APIBlend

1. What is SOAP?

Simple Object Access Protocol. It uses the message format XML

2. What is REST?

Representational state transfer. It uses various data format types such as JSON, and XML. It has request methods such as GET, POST, PUT, DELETE

3. What is an API endpoint?

It is a specific URL or URI in which API can send requests and receive responses.

4. What are GET and POST?

GET: these requests are used to retrieve data from the server

POST: These requests are used to send data to the server.

5. What are the different status codes?

200 — OK

201- CREATED

400- BAD REQUEST

404 — NOT FOUND

6. What does authorization mean?

It is about access rights or the permission a user can have.

7. What does authentication mean?

It provides credentials like a username, password or some other mechanism.

8. Why use query parameters in API requests?

It is used to get more unique results or sorted results

9. What are the necessary things to send a request using Postman?

1. Request method
2. endpoint
3. Request body
4. query parameters
5. headers

10. What are the authentication types in API testing?

1. OAuth 1.0
2. OAuth 2.0
3. Basic authentication
4. Form Authentication

11. What is an API?

1. An API (Application Programming Interface) is a software intermediary that enables two applications to communicate with each other.
2.  It comprises a number of subroutine definitions, logs, and tools for creating application software.

12. What are the main differences between API and Web Service?

1. All Web services are APIs but not all APIs are Web services.
2. Web services might not contain all the specifications and cannot perform all the tasks that APIs would perform
3. A Web service uses only three styles of use: SOAP, REST, and XML-RPC for communication whereas API may be exposed in multiple ways
4. A Web service always needs a network to operate while APIs don’t need a network for operation

13. What are the Limits of API Usage?

1. Many APIs have a certain limit set up by the provider.
2.  Thus, try to estimate your usage and understand how that will impact the overall cost of the offering. 
3. Whether this will be a problem depends in large part on how data is leveraged.
4.  Getting caught by a quota and effectively cut off because of budget limitations will render the service (and any system or process depending on it) virtually useless

14. What are some architectural styles for creating a Web API?

• HTTP for client-server communication
• XML/JSON as formatting language
• Simple URI as the address for the services
• Stateless communication

15. Who can use a Web API?

1. Web API can be consumed by any clients which support HTTP verbs such as GET, PUT, DELETE, and POST.
2.  Since Web API services do not require configuration, they can be easily used by any client. 
3. In fact, even portable devices such as mobile devices can easily use Web API, which is undoubtedly the biggest advantage of this technology

16. What is API Testing?

API testing is a kind of software testing that determines if the developed APIs meet expectations regarding the functionality, reliability, performance, and security of the application

17. What are the advantages of API Testing?

• Test for Core Functionality: API testing provides access to the application without a user interface. The core and code-level of functionalities of the application will be tested and evaluated early before the GUI tests. This will help detect minor issues which can become bigger during the GUI testing.
• Time Effective: API testing usually is less time-consuming than functional GUI testing. The web elements in GUI testing must be polled, which makes the testing process slower. Particularly, API test automation requires less code so it can provide better and faster test coverage compared to GUI test automation. These will result in cost saving for the testing project.
• Language-Independent: In API testing, data is exchanged using XML or JSON. These transfer modes are completely language-independent, allowing users to select any coding language when adopting automation testing services for the project.
• Easy Integration with GUI: API tests enable highly integrable tests, which is particularly useful if you want to perform functional GUI tests after API testing. For instance, simple integration would allow new user accounts to be created within the application before a GUI test started.

18.Some common protocols used in API testing?

Many protocols are now available to be used in API testing, such as

1.  JMS
2. REST
3. HTTP
4.  UDDI
5. SOAP

19. What is the test environment of API?

1. Setting up the API’s test environment is not an easy task, so you should have a ready answer if your API testing interview is coming.
2.  The test environment of API is a bit complete and requires the configuration of the database and server, depending on the software requirements. 
3. No GUI (Graphical User Interface) is available in this test form.
4. When the installation process is complete, API is verified for proper operation. 
5. Throughout the process, the API called from the original environment is set up with different parameters to study the test results.

20. What are the principles of an API test design?

• Setup: Create objects, start services, initialize data, etc
• Execution: Steps to apply API or the scenario, including logging
• Verification: Oracles to evaluate the result of the execution
• Reporting: Pass, failed, or blocked
• Clean up: Pre-test state

21. What are the common API testing types?

1. Validation Testing
2. Functional Testing
3. UI testing
4. Load testing
5. Runtime/ Error Detection
6. Security testing
7. Penetration testing
8. Fuzz testing
9. Interoperability and WS Compliance testing

22. What is the procedure to perform API testing?

1. Choose the suite to add the API test case
2. Choose the test development mode
3. Demand the development of test cases for the required API methods
4. Configure the control parameters of the application and then test conditions
5. Configure method validation
6. Execute the API test
7. Check test reports and filter API test cases
8. Arrange all API test cases

23. What must be checked when performing API testing?

• Accuracy of data
• Schema validation
• HTTP status codes
• Data type, validations, order, and completeness
• Authorization checks
• Implementation of response timeout
• Error codes in case API returns, and
• Non-functional testing like performance and security testing

24. What is the best approach method to perform API testing?

• Defining the correct input parameters
• Verifying the calls of the mixture of two or more added value parameters
• Defining the basic functionality and scope of the API program
• Writing appropriate API test cases and making use of testing techniques such as equivalence class, boundary value, etc. to check the operability
• Testing case execution
• Comparing the test result with the expected result
• Verifying the API behavior under conditions such as connection to files and so on.

