-form-urlencoded" \\}, body: \\{ mode: "urlencoded", urlencoded: [ \\{key: "grant_type", value: "client_credentials"\\}, \\{key: "client_id", value: clientId\\}, \\{key: "client_secret", value: clientSecret\\} ] \\} \\}, function (err, response) \\{ if (response.code === 200) \\{ const accessToken = response.json().access_token; pm.environment.set("accessToken", accessToken); \\} \\}); ```_

API Testing Workflows

CRUD Operations Testing

```javascript // 1. Create Resource (POST) pm.test("Create user successfully", function () \\{ pm.response.to.have.status(201); const user = pm.response.json(); pm.environment.set("createdUserId", user.id); \\});

// 2. Read Resource (GET) pm.test("Get user successfully", function () \\{ pm.response.to.have.status(200); const user = pm.response.json(); pm.expect(user.id).to.eql(pm.environment.get("createdUserId")); \\});

// 3. Update Resource (PUT/PATCH) pm.test("Update user successfully", function () \\{ pm.response.to.have.status(200); \\});

// 4. Delete Resource (DELETE) pm.test("Delete user successfully", function () \\{ pm.response.to.have.status(204); \\}); ```_

Fehlerbehandlungstests

```javascript // Test error responses pm.test("Returns 400 for invalid data", function () \\{ pm.response.to.have.status(400); const error = pm.response.json(); pm.expect(error).to.have.property("message"); \\});

pm.test("Returns 401 for unauthorized access", function () \\{ pm.response.to.have.status(401); \\});

pm.test("Returns 404 for non-existent resource", function () \\{ pm.response.to.have.status(404); \\}); ```_

Best Practices

Organisation

• Verwenden Sie Sammlungen zu Gruppenanfragen
• Erstellen Sie Ordner innerhalb von Sammlungen für logische Gruppierung
• Deskriptive Namen für Anfragen und Sammlungen verwenden
• Dokumente APIs mit Sammlungsbeschreibungen
• Verwenden Sie Umgebungsvariablen für verschiedene Stufen (dev, staging, prod)

Teststrategie

• Vollständige Testskripte schreiben
• Testen Sie positive und negative Szenarien
• Gültige Antwortstruktur und Datentypen
• Antwortzeiten und Leistung überprüfen
• Prüffehlerbehandlung und Kantenfälle

Datenverwaltung

• Verwenden Sie Umgebungsvariablen für die Konfiguration
• Implementierung datengesteuerter Tests mit CSV/JSON-Dateien
• Prüfdaten nach der Testdurchführung reinigen
• Verwenden Sie dynamische Variablen für einzigartige Testdaten
• Separate Testdaten aus Produktionsdaten

Zusammenarbeit

• Sammeln mit Teammitgliedern teilen
• Verwendung der Versionskontrolle für Sammelausfuhren
• Dokumente API Änderungen und Testupdates
• Erstellen Sie wiederverwendbare Testskripte und Snippets
• Benennung Konventionen und Standards