Zum Inhalt

Postman API Prüfung

generieren

Umfassende Postman Shortcuts und Workflows für API-Entwicklung und -Test.

Hauptnavigation

| | Shortcut | Description | | | --- | --- | | | Ctrl+N | New Request | | | | Ctrl+Shift+N | New Collection | | | | Ctrl+O | Open | | | | Ctrl+S | Save | | | | Ctrl+Shift+S | Save As | | | | Ctrl+Enter | Send Request | | | | Ctrl+R | Reload | | | | Ctrl+W | Close Tab | | | | Ctrl+Shift+W | Close All Tabs | | | | Ctrl+T | New Tab | | | | Ctrl+Shift+T | Reopen Closed Tab | |

Verwaltung

| | Shortcut | Description | | | --- | --- | | | Ctrl+L | Focus URL Bar | | | | Ctrl+M | Change HTTP Method | | | | Ctrl+Shift+P | Open Command Palette | | | | Ctrl+K | Search Collections | | | | Ctrl+H | Show/Hide Sidebar | | | | Ctrl+Alt+C | Open Console | | | | Ctrl+Alt+E | Open Environment Quick Look | |

Textbearbeitung

| | Shortcut | Description | | | --- | --- | | | Ctrl+A | Select All | | | | Ctrl+C | Copy | | | | Ctrl+V | Paste | | | | Ctrl+X | Cut | | | | Ctrl+Z | Undo | | | | Ctrl+Y | Redo | | | | Ctrl+F | Find | | | | Ctrl+G | Find Next | | | | Ctrl+Shift+G | Find Previous | | | | F3 | Find Next | | | | Shift+F3 | Find Previous | |

Umwelt und Varianten

| | Shortcut | Description | | | --- | --- | | | Ctrl+Alt+E | Environment Quick Look | | | | Ctrl+Shift+E | Manage Environments | | | | \\{\\{variable\\}\\} | Variable Syntax | | | | pm.environment.get("var") | Get Environment Variable | | | | pm.environment.set("var", "value") | Set Environment Variable | | | | pm.globals.get("var") | Get Global Variable | | | | pm.globals.set("var", "value") | Set Global Variable | |

HTTP Methoden und Statuscodes

Gemeinsames HTTP Methoden

| | Method | Purpose | Example | | | --- | --- | --- | | | GET | Retrieve data | Get user profile | | | | POST | Create new resource | Create new user | | | | PUT | Update entire resource | Update user profile | | | | PATCH | Partial update | Update user email | | | | DELETE | Remove resource | Delete user account | | | | HEAD | Get headers only | Check if resource exists | | | | OPTIONS | Get allowed methods | CORS preflight | |

HTTP Status Codes

| | Code Range | Type | Common Codes | | | --- | --- | --- | | | 2xx | Success | 200 OK, 201 Created, 204 No Content | | | | 3xx | Redirection | 301 Moved, 302 Found, 304 Not Modified | | | | 4xx | Client Error | 400 Bad Request, 401 Unauthorized, 404 Not Found | | | | 5xx | Server Error | 500 Internal Error, 502 Bad Gateway, 503 Unavailable | |

Pre-Request Scripts

Gemeinsame Pre-Request Script Beispiele

```javascript // Set timestamp pm.environment.set("timestamp", Date.now());

// Generate random data pm.environment.set("randomEmail", "user" + Math.random().toString(36).substring(7) + "@example.com");

// Set authentication token const token = pm.environment.get("auth_token"); pm.request.headers.add(\\{ key: "Authorization", value: "Bearer " + token \\});

// Generate UUID const uuid = require('uuid'); pm.environment.set("requestId", uuid.v4());

// Base64 encode credentials const username = pm.environment.get("username"); const password = pm.environment.get("password"); const credentials = btoa(username + ":" + password); pm.environment.set("basicAuth", credentials); ```_

Testskripte

Grundlegende Hinweise

```javascript // Status code tests pm.test("Status code is 200", function () \\{ pm.response.to.have.status(200); \\});

pm.test("Status code name has string", function () \\{ pm.response.to.have.status("OK"); \\});

// Response time test pm.test("Response time is less than 200ms", function () \\{ pm.expect(pm.response.responseTime).to.be.below(200); \\});

// Header tests pm.test("Content-Type is present", function () \\{ pm.response.to.have.header("Content-Type"); \\});

pm.test("Content-Type is application/json", function () \\{ pm.expect(pm.response.headers.get("Content-Type")).to.include("application/json"); \\}); ```_

JSON Prüfverfahren

```javascript // Parse JSON response const responseJson = pm.response.json();

// Test JSON structure pm.test("Response has required fields", function () \\{ pm.expect(responseJson).to.have.property("id"); pm.expect(responseJson).to.have.property("name"); pm.expect(responseJson).to.have.property("email"); \\});

// Test specific values pm.test("User ID is correct", function () \\{ pm.expect(responseJson.id).to.eql(123); \\});

pm.test("Email format is valid", function () \\{ pm.expect(responseJson.email).to.match(/^[^\s@]+@[^\s@]+.[^\s@]+$/); \\});

// Test array responses pm.test("Response is an array", function () \\{ pm.expect(responseJson).to.be.an('array'); \\});

pm.test("Array has correct length", function () \\{ pm.expect(responseJson).to.have.lengthOf(5); \\}); ```_

Variable Extraktion

