This glossary defines core terminology used in API testing, quality assurance, validation, and test automation. It is designed as a quick reference for developers, QA engineers, and API testers who need clear meanings for common technical terms, response concepts, and automation vocabulary. The entries focus on definitions and terminology, not procedures or implementation guidance.
API Testing Glossary
A concise reference for API testing, QA, validation, and automation terminology.
Explore OverviewReference terms for API testing teams
Core glossary entries
API testing
The process of verifying that an application programming interface behaves as expected. It evaluates responses, data handling, and contract behavior against defined requirements.
Validation
The act of confirming that a response or result matches expected rules, formats, or business constraints. In API contexts, it often refers to checking status, schema, and values.
Assertion
A test condition that must be true for a test to pass. Assertions are used to confirm specific response properties, payload values, or status codes.
Test case
A defined set of inputs, conditions, and expected outcomes used to evaluate an API. It provides a structured reference for one verification scenario.
Endpoint
A specific URL or route where an API accepts requests. Endpoints are usually grouped by resource or function.
Request
The message sent to an API to perform an action or retrieve data. A request typically includes method, headers, parameters, and body.
Response
The message returned by an API after it receives a request. It commonly includes a status code, headers, and a payload.
Status code
A numeric code in the HTTP response that indicates the result of a request. It signals success, client error, server error, or other outcomes.
Payload
The data content carried in a request or response body. It is often formatted as JSON or another structured data type.
Schema
A structural definition of data fields, types, and relationships. In API testing, schema validation checks whether payloads match the expected structure.
Authentication
The process of verifying identity before allowing access to an API. Common mechanisms include API keys, tokens, and session-based credentials.
Authorization
The process of determining what an authenticated client is allowed to access. It defines permissions for resources, actions, or scopes.
Mock
A simulated API or response used for testing without calling a live service. Mocks help isolate behavior and represent controlled scenarios.
Fixture
Predefined test data or setup used consistently across tests. Fixtures help create repeatable conditions and predictable results.
Automation
The use of scripts or tools to execute tests with minimal manual intervention. In API testing, automation supports repeatable validation of endpoints and responses.
Terminology questions
What is the difference between validation and verification?
Validation confirms that a response meets expected rules or requirements. Verification checks whether the implementation matches the intended specification or behavior.
How is an assertion different from a test case?
A test case is the full defined scenario being evaluated. An assertion is one specific condition inside that scenario that must pass.
What does schema mean in API testing?
Schema refers to the expected structure of data, including fields, types, and nesting. Schema validation checks whether the response conforms to that structure.
Why are authentication and authorization separate terms?
Authentication identifies who or what is making the request. Authorization determines what that identity is permitted to access or do.