API-Based Generation

Generate tests directly from OpenAPI specifications

API-based generation creates comprehensive test suites by analyzing your OpenAPI document structure, parameters, and schemas.

Overview

API-based generation is the fastest way to achieve broad test coverage. WellTested analyzes your OpenAPI 3.0 specification and automatically generates tests for:

• All HTTP methods (GET, POST, PUT, DELETE, PATCH)
• Request parameter validation
• Request body validation
• Response schema validation
• Error scenarios

How It Works

1. Select API Endpoint

Project → Test Cases → New Test Case → API-Based

Browse your uploaded APIs:

• Filter by method (GET, POST, etc.)
• Search by path
• View parameters and schemas

2. AI Analysis

WellTested analyzes the selected API:

• Parameters: Required vs optional, types, constraints
• Request Body: Schema structure and validation rules
• Responses: Success and error scenarios
• Dependencies: Related APIs and workflows

3. Test Generation

AI creates comprehensive test scenarios:

• Happy Path: Valid requests with expected responses
• Validation Tests: Invalid parameters, missing fields
• Edge Cases: Boundary values, special characters
• Error Handling: 4xx and 5xx response scenarios

4. Code Generation

Each scenario becomes executable Python code with:

• HTTP requests with proper headers
• Authentication integration
• Response validation and assertions
• Variable extraction for subsequent steps

Generated Test Coverage

For POST /users Endpoint

Happy Path Tests:

✅ Create user with all required fields
✅ Create user with optional fields included
✅ Verify created user in response

Validation Tests:

❌ Create user with missing required field (400)
❌ Create user with invalid email format (400)
❌ Create user with password too short (400)
❌ Create user with invalid data types (400)

Business Logic Tests:

❌ Create user with duplicate email (409)
✅ Verify user appears in GET /users list

For GET /users/{id} Endpoint

Happy Path Tests:

✅ Retrieve existing user by ID
✅ Verify response contains all fields

Error Tests:

❌ Retrieve non-existent user (404)
❌ Retrieve with invalid ID format (400)

For PUT /users/{id} Endpoint

Happy Path Tests:

✅ Update user with valid data
✅ Partial update with subset of fields
✅ Verify changes persisted

Error Tests:

❌ Update non-existent user (404)
❌ Update with invalid data (400)

For DELETE /users/{id} Endpoint

Happy Path Tests:

✅ Delete existing user
✅ Verify user no longer exists

Error Tests:

❌ Delete non-existent user (404)
❌ Delete with dependencies (409)

Configuration Options

Test Depth

Control test coverage:

Quick (5-10 tests)

• Essential happy path only
• Basic error scenarios
• Fast generation

Standard (15-25 tests)

• Happy path with variations
• Common error scenarios
• Edge cases
• Recommended for most APIs

Comprehensive (30+ tests)

• All possible scenarios
• Rare edge cases
• Extensive error coverage
• Best for critical APIs

Related APIs

Include dependent endpoints:

Auto-detect

• AI identifies related APIs
• Includes setup/teardown operations
• Creates multi-step workflows

Manual selection

• Choose specific APIs to include
• Control test flow
• Custom workflows

None

• Test single endpoint only
• Isolated testing
• Fastest generation

Multi-API Workflows

Automatic Dependency Detection

AI identifies when APIs depend on each other:

Test: Complete User Lifecycle

Step 1: POST /users
  → Create user, extract user_id

Step 2: GET /users/{user_id}
  → Verify user exists

Step 3: PUT /users/{user_id}
  → Update user data

Step 4: GET /users/{user_id}
  → Verify updates applied

Step 5: DELETE /users/{user_id}
  → Remove user

Step 6: GET /users/{user_id}
  → Verify user deleted (404)

Smart Variable Passing

Data flows automatically between steps:

• IDs extracted from creation responses
• Tokens from authentication endpoints
• Dynamic values for subsequent requests

Example: E-commerce API

Product API

Generated Tests:

1. List all products (GET /products)
2. Get product details (GET /products/{id})
3. Create new product (POST /products)
4. Update product (PUT /products/{id})
5. Delete product (DELETE /products/{id})
6. Search products (GET /products?search=...)
7. Filter by category (GET /products?category=...)
8. Invalid product ID (404)
9. Missing required fields (400)
10. Duplicate product SKU (409)

Order API with Dependencies

Generated Workflow:

1. Create user (POST /users)
2. Login (POST /auth/login) → get token
3. Add product to cart (POST /cart/items)
4. View cart (GET /cart)
5. Create order (POST /orders)
6. Process payment (POST /payments)
7. Verify order status (GET /orders/{id})
8. Cancel order (DELETE /orders/{id})

Best Practices

Optimize Your OpenAPI Spec

Add Detailed Descriptions:

paths:
  /users:
    post:
      summary: Create a new user
      description: |
        Creates a new user account. Email must be unique.
        Password must be at least 8 characters with
        uppercase, lowercase, and numbers.

Include Examples:

components:
  schemas:
    User:
      type: object
      properties:
        name:
          type: string
          example: "John Doe"
        email:
          type: string
          example: "john@example.com"

Document Error Responses:

responses:
  '400':
    description: Invalid input
    content:
      application/json:
        example:
          error: "Email is required"
  '409':
    description: User already exists

Start with Core APIs

• Test critical endpoints first
• Validate results before expanding
• Build up to complex workflows

Combine with Scenario-Based

• Use API-based for structural coverage
• Add scenario-based tests for business logic
• Cover both technical and functional aspects

Advantages

Speed

• Generate 20+ tests in under 30 seconds
• No manual test writing required
• Instant updates when API changes

Coverage

• AI identifies scenarios you might miss
• Consistent testing across all endpoints
• Comprehensive error case coverage

Maintainability

• Tests update automatically with API changes
• Regenerate with one click
• Version control friendly

Limitations

What API-Based Generation Covers

✅ API structure and schema validation ✅ Parameter validation ✅ HTTP method testing ✅ Error response handling ✅ Basic CRUD workflows

What It Doesn’t Cover

❌ Complex business logic ❌ Multi-service integration ❌ User journey testing ❌ Performance testing ❌ Security testing

For these, use Scenario-Based Generation.

Next Steps

• Try Scenario-Based Generation for business logic
• Learn about Test Execution
• Explore Batch Code Generation

---

← Back to Documentation