```javascript // Extract data from response const responseJson = pm.response.json();

// Set environment variables pm.environment.set("userId", responseJson.id); pm.environment.set("userToken", responseJson.token);

// Extract from headers const location = pm.response.headers.get("Location"); pm.environment.set("resourceUrl", location);

// Extract using regex const responseText = pm.response.text(); const match = responseText.match(/token:\s*"([^"]+)"/); if (match) \\{ pm.environment.set("extractedToken", match[1]); \\} ```_

Sammlung Runner

Laufende Sammlungen

```javascript // Collection variables pm.collectionVariables.set("baseUrl", "https://api.example.com"); pm.collectionVariables.get("baseUrl");

// Data-driven testing // Use CSV or JSON files for test data // Access data using pm.iterationData.get("fieldName")

// Workflow control postman.setNextRequest("Request Name"); postman.setNextRequest(null); // Stop execution ```_

Authentication Workflows

Auf den Wunschzettel

javascript // Pre-request script for login pm.sendRequest(\\\\{ url: pm.environment.get("baseUrl") + "/auth/login", method: "POST", header: \\\\{ "Content-Type": "application/json" \\\\}, body: \\\\{ mode: "raw", raw: JSON.stringify(\\\\{ username: pm.environment.get("username"), password: pm.environment.get("password") \\\\}) \\\\} \\\\}, function (err, response) \\\\{ if (response.code === 200) \\\\{ const token = response.json().token; pm.environment.set("authToken", token); \\\\} \\\\});_

OAuth 2.0

```javascript // OAuth 2.0 configuration const clientId = pm.environment.get("clientId"); const clientSecret = pm.environment.get("clientSecret"); const tokenUrl = pm.environment.get("tokenUrl");

pm.sendRequest(\\{ url: tokenUrl, method: "POST", header: \\{ "Content-Type": "application/x-www-form-urlencoded" \\}, body: \\{ mode: "urlencoded", urlencoded: [ \\{key: "grant_type", value: "client_credentials"\\}, \\{key: "client_id", value: clientId\\}, \\{key: "client_secret", value: clientSecret\\} ] \\} \\}, function (err, response) \\{ if (response.code === 200) \\{ const accessToken = response.json().access_token; pm.environment.set("accessToken", accessToken); \\} \\}); ```_

API Testing Workflows

CRUD Operations Testing

```javascript // 1. Create Resource (POST) pm.test("Create user successfully", function () \\{ pm.response.to.have.status(201); const user = pm.response.json(); pm.environment.set("createdUserId", user.id); \\});

// 2. Read Resource (GET) pm.test("Get user successfully", function () \\{ pm.response.to.have.status(200); const user = pm.response.json(); pm.expect(user.id).to.eql(pm.environment.get("createdUserId")); \\});

// 3. Update Resource (PUT/PATCH) pm.test("Update user successfully", function () \\{ pm.response.to.have.status(200); \\});

// 4. Delete Resource (DELETE) pm.test("Delete user successfully", function () \\{ pm.response.to.have.status(204); \\}); ```_

Fehlerbehandlungstests

```javascript // Test error responses pm.test("Returns 400 for invalid data", function () \\{ pm.response.to.have.status(400); const error = pm.response.json(); pm.expect(error).to.have.property("message"); \\});

pm.test("Returns 401 for unauthorized access", function () \\{ pm.response.to.have.status(401); \\});

pm.test("Returns 404 for non-existent resource", function () \\{ pm.response.to.have.status(404); \\}); ```_

Best Practices

Organisation

  • Verwenden Sie Sammlungen zu Gruppenanfragen
  • Erstellen Sie Ordner innerhalb von Sammlungen für logische Gruppierung
  • Deskriptive Namen für Anfragen und Sammlungen verwenden
  • Dokumente APIs mit Sammlungsbeschreibungen
  • Verwenden Sie Umgebungsvariablen für verschiedene Stufen (dev, staging, prod)

Teststrategie

  • Vollständige Testskripte schreiben
  • Testen Sie positive und negative Szenarien
  • Gültige Antwortstruktur und Datentypen
  • Antwortzeiten und Leistung überprüfen
  • Prüffehlerbehandlung und Kantenfälle

Datenverwaltung

  • Verwenden Sie Umgebungsvariablen für die Konfiguration
  • Implementierung datengesteuerter Tests mit CSV/JSON-Dateien
  • Prüfdaten nach der Testdurchführung reinigen
  • Verwenden Sie dynamische Variablen für einzigartige Testdaten
  • Separate Testdaten aus Produktionsdaten

Zusammenarbeit

  • Sammeln mit Teammitgliedern teilen
  • Verwendung der Versionskontrolle für Sammelausfuhren
  • Dokumente API Änderungen und Testupdates
  • Erstellen Sie wiederverwendbare Testskripte und Snippets
  • Benennung Konventionen und Standards