REST and SOAP are two important technologies for web services that revolutionize the way businesses use APIs. Since APIs are so common, it is important to test them on a regular basis to reveal vulnerabilities or potential operating problems within the web service. Testing a SOAP web service or a REST web service can seem daunting, but thankfully there are various platforms that help you to properly monitor and test your API solutions.

Before going through the highly technical process of testing a web service, it is important to understand the basics of SOAP and REST APIs as well as some other essential terms. This article will explain SOAP vs. REST, how to test SOAP and REST web services, and show you some of the top SOAP and REST testing tools available for your use today.

Contents

1.   What is SOAP?

2.   What is REST?

3.   Testing SOAP Services

4.   Testing REST Services

5.   SOAP and REST Testing Tools

6.   Manage and Test APIs with DreamFactory

What is SOAP?

SOAP stands for Simple Object Access Protocol. It is a messaging protocol that uses XML and highly-developed standards to share and protect data. Historically, this was the most commonly-used solution. That has since changed with the introduction of REST, but SOAP continues to be a viable alternative, thanks in great part to the great options it offers for extensibility.

Did you know you can generate a full-featured, documented, and secure REST API in minutes using DreamFactory? Sign up for our free 14 day hosted trial to learn how! Our guided tour will show you how to create an API using an example MySQL database provided to you as part of the trial!

Create a SOAP to REST API Now

SOAP security relies on the WS (Web Services) security protocols, as well as various other WS standards. Additionally, you can use SOAP with such important protocols as HTTP (Hypertext Transfer Protocol Secure) or SMTP (Simple Mail Transfer Protocol).

What is REST?

REST stands for Representational State Transfer, which is now the default choice for the majority of APIs. It is not a messaging protocol. Rather, REST is a software style or format. It gives developers an architectural framework to work from. REST supports HTTPS, but it does not include the stringent security guidelines of SOAP. Unlike SOAP, it is also not exclusively dependent on the use of XML. REST uses a basic URL to send requests and is often used in conjunction with JSON.

Developers call APIs that comply with REST standards RESTful APIs or simply REST APIs. DreamFactory is a REST API-as-a-service platform. We help companies to build and manage secure REST APIs, in addition to monitoring and testing their solutions.

Testing SOAP Services

Each SOAP web service testing tool may use a slightly different approach, but here we will use Postman to demonstrate the basic steps for testing a SOAP service. 

Postman is an open-source tool that you can use for both REST and SOAP. You can download the app here

Once you have downloaded the app, you will want to open a new request tab, indicated by the arrow in the picture below. Alternatively, you can press the orange New button in the upper left corner of the screen and enter a name to save the file. 

Step 1: Entering the URL

Once you have opened the new request tab, Postman will show you an address field where you can enter the URL. Postman offers a simple example for testing: https://postman-echo.com/get. You can also try anything in their list of free and public SOAP APIs. This permits you to enter a SOAP endpoint URL to make a request. 

Then you will have to choose what type of request you want to make. There is a drop-down menu from which you can choose GET, POST, PUT, PATCH or DELETE. Postman’s default is GET. For the purpose of this test, select POST and use this URL: https://www.dataaccess.com/webservicesserver/NumberConversion.wso

 Step 2: Including Body Data

At the top of the request tab, there are several subsections including Params, Authorization Headers, Body, Pre-request Script, Tests and Settings. Under the Body tab, choose raw. 

There is also a drop-down menu offering Text, JavaScript, JSON, HTML and finally XML. SOAP always uses XML. 

You will now be able to enter your XML. Any such entry must include the Envelope, Header and Body tags. You must also include any namespaces, the name of the operation and the values you want to post. 

Step 3: Setting Request Headers

Postman automatically adds a content type header. The default is application/xml. You will have to check your SOAP service to know whether you need an application/xml or you should change it to text/xml. 

To do this, open the Headers tab next to the Body tab and view your hidden headers. 

Then you have to deselect the Content-Type header, which is the default addition and add a new row with Content-Type in the Key column and text/xml in the Value column. 

Step 4: Send Your Request

Now you simply have to press Send. If the action is successful, you can see the response in the lower tab as shown below. 

You have finished testing your SOAP service. For some further testing, you can also perform schema validation in Postman. 

Testing REST Services

Again, REST testing processes may vary, so SoapUI is the API testing tool we will use for testing a REST web service in this example. You can utilize SoapUI for either SOAP or REST web services, and it is the most commonly-used solution.  

