Testing REST Services with REST Assured

Home » Blog » Software » Enterprise Software » Testing REST Services with REST Assured

RESTful service testing can be unwieldy and difficult to get started with. Providing a REST API implies using a variety of technologies and techniques such as HTTP, JSON, authentication, various payload transfer mechanisms and content types.

This is where a tool that abstracts over these technical details and facilitates their application comes in handy. REST Assured is a high-level DSL for testing REST APIs. It draws upon behaviour-driven development (BDD) and hence makes for readable test descriptions.

A typical acceptance test with REST Assured looks like this:

                header("X-Auth-Token", token).
                body("id", equalTo(1)).
                body("username", equalTo(username));

As you can see REST Assured allows you to define test processes in a BDD given-when-then fashion:

  • Given existing conditions
  • when a certain action is triggered
  • then the outcome should be …

With REST Assured you can handle the various concepts that come with REST and HTTP in a consistent and straightforward manner:

  • headers
  • content types
  • preflight requests (OPTIONS) for checking if a particular request is supported
  • HTTP status codes
  • various types of parameters: Form parameters, query parameters, path parameters
  • request bodies

REST Assured is a useful tool that allows you to write functional tests and acceptance tests ensuring that the APIs exposed by your server comply with the protocol defined for them.

If you’d like to know more about best practices for REST Assured and acceptance testing of REST APIs please subscribe to this mailing list for more information on my upcoming guide “Testing REST APIs with REST Assured“:

* indicates required

Leave a Comment

* Checkbox GDPR is required


I agree

By continuing to browse the site you agree to our use of cookies. Privacy Policy

Privacy Preference Center

Strictly necessary

These cookies are necessary for the site to function.

PHPSESSID: Preserves user session state across page requests.

__cfduid: Used by the content network, Cloudflare, to identify trusted web traffic.



Remembers the user's submitted data when a comment is submitted in a blog post. The purpose is to aut o-populate form fields for subsequent comments, in order to save time for the user.



Statistic cookies help us to understand how visitors interact with our websites by collecting and reporting information anonymously.

_ga: Registers a unique ID that is used to generate statistical data on how the visitor uses the website.

_gat: Used by Google Analytics to throttle request rate.

_gid: Registers a unique ID that is used to generate statistical data on how the visitor uses the website.

collect: Used to send data to Google Analytics about the visitor's device and behaviour. Tracks the visitor across d evices and marketing channels.



We use Wordfence to secure our website against hacking attempts: https://www.wordfence.com/


Close your account?

Your account will be closed and all data will be permanently deleted and cannot be recovered. Are you sure?