API Commands - TestlumFramework/Testlum GitHub Wiki

๐ŸŒ API Testing with Testlum

Testlum provides powerful and flexible capabilities for testing various types of APIs, including:

  • ๐Ÿ“ก HTTP APIs (RESTful services)
  • ๐Ÿ”“Authorization (for API only)
  • ๐Ÿ”Œ WebSocket APIs (real-time communication)
  • ๐Ÿ”ท GraphQL APIs (structured query-based APIs)
http

๐ŸŒ http

The http command allows you to perform API requests such as GET, POST, PUT, DELETE, PATCH, OPTIONS, TRACE, HEAD within your test scenarios.

โš™๏ธ General Parameters

Parameter Type Required Default Description
comment String โœ… - Description of the HTTP request
alias String โœ… - Unique name from your integration.xml setup
condition Boolean โŒ - Condition to execute this step
threshold Integer (ms) โŒ - Max allowed time for execution (failure if exceeded)

๐Ÿ› ๏ธ Inside HTTP Methods

Each HTTP method block (like <get>, <post>, etc.) may contain the following sections:

๐Ÿ“ Endpoint

<get endpoint="/activity">

endpoint - URL path to the specific resource.

๐Ÿ“ฉ Response Validation

Parameter Description
code Expected HTTP response code (e.g., 200, 404)
file File with the expected JSON/XML response
mode A mode for response comparison (lenient strict) 
<response code="200" file="expected_1.json"/>

๐Ÿ“‘ Headers

Parameter Description
name Name of the header (e.g., Authorization)
data Header value (e.g., Bearer token) 
<header name="Authorization" data="Bearer YOUR_TOKEN"/>

๐Ÿ“ Body (for POST, PUT, PATCH)

You can pass a request body from a file (request_N.json)

Parameter Description
file json file that contains body of your request. This file must be named "request_N.json", where N is number of your test step 
<post endpoint="/jwt/users">
    <body>
        <from file="request_1.json"/>
    </body>
</post>

Or write it raw inside the scenario.

<body>
    <raw>
        {
            "username": "admin",
            "password": "password123"
        }
    </raw>
</body>

Or use param section.

Parameter Description
name Parameter name (e.g., userId)
data Parameter value (e.g., 12345)

The <param> tag inside <body> allows you to define key-value pairs that will be used to construct the request body.

  • If the Content-Type is application/json, all parameters are automatically converted into a JSON object.
  • If the Content-Type is different (e.g., application/x-www-form-urlencoded), parameters are encoded as a URL-encoded form (key=value&key2=value2).

You can define multiple <param> elements inside <body>, and they will be combined appropriately based on the Content-Type.

๐Ÿงฉ Example (application/json)

<body>
    <param name="username" data="admin"/>
    <param name="password" data="secret"/>
</body>

Resulting body:

{
  "username": "admin",
  "password": "secret"
}

๐Ÿงฉ Example (application/x-www-form-urlencoded)

<body>
    <param name="username" data="admin"/>
    <param name="password" data="secret"/>
</body>

Resulting body:

username=admin&password=secret

โœ… Tip:
Use <param> when you need to dynamically build a request body without manually creating a full JSON file, especially useful for form submissions or simple API requests.

Also Tesltum supports multipart requests (for file uploads).

Parameter Description
file Path to the file
name Form field key name
fileName File name to upload as
contentType MIME type (e.g., image/png) 
<post endpoint="/post">
    <body>
        <multipart>
            <file name="testName" fileName="test.pdf" contentType="text/pdf"/>
            <param name="testParam12!" data="Hello World!12@" contentType="text/plain"/>
            <param name="testParam13!" data="Hello World!13@"/>
        </multipart>
    </body>
</post>

๐Ÿง  Execution Sequence Reminder

Inside the methods there should be a sequence:

  1. response
  2. header
  3. body/param
  4. multipart

โœ… This ensures maximum clarity and reliability in request validation!

๐Ÿงช Real Example

<http alias="BORED" comment="Get activity by type">
    <post endpoint="/api/v1/users">
        <response code="200" file="expected_1.json">
            <header name="Response-Header" data="value"/>
        </response>
        <header name="Content-Type" data="application/json"/>
        <body>
            <from file="request_1.json"/>
        </body>
    </post>
</http>

YouTube Usage Guide

Watch the video

Merge test (WEB/API)

Testlum provides you with ability to conduct different types of testing within one scenario. So that you can easily increase efficiency and coverage level of your tests.

Here is an example of merge test scenario with WEB and API test steps within one scenario.

