Application Programming Interface or API, is an interface that sets up the communication
medium between multiple software applications or even between mixed hardware and
software applications. REST API is one of the most popular and easy to integrate APIs.
1. What is a web service?
Web services are standard software systems that provide a common platform for various
applications (written in different programming languages) to communicate over the network.
They help in establishing client-server communication.
2. What does REST stand for?
REST stands for Representational State Transfer.
3. Explain REST and RESTFUL.
A software architectural style that defines a set of rules that are to be used for creating web
services is known as REST. REST uses the HTTP Protocol. It, itself is not a protocol or a
standard.
Web services that follow the REST architectural style are known as RESTful web services. A
RESTful system consists of:
- A client who requests a particular resource
- A server that has all the resources
4. Define the architectural style for creating a web API.
The architectural style for creating a web API are:
- HTTP for client-server communication
- XML/JSON as the formatting language
- Simple URI as the address for the services
- Stateless Communication
5. What are the HTTP methods supported by REST?
The HTTP methods supported by REST are as follows:
GET: The GET method retrieves specific information from the server according to
the specifications made by the URI.
POST: The POST method modifies data on that particular server from which the
request was sent.
PUT: The PUT method is used to request that the message body that has been
returned is stored under the location mentioned in the HTTP message.
DELETE: The DELETE method is used to delete the specified resources.
HEAD: The HEAD method is quite similar to the GET method. The only difference is
that the HEAD method returns only the meta information and not the message body.
6. What are some of the key characteristics of REST?
- The REST API is stateless. It does not store data like user credentials and needs to be
reminded of it with each new session. This feature helps in increasing scalability.
- It supports both JSON and XML, therefore catering to the varying expectations of the
developer community.
- The REST architecture is simpler to implement as compared to SOAP.
- REST can be operated under limited resources and low network bandwidth.
7. What is meant by addressing in RESTful web services?
Addressing in RESTful web services refers to locating a resource or multiple resources
present on the server. It is similar to locating the postal address of a person.
8. What is the use of JAXB in RESTful web API?
JAXB stands for Java Architecture for XML Binding. It is an XML-to-Java binding
technology that enables the easy transformation of schema to Java objects and vice versa.
List the different application integration styles in real-time systems.
The different integration styles are:
- Directly accessing or sharing the database
- Batch file transfer or sharing
- Invoking remote procedure (RPC)
- Swapping asynchronous messages over a message-oriented middleware (MOM).
9. What is API Testing?
API testing is quite similar to software testing. It is used to determine if the developed APIs
meet the expectations of that particular application’s REST On functionality, reliability,
performance, and security of that particular application.
10. Mention some protocols used in API Testing.
Some commonly used protocols in API Testing are JMS, REST, HTTP, UDDI, and SOAP.
11. What are the common types of API Testing?
There is no fixed list as there is specialty testing as it depends upon the developer’s
expectations and requirements. However, most tests can be broadly categorized into 9 types:
- Validation Testing
- Functional Testing
- UI Testing
- Load Testing
- Runtime/ Error Detection
- Security Testing
- Penetration Testing
- Fuzz Testing
- Interoperability and WS Compliance testing
12. Which are the parameters that must be checked when performing API testing?
In the process of API testing, a request is raised to the API with the known data. It helps in
analyzing the response. So, while testing the API, the following parameters must be kept in
mind:
- Data Accuracy
- Schema Validation
- HTTP Status Code
- Data type, validations, order, and completeness
- Authorization checks
- Implementation of response timeout
- Error codes in case API returns
- Non-functional testing like performance and security testing
13. List a few testing tools for web services for REST API.
- Spring REST web service using MVC
- Jersey API
- CXF
- Axis
- Restlet
14. Differentiate between SOAP and REST.
SOAP: SOAP (Simple Object Access Protocol) is a protocol through which two systems communicate by sharing XML documents. REST, on the other hand, supports many different formats of data. The reads on SOAP cannot be cached. SOAP runs on HTTP but envelopes the message. SOAP cannot use REST since it itself is a protocol while REST is an architectural pattern.