SoapUI is also open-source. You can download the tool for free here

After downloading, you can follow the installation directions and then open your file. These are the steps for creating a REST project from an Endpoint using the GET method. 

Step 1: Creating the Rest Project

This is the SoapUI start page. 

SoapUI offers several different ways to get started. 

  • SoapUI automatically opens a REST dialog on startup that you can then use to work without creating a new project. You can disable this, however. 
  • The second is to click the folder icon marked REST in the upper left of your screen, opening your New REST Project dialog box. 
  • The third is to click Projects in the navigation pane and select New REST Project. 
  • The fourth is to use hotkeys. On Windows, the hotkey combination is CTRL+ALT+N, while in OS X it is CMD+ALT+N. 
  • Finally, you can simply press New Rest Project on the start page. 

The result is that a box opens up for you to enter the URI. Using the URL that SoapUI offers for testing, https://petstore.swagger.io/v2/pet/findByStatus?status=available, will let you get started. 

Now click OK. SoapUI automatically chooses a default Method (GET). The result will include a Service, Resource and Request.

Step 2: View the Response

You have made your first project and should now see the Request editor pictured below. Simply clicking the Green Play Button in the top left corner of the screen (indicated by the red arrow) will let you view the response in the right panel. The default is XML, so you will need to select the tab that correctly describes the language of your service. The options are XML, JSON, HTML or Raw. For this example you will select JSON, which is the most common for REST APIs. 

Step 3: Create a Test Case

In your left navigation pane, right-click on Request 1. Then choose the Add to TestCase option. Alternatively, you can simply use the hotkey combination CTRL+ALT+A. 

You may need to create a new TestSuite simply by entering the name in the window that comes up and click Accept. You will also need to specify the TestCase name and set your specifications for adding the request to the TestCase. 

The TestCase window will open. Press the Green Play Button again to view your response. You can then create your assertion. 

Step 4: Create Assertion

With the TestCase window maximized, click on the Assertions tab as shown below and select the green plus symbol that appears to add the assertion. 

Under the Property Content tab, click the Contains assertion and click Add. 

A new window will appear. In this case, we must verify that ‘Petstore’ is present by entering it in the content box and pressing OK. 

You can see your new project and the web service operations available for your API in the Navigator. Double-click the name of the project or service to get an overview of each. 

For performing deeper testing, take a look at SoapUI’s extensive documentation

Dreamfactory also helps with API testing and monitoring as a comprehensive Rest API management platform. 

SOAP and REST Testing Tools

While we used two of these tools as examples already, here is some additional information on four of the top options for SOAP and REST API testing. 

  1. SoapUIAs mentioned, SoapUI is open-source. Smartbear developed the software. Business use it to perform functional testing, load testing, advanced mocking and API monitoring. According to the website, more than nine million developers use the software. SoapUI has a pro version as well that brings additional benefits. They also offer training and certification. 
  2. PostmanPostman is fairly common as well. It is open-source. Postman calls itself a ‘collaborative platform for API development.’ You can use it for REST, SOAP and GraphQL. The software offers automated testing, mocking, API monitoring and more. 
  3. Rest-AssuredRest-Assured is, as the name suggests, exclusively for use with REST APIs. Its top languages are Java and CSS. It is open-source, and the website offers extensive documentation and guides. 
  4. API FortressAPI Fortress is a paid solution, and many consider it well-worth the price. You can use it with REST, SOAP, GraphQL, Web Services and Microservices. You can automate tests and monitor internal APIs. They offer a free trial for those who would like to check out their services ahead of time. 

Did you know you can generate a full-featured, documented, and secure REST API in minutes using DreamFactory? Sign up for our free 14 day hosted trial to learn how! Our guided tour will show you how to create an API using an example MySQL database provided to you as part of the trial!

Create a SOAP to REST API Now

Manage and Test APIs with DreamFactory

If the process of testing a SOAP service or REST web service looks pretty complex for you, you are not alone. Many companies choose to outsource their API testing to an API management platform like DreamFactory. We provide Restful services to help you build IoT, mobile and web applications. We also help you monitor and test APIs using little or no code. DreamFactory is available in the cloud or on-premise. We offer such powerful security options as Active Directory, OAuth2, Okta and more.

If you are seeking a solution to automatically generate customizable REST APIs and build secure SOAP services, contact DreamFactory today and receive a free trial.