Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                

API Questions - Interview

Download as docx, pdf, or txt
Download as docx, pdf, or txt
You are on page 1of 4

1.

Parse Complex JSON


2. Status Code
3. 401 and 403
4. What is Authentication ?
5. What is Authorisation ?
6. What is the difference between Authentication and Authorisation ?

API testing - What to test ?

- CRUD - Resource creation, updation, deletion


- Missing required functionality
- Proper messaging
- Reliability
- Multithreading and improper handling issues
- Repetition

JSON / XML Schema validation


Max, min, invalid, null values

Challenges
- How to maintain the flow - response of one request to pass to another test
- Different types of param validation
- Validation of input
- Validation of output
- parameter categorisation

Common protocol used in API


- Rest (Representational State transfer protocol) - design pattern to create apis | stateless |
Client - Server |Layered sys Encapsulation
- Soap
- http
- JMS & UDDI

Types of API testing


- Validation
- Functional
- Load
- Run time error
- Security (vulnerabilities, threats etc)
- Penetration testing

What is a resource in REST ?


- Any Content (HTML, Image, Files)

How to represent resources (Common ways)


- JSON and XML

Which protocol Rest WebService use ?


- HTTP

What is Difference Between API and WebService


- WebService - need a network to operate
- API dont need network for operation (send requests thru endpoints)

What is the difference between PUT and POST ?


- PUT - Create / Update
- POST - Post is used to create

RPC - Remote Procedure call


- Executing procedures on remote / different machine

GET
- retrieve resource from end point
- remain in browser history / bookmarked (so no sensitive info)

POST
- Create resource
- Never cache/ bookmarked / never remain in browser history
- No restriction on data length

PUT
- Create / Update
- Never cache

PATCH
- update partial resource

DELETE
- delete

OPTIONS
- returns all options and available HTTP methods
HEAD - returns the header info (get)
TRACE - trace the request
Status Code
200 - ok - Successful Post request
201 - new resource created

400 - Bad Request


404 - Not found
401 - Unauthorised
403 - Forbidden

500 - Internal Server error

What is HTTP Request Contained ?


- Request Method
- base URI + resource URL
- Request Header - Accept-Language, Accept-Encoding, Host, User-Agent etc
- Request Body

What is HTTP Response Contains?


- Status Code
- Response Header Fields - Date, Server, Last-Modified, Content-Type
- Response Body

Common Steps for API testing


- Select the test case
- Develop API call
- Configure the API params
- Determine how to validate the API response
- Execute the API call
- API call response - validate the data
Constraints of API - 6 constraints

You might also like