REST: (Representational State Transfer) is a service architecture and design for network based software architectures. SOAP only supports XML. The REST reads are cachable. REST uses the HTTP headers to hold meta information. REST can make use of SOAP as the underlying protocol for web services.
15. Specify the format of a URI in REST architecture.
The format of a URI is as follows:
<protocol>://<service-name>/<ResourceType>/<ResourceID>
16. Which web services method is available on read-only mode?
The operations under the GET method are read-only and are safe.
17. What is a “Resource” in REST?
REST considers all types of content as a resource; they can be text files, HTML pages,
images, videos, or even dynamic business information. The REST server gives access to the
resources and modifies them according to the different HTTP methods specified. Each
resource is identified by URIs/ global IDs.
18. Which is the most popular way of representing a resource in REST?
Different representations are used by the REST architecture to define a particular resource.
XML(Extensible Markup Language) and JSON(JavaScript Object Notation) are the most
popular representations of resources.
19. Explain XML and JSON in brief.
XML:
The Extensible Markup Language is quite similar to HTML. It is designed to store
and transport data. One of its biggest advantages over HTML is that it allows users to
create their own custom tags. XML is generally used to represent structured
information like documents, data, configuration, etc.
JSON:
JavaScript Object Notation is a lightweight format that has been designed to store and
transport data. It represents structured data based on JavaScript object syntax. It is fast
and easy to use and understand.
20. Which are the safe REST operations?
REST works on the HTTP protocol and hence, uses the HTTP methods to carry out its
operations. The HTTP methods that do not change or modify the resources at the server are
known as safe operations. The GET method returns the resource only in the read-only
method, and the HEAD method returns the metadata of the resource and is, therefore, safe.
The methods PUT, POST, and DELETE, on the other hand, modify the data at the server and
are, therefore, considered unsafe.
21. Name the method that validates all controls on a page.
The Page.Validate() method validates all controls on a page.
22. Which library is used for JSON serialization in Web APIs?
The JSON.NET library is used for JSON serialization.
23. Who are the consumers of Web API?
Web APIs cater to a broad range of clients including browsers, and mobile devices. It is also
used along with native applications that require web services but don’t support SOAP. Clients
that support the HTTP methods like GET, DELETE, POST, can also use Web APIs.
24. What does it mean for an API to be stateless?
Statelessness is one of the key principles of REST architecture. In stateless communication, the server does not store any information about previous communications. In other words, the client and server do not know each other’s state. Every request and response is a new interaction, and each request includes everything the server needs to give a successful response.
25. What is CRUD?
Answer: CRUD stands for “Create, Read, Update, Delete.” These are the four basic actions that can be performed on databases through a REST API. Each action corresponds to an HTTP request method:
Create = POST
Read = GET
Update = PUT
Delete = DELETE
26. What are some common HTTP response status codes you might see when working with a REST API?
HTTP response status codes tell the client the result of the requested action (GET, POST, etc.). Some common codes you’ll see in HTTP responses are:
200 OK: The request succeeded.
201 Created: The request succeeded and a resource was created.
400 Bad Request: The request was not fulfilled due to an error in the request, such as a typo or missing data.
401 Unauthorized: The request was not fulfilled because the client is not authenticated or authorized to access the requested resource.
403 Forbidden: The request was not fulfilled because the client is authenticated, but not authorized to access the requested resource.
404 Not Found: The request was not fulfilled because the server could not locate the requested resource.
500 Internal Server Error: The request was not fulfilled due to an unexpected problem with the server.
502 Bad Gateway: The request was not fulfilled due to an invalid response from an upstream server.
503 Service Unavailable: The server was unable to process the request due to maintenance, overloading, or another temporary interference.
27. What is caching?
Caching is the method of temporarily storing a copy of a server response in a location in order to retrieve it more quickly in the future. Caching improves server performance by reducing the work the server has to do to fulfill the request. Caching also makes applications that use the API run faster since they don’t need to send a new request every time they need a resource.
Cache duration of a resource is (i.e., how long the resource can be cached by the client before the resource is retrieved again) specified in the HTTP response header with the Cache-Control field.
