Been going through a lot of CS coursework lately and API testing keeps coming up, especially in software development and systems integration modules. The thing is most courses mention it briefly but never really break down the different types and what each one actually does.
From what I have gathered there are quite a few distinct categories. Functional testing checks whether an endpoint returns the correct data. Security testing looks at whether authentication and authorization are properly enforced. Regression testing catches whether a recent code change broke something that was working before. Contract testing is particularly relevant in microservices where multiple teams depend on each other’s APIs. And performance testing shows how the system holds up under real traffic load.
For anyone studying software engineering or doing an internship where backend work is involved, understanding these differences genuinely helps. I found this breakdown of types of API testing quite useful for getting the full picture with practical context for each category.
Would be interested to hear if anyone has covered this in their A-levels or university modules and which types came up most in actual project work.