API Testing Interview Questions

API Testing Interview Questions

Mhmd Ibrahim's photo
Mhmd Ibrahim
·

5 min read

Table of contents

No heading

No headings in the article.

-Name some tools used for API Testing?

  • Postman , Katalon Studio , Jmeter , SoapUI , Rest assured

-What is API Testing?

  • API testing is a kind of software testing that determines if the developed APIs meet expectations regarding the functionality, reliability, performance, and security of the application.

-What are the core components of an HTTP request?

  • HTTP methods " A collection of request techniques used to carry out particular actions on resources (GET, PUT, POST, DELETE)

1- GET: This is used for fetching details from the server and is basically a read-only operation

2- POST: This method is used for the creation of new resources on the server.

3- PUT: This method is used to update the old/existing resource on the server or to replace the resource.

4- DELETE: This method is used to delete the resource on the server.

5- PATCH: This is used for modifying the resource on the server.

  • URI (Uniform Resource Identifier):This part is used for uniquely identifying the resources on the server Version of HTTP This part indicates what version of HTTP protocol you are using. An example can be HTTP v1.1

  • Request Header : This part has the details of the request metadata such as client type, the content format supported, message format, cache settings, etc.

  • Request Body : This part represents the actual message content to be sent to the server.

What constitutes the core components of HTTP Response?

  • Response Status Code This represents the server response status code for the requested resource. Example

- 400 represents a client-side error,

-200 represents a successful response. HTTP Version Indicates the HTTP protocol version.

  • Response Header : This part has the metadata of the response message. Data can describe what is the content length, content type, response date, what is server type, etc.

  • Response Body: This part contains what is the actual resource/message returned from the server.

-what is a difference between Authentication & Authorization

  • Authentication It is a process that helps to identify and check users by their credentials such as password, username ,If user credentials are not passed into the request header, then the server returns 401 status code .

  • Authorization It is a process that helps to decide whether or not a user has access to perform an action. Authorization filters are used to implement authorization

What is a WSDL stands for Web Services Description Language ?

  • What are HTTP Status codes?

    1xx - represents informational responses

    2xx - represents successful responses

    (200 success/OK

    201 CREATED - used in POST or PUT methods).

    3xx - represents redirects 304 NOT MODIFIED

    - used in conditional GET requests to reduce the bandwidth use of the network. Here, the body of the response sent should be empty

    4xx - represents client errors 400 BAD REQUEST

    - This can be due to validation errors or missing input data.

    401 UNAUTHORIZED - This is returned when there is no valid authentication credentials sent along with the request

    403 FORBIDDEN - sent when the user does not have access (or is forbidden) to the resource

    404 NOT FOUND - Resource method is not available.

    5xx - represents server errors 500 INTERNAL SERVER ERROR

    - server threw some exceptions while running the method

    502 BAD GATEWAY

    - Server was not able to get the response from another upstream server

Differentiate between SOAP and REST?

  • SOAP (Simple Object Access Protocol) is a protocol used to implement web services. uses service interfaces for exposing the resource logic. supports only XML transmission between the client and the server.

  • REST (Representational State Transfer) is an architectural design pattern for developing web services uses URI to expose the resource logic. supports data of multiple formats like XML, JSON, MIME, Text, etc

What are main differences between API and Web Service?

  • All Web services are APIs but not all APIs are Web services

  • Web services might not contain all the specifications and cannot perform all the tasks that APIs would perform.

  • A Web service always needs a network to operate while APIs don’t need a network for operation.

What are the advantages of API Testing?

  • Test for Core Functionality API testing provides access to the application without a user interface. The core and code-level of functionalities of the application will be tested and evaluated early before the GUI tests. This will help detect the minor issues which can become bigger during the GUI testing.

  • Time Effective API testing usually is less time consuming than functional GUI testing. The web elements in GUI testing must be polled, which makes the testing process slower. Particularly,

  • API test automation requires less code so it can provide better and faster test coverage compared to GUI test automation. These will result in the cost saving for the testing project

  • Language-Independent In API testing, data is exchanged using XML or JSON. These transfer modes are completely language-independent, allowing users to select any code language when adopting automation testing services for the project

  • Easy Integration with GUI API tests enable highly integrable tests, which is particularly useful if you want to perform functional GUI tests after API testing. For instance, simple integration would allow new user accounts to be created within the application before a GUI test started

What are principles of an API test design?

  • Setup Create objects, start services, initialize data Execution Steps to apply API or the scenario, including logging Verification evaluate the result of the execution Reporting Pass, failed or blocked Clean up Pre-test state

What are the common API testing types?

  • Validation Testing

  • Functional Testing

  • Load testing

  • Runtime/ Error Detection

  • Security testing

What must be checked when performing API testing? Accuracy of data Schema validation HTTP status codes Data type, validations, order and completeness Authorization checks Implementation of response timeout Non-functional testing like performance and security testing

What is the best approach method to perform API testing?

  • Defining the correct input parameters

  • Defining the basic functionality and scope of the API program

  • Testing case execution Comparing the test result with the expected result

What kinds of bugs that API testing would often find?

  • Missing or duplicate functionality

  • Fails to handle error conditions

  • Security

  • Performance

  • Multi-threading issues

What are API documentation templates that are commonly used?

  • Swagger

  • RestDoc

  • FlatDoc

APIsapiinterviewinterview questionsAPI TESTING