Watch the video

auth

๐Ÿ” Authorization with <auth> Command

Testlum provides a unique <auth> command that enables instant authorization by a system user directly within a test script.

Using <auth>, you can perform multiple requests under an authorized session, greatly simplifying API testing โ€” especially for secured endpoints.

โš™๏ธ Setup Overview

  • In your integration.xml, configure an <api> integration and select the authorization strategy.
  • In the test script, use the <auth> tag to perform authorization based on that configured strategy.

The <auth> tag is especially useful for REST API testing, allowing seamless switching between users and working with complex permission systems.

๐Ÿ“œ Basic Usage Example

<auth comment="Test case for auth command"
      apiAlias="ALIAS"
      credentials="jwt_user.json"
      loginEndpoint="/api/v1/customer/login">
  
    <http comment="Get all stores in system" alias="SHOPIZER">
        <get endpoint="/api/v1/auth/customers/profile">
            <response code="200" file="expected_2.json"/>
        </get>
    </http>
  
</auth>
  • apiAlias: alias of the API you configured in integration.xml.
  • credentials: filename containing user credentials (must be placed inside the data folder).
  • loginEndpoint: endpoint for performing the login action.

๐Ÿ›‘ Closing the <auth> block automatically logs out the authorized user at the end.

๐Ÿงฉ Credentials File Example (jwt_user.json)

{
  "username": "username",
  "password": "password"
}

โœ… Key Advantages

  • No need to manually pass authentication tokens inside every request.
  • Easily switch between multiple users in a single script.
  • Ideal for testing complex permission systems and private API workflows.

Tip:
Use <auth> whenever you need to batch test many authenticated API endpoints without handling tokens manually!

websocket

๐Ÿ”— WebSocket Testing with Testlum

Testlum supports WebSocket testing both for Standard WebSocket and WebSocket with STOMP protocol.
You can easily send, receive, and subscribe to messages in real-time communication scenarios.

๐ŸŒ Standard WebSocket API

โš™๏ธ Main <websocket> Tag

Parameter Type Required Default Description
comment String โœ… - Describes the purpose of the connection
alias String โœ… - Matches the alias configured in integration.xml
disconnect Boolean โŒ true Whether to disconnect after closing <websocket>
condition Boolean โŒ - Conditionally execute this connection block
threshold Integer (ms) โŒ - Max allowed execution time before timeout

๐Ÿ“ฉ <receive> - Receiving Messages

Parameter Type Required Default Description
comment String โœ… - Comment for this receive step
limit Integer โŒ - Maximum number of messages to validate
timeoutMillis Integer โŒ - Max time to wait for receiving a message
topic String โŒ - Topic name for receiving a message
  • Messages can be provided inline via <message>...</message> or from a file using <file>expected_X.json</file>.

Example:

<receive comment="Receive a message" limit="1" timeoutMillis="3000">
    <message>[{"some": "payload"}]</message>
</receive>
<receive comment="Receive a message" limit="1" timeoutMillis="3000">
    <file>expected_2.json</file>
</receive>

๐Ÿ“ค <send> - Sending Messages

Parameter Type Required Default Description
comment String โœ… - Comment for this send step
endpoint String โŒ - WS endpoint where to send message
  • Message can be provided inline via <message>...</message> or from a file.

Example:

<send comment="Send a subscription request">
    <message>
        {
            "event": "subscribe",
            "subscription": { "name": "value" }
        }
    </message>
</send>
<send comment="Check ability to send json message"
                 endpoint="/app/test">
    <file>body_9.json</file>
</send>

๐Ÿ› ๏ธ Full Example for Standard WebSocket

<websocket comment="Standard WebSocket communication" alias="myAlias" disconnect="true">
    <receive comment="Wait for empty message" maxRecords="0">
        <message>[]</message>
    </receive>

    <send comment="Subscribe to event">
        <message>
            {
                "event": "subscribe",
                "subscription": { "name": "value" }
            }
        </message>
    </send>
</websocket>

Watch the video

๐Ÿš€ WebSocket Testing with STOMP Protocol

If your WebSocket server uses STOMP, you must wrap your operations inside a <stomp> block.

โš™๏ธ Main <stomp> Block Inside <websocket>

Supports the same general parameters and commands, but specialized for STOMP messaging.

๐Ÿ“Œ <subscribe> - Subscribing to Topics

Parameter Description
comment Describes the subscription
topic Topic you want to subscribe to (e.g., /topic/server)

Example:

<subscribe comment="Subscribe to server updates" topic="/topic/server"/>

๐Ÿ“ฉ <receive> - Receiving STOMP Messages

Parameter Description
comment Comment for this receive step
topic Topic you are listening to
maxRecords Number of messages to validate
timeoutMillis Max wait time to receive messages
  • Use either inline <message> or <file> for expected payload.

