REST API Interview Questions and Answers

REST is an API architecture style. REST API stands for REpresentational state Transfer Application Programming interface. REST API is also known as a RESTfulAPI or RESTful webservices. REST specifies how data is presented to a client in a format that is convenient for the client. It’s an API that uses HTTP requests such as GET, PUT, POST, and DELETE methods on data.

REST defines 6 architectural constraints which make any web service – a true RESTful API.

• Uniform interface – Interface between Clients and servers.
• Client server- It means that client application and server application must be able to evolve separately without any dependency on each other.
• Stateless -It means server does not remember anything about the user who uses the APIs.
• Cacheable-It means that the data the server sends contain information about whether or not the data is cacheable. If the data is cacheable might contain some sort of aversion number.
• Layered system- the client may connect to intermediate layers, which might not aware before-hand.so those layers can enforce security, do load balancing, provide caching etc.
• Code on demand (optional)-It means servers can also provide executable code to the client.

The HTTP method. Differing HTTP methods can be used on any endpoint which map to application create, read, update, and delete (CRUD) operations:

The Relativity REST API requires a minimal number of standard fields in the HTTP header for a request. For more information about how headers are used, see Supported HTTP methods.

CSRF – The cross-site request forgery (CSRF) field must be included in requests and set to blank (empty string). This field provides basic security by preventing malicious parties from scanning your REST endpoint. See the following example:

  X-CSRF-Header: [EMPTY OR BLANK VALUE]

If you omit this header field, the request fails.

Content-Type – This header field can be set to application/json, application/json;charset/utf-8, or text/json. See the following sample:

  Content-Type: application/json

Authorization – This header field is required if you are using basic or Active Directory authentication.

JAX-RS stands for Java API for RESTful web services. It is a set of Java APIs for building web services conforming to the REST Related. It is also support Bean validation. Typically, it is used for XML or JSON data exchange. Some of JAS-RS frameworks are : Jersey,RESTlet,Apache CXF,RESTEasy,play.etc.

URI stand s for Uniform Resource Identifier. It is the identifier for the resource in REST Architecture.

In the above question, we have understood the meaning of statelessness with respect to the client-server communication. Now, let us see some of its advantages and disadvantages.

Pros:

Every method required for communication is identified as an independent method i.e. there are no dependencies to other methods.

Any previous communication with the client and server is not maintained and thus the whole process is very much simplified.

If any information or metadata used earlier in required in another method, then the client sends again that information with HTTP request.

HTTP protocol and REST web service, both shares the feature of statelessness.

Cons:

In every HTTP request from the client, the availability of some information regarding the client state is required by the web service.

There are many testing tools available for web services. Some of the Webservices testing tools are:

• SOAPUI pro
• SOAtest
• SOAP sonar
• Test Maker
• API fortress
• Http master
• Postman
• HP QTP
• vREST
• webinject
• Jmeter
• Tricentis
• Pyresttest
• pingAPI

It is used o for all the operations of a web service supports. It creates read only requests to the server

Some of the HTTP status codes and Meaning

• 200 – It means OK or SUCCESS
• 201- It means CREATED-For a resource is created inside a collection- Response for POST Requests
• 202-It means ACCEPTED- It is used for actions-Response for DELETE Requests
• 204- It means NO CONTENT
• 301- It means MOVED PERMANENTLY
• 302-It means FOUND- It is a Common way of Performing URL redirection.
• 303-It means SEE OTHER
• 304-It means NOT MODIFIED
• 307- It means TEMPORALLY REDIRECTED
• 400-It means BAD REQUEST- Client-side error
• 401- It means UNAUTHORIZED
• 403-It means FORBIDDEN
• 404- It means Not Found-Client side-BAD URL
• 405- It means Method Not Allowed-Wrong HTTP Method
• 406- It means NOT ACCEPTABLE
• 412- It means PRE-CONDITION FAILED
• 415- It means UNSUPPORTED MEDIA TYPE
• 500- It means INTERNAL SERVER ERROR
• 501- It means NOT IMPLEMENTED

In RESTful Web Service, Request body of every HTTP message includes request data called as payload.it is part of the message is of interest to the recipient.

These methods are defined to be safe; this means to not alter the state in the server

HATEOAS stand for Hypermedia As The Engine Of Application State. It  is a key constraint in REST that is often overlooked. Basically, every response describes how the API can be used, by providing the URIs for allowable actions within each response.

The PUT or POST method should not be used to create a resource. You can use the GET operation which has view-only rights

HATEOAS stands for Hypermedia As The Engine Of Application State. It is a key constraint in REST that is often overlooked. Basically, every response describes how the API can be used, by providing the URIs for allowable actions within each response.

XML and JSON

• SOAPUI
• Postman
• Jmeter
• Karate
• Apigee
• REST assured
• POST woman
• Powershell
• Insomnia
• Pyresttest
• Citrus framework
• Katalon studio
• Zerocode
• mockbin