How to Test Magento 2 API with Postman? [Backend]

Table of Content

Posted in: Magento 2 Guides

We’ve already posted you on how to start working with API in Magento 2.

Now it’s time to turn to another critical question concerning API in Magento - testing.

So how to test API efficiently? There exists a range of tools that facilitate testing and make it faster, and we tried one of them. Satisfied with the results, we are ready to share our experience.

So meet Postman!

Testing Magento 2 API: what is Postman?

Postman is an API development environment and a handy HTTP client for testing websites. With Postman, you can create diverse queries that vary in purpose (Get, Put, Post and more) and unite them in collections. You can distribute the collections you create among your colleagues. These collections are a sort of test suites that you can move from one project to another with the relevant adjustments. Besides, the tool can be used for automated testing of apps, including Magento extensions. You just need to use the app interface to set up and save your tests.

We’ve tried this approach on testing the Amasty's Product Attachments for Magento 2, the extension that provides for tracking and managing the files you attach to products via API.

So there we go.

Setting up the environment

It’s the starting point of any testing activity. With Postman, you can set up the environment in 3 relatively simple steps:

  1. Open Manage environments form:

2. Now we need to set variables. In our case they are:

  •  magento_api_url: https://magentourl/index.php/rest
  •  admin_username: your admin username
  •  admin_password: your admin password

3. Now we need to select the created environment:

Now we can use the variables we’ve just set in further queries.

Testing Magento 2 Product Attachments: backend API

In our examples, interaction with API requires authorization. So the first thing you need to do is to get the admin token (Magento access token). With the help of this token, you’ll get access to your Magento 2 backend via Postman.

To get the token, start a Post request: 

Now click Send.

In response to the request, Postman generates Admin Token:

We will use this token to test the Product Attachments with Postman.

So what are the basic operations admins perform in this extension?

These operations are uploading, viewing, editing, and deleting the file. To mock them in Postman, we'll need Get, Post, Put, Search and Delete queries.

Let's consider some of them.

How to test uploading the file?

This requires the Post query and authorization. To use the Admin Token, you should insert {{adminToken}} into the Token field. Use the same algorithm every time you have to perform some action as Administrator. Here's how it looks:

First of all, you should encrypt the picture in Base64. To upload the file, insert "string" into "base64_encoded_data".

We check if the file is uploaded successfully and set it for use in further requests:


The response is positive, and we can use the uploaded file for testing the next query (Save Uploaded file):

How to test saving the uploaded file?

Now we have to save the previously uploaded file, and we again need the Post query.

We add the loaded file "tmp_file": "{{lastUploadedFile}}", and write out the file data: name, label, etc.

Before saving the file, we need to make sure it was loaded. So we check it with the help of a pre-request script. This script is run before the actual request:

We unset the uploaded file and configure settings to use the saved file in the latter requests:

The file saved successfully:

The last, but not the least. We need to check if the data on the file match our Product Attachments settings:

That's a success!

There’s also another option to consider: you can save the uploaded file with the help of its URL (using a link field).

How to test saving the file data by the URL?

Once again we need a Post request. Now we input the URL that points to the file location. Then we set the file name, label, etc., and click Send:

The response is positive.

So the file is saved.

Now let's move to Get queries.

How to test getting file data by the file id?

Get queries are used to output the information on a certain file attached to a product. As an admin, you can perform this operation for Default Store View and for All Store Views.

We'll try to get the data on LastSavedId via a Get query. First of all, we set the URL indicating the needed Store View and the file id:

Here a Pre-request Script comes in handy as well. Before we output the info about the file, we should make sure it was saved:

In case the file is missing, we need to upload and save it.

Now we check if the information in the extension settings matches the information for the file uploaded.

The response request is positive:

We'll turn to another important operation admins runs -  search. Why search for files attached to products? They may need some updates, editing or replacement.

So there we go.

How to test searching for the file?

In Postman, we can create search queries by the required/any attribute. We can also sort the search results by any value and order and set the number of the results to be displayed in the response section:

For illustrative purposes, we provide an example.

We'll search for the file with the name starting with"filename" and which is greater than 3000 Bytes in size. And the results should be sorted by id in the ascending order with 5 files per page. Difficult? Let's make it simpler.

First of all, we'll break the query into lines:


  1. File name starts with “name”:

  2. The size is greater than 3000 Bytes:
  3. The results are sorted by id in ascending order: 

  4. The number of files per page -is 5 and The number of page for viewing is 1:
    searchCriteria[pageSize]=5& searchCriteria[currentPage]=1

So we’ve uploaded 3 files, and 2 of them meet the search query.

Is the query correct? Compare it with Magento 2 Product attachments settings:

The results match. Bingo!

And here comes the last and yet important operation an admin runs - deleting product attachments.

How to test deleting a file?

There always comes a time when a file needs to be deleted. So making sure an admin can delete a file is a must.

For testing purposes, we chose to delete the last saved file. To do so, we input the file id in the URL and check if the file is saved with a pre-request script.

When the file is saved, we can safely return to testing the delete function and unset the file.

We've just deleted the last saved file. Now we check the Magento 2 Product Attachments settings to make sure the file was deleted. 

To be continued...

We've described testing Magento 2 API with Postman from the point of view of admin interactions.

Thanks to the joint efforts of all our team members, we made sure our API is fully functional, so users can work with it avoiding complications.

But what about the Frontend API?

It'll make the 2nd part of our Magento 2 API testing series, so stay tuned.

Any ideas on testing backend API?

Feel free to drop us a line below!

June 19, 2019
June 20, 2019
June 13, 2019
June 29, 2019
Great article. There are also online HTTP clients like
Alina Bragina
July 9, 2019
Hi Cyril, thanks for reading us and sharing your experience with us!
April 29, 2022
It would be really great if you could include text versions of all the URLs so we could just copy/paste them
August 24, 2022
Hi there, thank you for your advice, we will definitely take it.
Leave your comment

Your email address will not be published

This blog was created with Amasty Blog Pro

This blog was created with Amasty Blog Pro