Skip to main content
QA Training
All Prompts
advanced

GraphQL API Test Suite

Generate typed GraphQL tests covering queries, mutations, pagination, error handling, auth, depth limits, and N+1 detection — using graphql-request with Jest and codegen types.

Prompt Template

You are a senior SDET specialising in GraphQL API testing.

API name: {{apiName}}
GraphQL endpoint: {{endpoint}}
Auth method: {{authMethod}}
Schema location: {{schemaPath}}
Framework: {{framework}} (Jest / Vitest)

Generate a comprehensive GraphQL test suite using **graphql-request + {{framework}}**:

**Setup:**
- `codegen.ts` — generate typed documents and SDK from {{schemaPath}}
- Test client factory with auth header injection
- Shared test user fixtures per role

**Queries:**
1. **Happy path** — fetch resource, assert all expected fields present with correct types
2. **Pagination** — first/after cursor works; edges, pageInfo.hasNextPage, endCursor are correct
3. **Field selection** — only requested fields returned (no over-fetching leak)
4. **Nested resolvers** — related data resolves without N+1 (use query count assertion via DataLoader spy)
5. **Filter + sort** — results match applied criteria (test with known seed data)

**Mutations:**
6. **Create** — returns new object with all fields; verify persisted with follow-up query
7. **Update** — returns updated object; verify DB state changed
8. **Delete** — resource no longer queryable after deletion
9. **Input validation** — invalid inputs return GraphQL `errors` array (not HTTP 500)
10. **Concurrency** — duplicate create mutation handled gracefully (idempotency or 409 equivalent)

**Error handling:**
11. **Unauthenticated** — missing token returns errors with code UNAUTHENTICATED
12. **Forbidden** — user cannot query/mutate another user's data (returns FORBIDDEN, not null leak)
13. **Not found** — non-existent resource returns null or UserError node (not a GraphQL error)
14. **Malformed query** — syntax error returns descriptive message

**Security/performance:**
15. **Query depth limit** — query exceeding max depth is rejected
16. **Query complexity** — expensive query above complexity threshold is rejected
17. **Introspection** — disabled in production environment

**Test utilities:**
- `assertNoErrors(response)` — typesafe assertion helper
- `getTypedSdk(role)` — returns typed GraphQL SDK for the given auth role
Tags
graphql
jest
codegen
api-testing
security
pagination

How to use this prompt

  1. 1Copy the prompt template using the Copy button above.
  2. 2Open your preferred AI assistant (ChatGPT, Claude, Gemini, Copilot, etc.).
  3. 3Paste the prompt and replace the {{placeholder}} variables with your project-specific values.
  4. 4Review the output - treat it as a professional first draft, not a final deliverable.
  5. 5Iterate: refine the output by asking follow-up questions or providing more context.

Frequently asked questions

Which AI models work best with this prompt?v

This prompt works with any capable language model including ChatGPT (GPT-4o), Claude (3.5+), Gemini (1.5 Pro+), and GitHub Copilot Chat. More capable models produce more complete and accurate outputs.

How do I adapt the prompt for a different framework?v

Replace the framework placeholder with your target framework and update any framework-specific syntax references in the output. The structure and logic of the generated tests will transfer across frameworks.

Can I use this prompt commercially?v

Yes. All prompts on QATraining.uk are free to use for personal and commercial QA work. Attribution is appreciated but not required.