Postmantesting~15 mins

GraphQL body in Postman - Build an Automation Script

Choose your learning style9 modes available

Learn Why Deep Trace Try Challenge Automate Recall Frame

Send a GraphQL query using Postman and verify the response

Preconditions (2)

Step 1: Open Postman and create a new POST request

Step 2: Set the request URL to the GraphQL API endpoint

Step 3: In the Body tab, select 'GraphQL' as the body type

Step 4: Enter the following GraphQL query in the 'QUERY' section: '{ user(id: "1") { id name email } }'

Step 5: Click 'Send' to execute the request

Step 6: Observe the response body

✅ Expected Result: The response body contains the user object with id '1' and fields 'id', 'name', and 'email' with valid values

Automation Requirements - Postman test scripts (JavaScript)

Assertions Needed:

Response status code is 200

Response body contains 'data.user.id' equal to '1'

Response body contains 'data.user.name' as a non-empty string

Response body contains 'data.user.email' as a valid email format

Best Practices:

Use Postman's built-in pm.response and pm.expect for assertions

Validate response status before checking body

Use JSON parsing safely

Keep test scripts clear and maintainable

Automated Solution

Postman

pm.test('Status code is 200', () => {
    pm.response.to.have.status(200);
});

const responseJson = pm.response.json();

pm.test('User id is 1', () => {
    pm.expect(responseJson).to.have.nested.property('data.user.id', '1');
});

pm.test('User name is a non-empty string', () => {
    pm.expect(responseJson.data.user.name).to.be.a('string').and.not.empty;
});

pm.test('User email is valid format', () => {
    const email = responseJson.data.user.email;
    pm.expect(email).to.be.a('string').and.match(/^\S+@\S+\.\S+$/);
});

This test script runs after the GraphQL POST request in Postman.

First, it checks the HTTP status code is 200, meaning the request succeeded.

Then it parses the JSON response body safely.

Next, it verifies the user id is exactly '1' using nested property access.

It confirms the user name is a string and not empty, ensuring valid data.

Finally, it checks the user email matches a simple email pattern to confirm format correctness.

Using pm.expect and pm.test keeps tests clear and easy to maintain.

Common Mistakes - 4 Pitfalls

Not setting the request method to POST

{'mistake': "Entering GraphQL query in raw JSON body instead of using Postman's GraphQL body tab", 'why_bad': 'Postman provides a special GraphQL body tab that formats the request correctly; raw JSON may cause syntax errors.', 'correct_approach': 'Use the GraphQL body tab in Postman to enter queries and variables properly.'}

Not checking the response status code before parsing JSON

{'mistake': 'Using incorrect or brittle JSON path to access response data', 'why_bad': 'Incorrect paths cause tests to fail even if the response is correct; brittle paths break easily with API changes.', 'correct_approach': "Use nested property assertions like pm.expect(responseJson).to.have.nested.property('data.user.id') for reliable access."}

Bonus Challenge

Now add data-driven testing with 3 different user IDs (e.g., '1', '2', '3') to verify the API returns correct user data for each.

Show Hint