Example:

<receive comment="Receive server pings" topic="/topic/ping" maxRecords="1" timeoutMillis="100">
    <message>[{"value": "ping message"}]</message>
</receive>
<receive comment="Receive server pings" topic="/topic/ping" maxRecords="1" timeoutMillis="100">
    <file>expected_2.json</file>
</receive>

๐Ÿ“ค <send> - Sending STOMP Messages

Parameter Description
comment Comment for this send step
endpoint Endpoint where you want to send the message (e.g., /app/ping)

Example:

<send comment="Send ping request" endpoint="/app/ping">
    <message>ping message</message>
</send>
<send comment="Send ping request" endpoint="/app/ping">
    <file>body_2.json</file>
</send>

๐Ÿงช Full Example for STOMP WebSocket

<websocket comment="Connect to stomp websocket api" alias="TESTER" disconnect="false">
    <stomp>
        <subscribe comment="Subscribe to server topic" topic="/topic/server"/>

        <receive comment="Receive server periodic updates" topic="/topic/server" maxRecords="3">
            <file>expected_3.json</file>
        </receive>

        <send comment="Send ping message" endpoint="/app/ping">
            <message>ping message</message>
        </send>
    </stomp>
</websocket>

Watch the video

๐Ÿš€ Tip:

  • Always use timeoutMillis smartly to avoid long waits!
  • Use disconnect="false" if you need persistent open connections during heavy load or multi-step tests.
  • With STOMP, subscription must happen before sending or receiving!
GraphQL

๐Ÿ”ฎ GraphQL Testing with Testlum

GraphQL is a powerful query language that allows APIs to serve exactly the data the client requests โ€” no more, no less.
Testlum makes testing GraphQL APIs intuitive and flexible!

โš™๏ธ Main <graphql> Command

Parameter Type Required Default Description
comment String โœ… - Description of the GraphQL test
alias String โœ… - Unique alias defined in your integration.xml
condition Boolean โŒ - Condition to execute the command
threshold Integer (ms) โŒ - Max allowed time before failing due to timeout

๐Ÿ› ๏ธ Inside <post> and <get> Methods

๐Ÿ“ Endpoint

Endpoint defines the URL where your GraphQL server is accessible.

<post endpoint="/graphql">

๐Ÿ“ฉ Response Validation

Parameter Description
code Expected HTTP response code (default is 200)
file File containing the expected response body
mode A mode for response comparison (lenient strict)
header Expected headers (optional, name + data)

Example:

<response code="200" file="expected_1.json">
    <header name="Content-Type" data="application/json"/>
</response>

๐Ÿ“ Body (for POST)

You can provide the body either from a file or as raw text:

Parameter Description
from Load body from a file like request_1.json
raw Write the query manually inside the scenario file

Example using file:

<body>
    <from file="request_1.json"/>
</body>

Example using raw:

<body>
    <raw>
        {
          "query": "{ getAllBooks { id author title number } }"
        }
    </raw>
</body>

๐Ÿ“‘ Parameters (for GET)

In the <get> method you use param to pass the GraphQL query string.

Parameter Description
name Usually query
data The GraphQL query itself

Example:

<param name="query" data="{ getAllBooks { id author title number } }"/>

๐Ÿง  Sequence Reminder

Inside <post> or <get> the elements should be ordered as:

  1. <response>
  2. <header>
  3. <body> (for POST) / <param> (for GET)

โœ… This ensures logical and reliable validation flow.

๐Ÿงช Real Examples

โžก๏ธ Testing with POST method

<graphql comment="Check list of books via POST" alias="ALIAS">
    <post endpoint="/graphql">
        <response code="200" file="expected_1.json"/>
        <header name="Content-Type" data="application/json"/>
        <body>
            <from file="request_1.json"/>
        </body>
    </post>
</graphql>

โžก๏ธ Testing with GET method

<graphql comment="Check list of books via GET" alias="ALIAS">
    <get endpoint="/graphql">
        <response code="200" file="expected_2.json"/>
        <param name="query" data="{ getAllBooks { id author title number } }"/>
    </get>
</graphql>

๐Ÿš€ Best Practices

  • Use GET for simple queries and POST for complex/mutated data.
  • Always validate the status code and response file to ensure full verification.
  • When using raw, be careful with escaping special characters.
  • Prefer file-based body and response when working with big queries.
โš ๏ธ **GitHub.com Fallback** โš ๏ธ