25. What tools could be used for API testing?

1. There is myriad different API testing tools available.
2.  A few common tools are
3.  Katalon Platform
4.  Postman
5.  SoapUi Pro
6. Apigee
7. While doing Unit and API testing, both target source code. 
8. If an API method uses code based in .NET then another supporting tool must have .NET.

26.What are the differences between API Testing and Unit Testing?

API Testing

1. Conducted by QA Team
2. Mostly black-box testing
3. Aimed to assess the full functionality of the system for it will be employed by the end-user (external developers who will use your API)
4. Often run after the build is ready and authors do not have access to the source code

Unit Testing

1. Conducted by the development team
2. White box testing
3. Used to verify whether each unit in isolation performs as expected or not
4. Each of the code modules must be ensured to pass the unit test before being built by developers

27. What are the differences between API Testing and UI Testing?

• API enables the communication between two separate software systems. A software system implementing an API contains functions or subroutines that can be executed by another software system.
• On the other hand, UI ( User Interface) testing refers to testing graphical interfaces such as how users interact with the applications, and testing application elements like fonts, images, layouts, etc. UI testing basically focuses on the look and feel of an application.

28.What are the major challenges faced in API testing?

• Parameter Selection
• Parameter Combination
• Call sequencing
• Output verification and validation
• Another important challenge is providing input values, which is very difficult as GUI is not available in this case

29. What are the testing methods that come under API testing?

• Unit Testing and Functional testing
• Load testing to test the performance under load
• Discovery testing to list, create and delete the number of calls documented in the API
• Usability and Reliability testing to get consistent results
• Security and Penetration testing to validate all types of authentication
• Automation testing to create and run scripts that require regular API calls
• End to end Integration and Web UI testing
• API documentation testing to determine its efficiency and effectiveness

30. Why is API testing considered as the most suitable form for Automation testing?

• It verifies all the functional paths of the system under test very effectively.
• It provides the most stable interface.
• It is easier to maintain and provides fast feedback.

31. What are common API errors that are often found?

• Missing module errors
• Documentation errors
• Parameter validation errors
• And some standard error expectations as if the result is not so predicted then the occurrence of errors can be seen and the same warnings are specified in the form of a message. There can be one or more warnings within an individual module.

32. What kinds of bugs that API testing would often find?

• Missing or duplicate functionality
• Fails to handle error conditions gracefully
• Stress
• Reliability
• Security
• Unused flags
• Not implemented errors
• Inconsistent error handling
• Performance
• Multi-threading issues
• Improper errors

33. What is API documentation?

1. The API documentation is a complete, accurate technical writing giving instructions on how to effectively use and integrate with an API.
2.  It is a compact reference manual that has all the information needed to work with the API and helps you answer all the API testing questions with details on functions, classes, return types, arguments, and also examples and tutorials

34. What are API documentation templates that are commonly used?

• Swagger
• Miredot
• Slate
• FlatDoc
• API blueprint
• RestDoc
• Web service API specification

35. When writing API document, what must be considered?

• Source of the content
• Document plan or sketch
• Delivery layout
• Information needed for every function in the document
• Automatic document creation programs

36. How often are the APIs changed and, more importantly, deprecated?

1. APIs, especially modern RESTful APIs, is a nice creation that can certainly simplify and accelerate integration efforts, which makes it more likely you will benefit from them.
2.  But APIs can and do change for various reasons, sometimes abruptly, and hence REST APIs do not differ from traditional integration methods in this respect.
3.  If an API call is obsolete and disappears, your procedure will interrupt and it is important to understand how often the APIs you depend on change or are deprecated

37. What is REST?

1. REST (Representational State Transfer) is an architectural style for developing web services that exploit the ubiquity of HTTP protocol and use the HTTP method to define actions.
2.  It revolves around resources where every component is a resource that can be accessed through a shared interface using standard HTTP methods. 
3. In REST architecture, a REST Server provides access to resources and REST client accesses and makes these resources available. 
4. Here, each resource is identified by URIs or global IDs, and REST uses multiple ways to represent a resource, such as text, JSON, and XML. XML and JSON are nowadays the most popular representations of resources.

