Web APIs broadly fall into two established classes of web services: SOAP or Simple Object Access Protocol, REST or Representational State Transfer, and now, GraphQL, which is a far more recent development in the web services arena. Unlike SOAP, which uses XML, REST APIs are URL-based (using HTTP) and can provide output data in a variety of formats JSON, CSV, or RSS, among others.
Due to its flexibility, REST APIs are the logical choice for web services. They comprise four main access methods, viz., GET, POST, PUT, and DELETE.
REST API Testing essentially checks the correctness of the HTTP status codes, verifies response headers and payload, examines the overall performance time, and occasionally also the application state. The common scenarios that are considered for REST API Testing include basic positive tests with and without optional parameters, negative tests with valid and invalid inputs, as well as security/authorization checks.