38. What is a RESTFul Web Service?

1. SOAP (Simple Object Access Protocol) — an XML-based method to expose web services.
2. Web services developed in the REST style are referred to as RESTful web services. These web services use HTTP methods to implement the concept of REST architecture. A RESTful web service usually defines a URI, Uniform Resource Identifier a service, and provides resource representation like JSON and a set of HTTP methods.

39. What is a “Resource” in REST?

REST architecture treats any content as a resource, which can be either text files, HTML pages, images, videos, or dynamic business information. 
REST Server gives access to resources and modifies them, where each resource is identified by URIs/ global IDs.

40. What is the most popular way to represent a resource in REST?

REST uses different representations to define a resource like text, JSON, and XML. 
XML and JSON are the most popular representations of resources.

41. Which protocol is used by RESTful Web services?

RESTful web services use the HTTP protocol as a medium of communication between the client and the server.

42. What are some key characteristics of REST?

• REST is stateless, therefore the SERVER has no status (or session data) 
  With a well-applied REST API, the server could be restarted between two calls, since all data is transferred to the server
• Web service uses the POST method primarily to perform operations, while REST uses GET for accessing resources.

43. What is messaging in RESTful Web services?

RESTful web services use the HTTP protocol as a communication tool between the client and the server. The technique that when the client sends a message in the form of an HTTP Request, the server sends back the HTTP reply is called Messaging. These messages comprise message data and metadata, that is, information on the message itself.

44. What are the core components of an HTTP request?

An HTTP request contains five key elements:

1. An action showing HTTP methods like GET, PUT, POST, and DELETE.
2. Uniform Resource Identifier (URI), which is the identifier for the resource on the server.
3. HTTP Version, which indicates the HTTP version, for example-HTTP v1.1.
4. Request Header, which carries metadata (as key-value pairs) for the HTTP Request message. Metadata could be a client (or browser) type, format supported by the client, format of a message body format, cache settings, and so on.
5. Request Body, which indicates the message content or resource representation.

45. What are the most commonly used HTTP methods supported by REST?

• GET is only used to request data from a specified resource. Get requests can be cached and bookmarked. It remains in the browser history and has length restrictions. GET requests should never be used when dealing with sensitive data.
• POST is used to send data to a server to create/update a resource. POST requests are never cached and bookmarked and do not remain in the browser history.
• PUT replaces all current representations of the target resource with the request payload.
• DELETE removes the specified resource.
• OPTIONS is used to describe the communication options for the target resource.
• HEAD asks for a response identical to that of a GET request but without the response body.

46. Can GET requests be used instead of PUT to create a resource?

The PUT or POST method should be used to create a resource. GET is only used to request data from a specified resource.

47. Is there any difference between PUT and POST operations?

PUT and POST operations are quite similar, except for the terms of the result generated by them.

PUT operation is idempotent, so you can cache the response. In contrast, the responses to POST operation are not cacheable, and if you retry the request N times, you will end up having N resources with N different URIs created on the server.

In a Web API Testing interview, you should give a specific example for PUT and POST operations to clarify it to the interviewer. Below is an example:

Scenario: Let’s say we are designing a network application. Let’s list down a few URIs and their purpose to get to know when to use POST and when to use PUT operations.

POST Example

Scenario: Adding a new device to the network.

• Endpoint: /devices
• Purpose: Create a new device in the network. POST is used because it creates a new resource.

PUT Example

Scenario: Updating the IP address of an existing device.

• Endpoint: /devices/{deviceId}
• Purpose: Update an existing device's details. PUT is used because it updates an existing resource or creates it if it doesn't exist (idempotent operation).

48. How to add variables in the request body if you use a CSV file with multiple data set

{{username}} and {{password}}

49. How to add path parameter and query parameters in request url?

path parameter : https://L-TROP-SD/rest/care/{path param}

query parameter: https://L-OPOPOPD-SD/rest/care/?name=user&password=postd

50. What is the usage of PATCH request?

If we want to update a resource partially we use PATCH . It will update only specific fields only

51. Explain stateless in RESTful API 

n RESTful web services, the term "stateless" means that each API call from the client to the server must contain all the information the server needs to fulfill that request. The server does not store any information about the state of the client between requests. This principle is a key part of REST (Representational State Transfer) architecture.

Key Characteristics of Statelessness in REST APIs

1. Self-Contained Requests: Each request from a client to the server must include all necessary information, such as authentication tokens, parameters, and any other data the server needs to process the request. The server does not retain any session information between requests.

2. No Server-Side Session: The server does not maintain any client state between requests. Each request is treated as an independent transaction that is unrelated to any previous request.

3. Scalability: Because the server does not need to keep track of client state, it can handle a larger number of requests more efficiently. This makes RESTful services highly scalable and suitable for distributed systems.

4. Improved Reliability: Statelessness leads to improved reliability. If a server fails, any other server can handle subsequent requests because there is no dependency on the server maintaining session state.

5. Simpler Server Design: The server's design and implementation are simpler because it does not need to manage and persist session state information across multiple requests.