Rest | Restful API Web Services Interview Questions and Answers In Java

Rest | Restful API Web Services Interview Questions and Answers In Java: Welcome to Another Addition of Testing Interview Questions series of Manual Testers. After Somany requests for Restful API Web Services API Interview Questions and that also Specific to Rest API Interview Questions, because Restful API Web Services which is widely used by most of the organization.

So, As testers, we have knowledge on How to do rest API testing, So below we are trying to share restful web services interview questions, and also we have shared Java rest interview questions with the solutions.

WEB API Interview Questions Asked In Interviews

• What is the RAML what is the use?
• How to handle dynamic bearer token authentication (token has changed every one hour)
• How do u know your URL and query parameters and path parameters are working or not
• Where do use is given and when and then in your framework
• How to create a post request with dynamic data in your framework
• Explain your framework
• Rest and sop difference?
• What does mean by rest is light compare to soap
• Why soap is more secure than rest.
• Different response code
• When we get a stale element exception.
• Explain overloading and overriding with example.
• Explain all the oops concepts you used in your framework.
• If you are not able to find any element then what techniques you will apply.
• Verification and validation of different examples.
• Response time in rest and soap services. Is any difference?

WEB API Interview Questions Discussed

• Error code for authentication and Authorization
• Whats authentication
• What is the difference between put and patch requests?
• Is there any way to verify the response on UI? It was asked in an interview after performing API testing how do you verify on UI.
• How to debug/read/rewrite req/response of API over HTTPS using Charles?
• What is the difference between oath 1 and oath 2?
• Enlist some common tests that are performed on APIs?
• How to identify oath 1 and oath 2?
• What is the purpose of the oath?
• Oath generation testing
• When to use the post method
• Whats patch method and when to use it
• What’s other tools for API testing, apart from postman
• What all to think/consider for switching Automations framework
• The internal and external API token
• Generate Access token
• What have mainly used HTTP methods other than post get put and delete
• What have mainly used HTTP methods other than post get put and delete
• How does basic Authorization works?
• Explain in brief the different types of output observed of an API.
• Can booleans parameterized
• What all testing you will perform on an API
• Whats SQL injection, how to do it
• Explain in brief the different types of output observed of an API. – JSON, XML, HTML, text
• Schema validation
• Heartbeat call and logistics call
• Https local map for Charles proxy

Rest API Real Time Interview Questions

• What will you check first when a lot of failures in API automation?
• What will you do when API structure changes?
• Which dependency is good to handle Json operations?
• How do you keep Json requests in the automation framework?
• Which of the following takes more time to script. Get or Post a call?
• Tell me your approach to automate an API that is under development
• Tell me a complex scenario you automated so far
• What will be your action, when a mandatory header which is passed in all the services becomes optional?

Rest API Interview Questions

• What is the difference between API and WebService?
• What is the difference between SOAP & Rest API?
• Can you write a sample of API(URL) and JSON?
• How do you handle the Authentication token?
• How many types of Authentication in POSTMAN/ Rest-Assured.
• What is the difference between OAuth1.0 and OAuth2.O, When and where do you use and how? Can you write a sample code?
• What is baseURI in RestAssured?
• Can you explain RequestSpecification request = RestAssured.given();
• What will be returned type of response.jsonPath().getJsonObject(“XYZ”);
• How do you extract the values of JSON and how do you validate the response.
• Can you write a code for saving the response in a JSON file?
• How do you validate the headers of the response?
• What is the difference between Headers and Header class?
• What is difference between response.header(“xyz”) and response.headers() methods.
• Can you extract all the headers from the response at run time?
• What is JSONObject() , request.header(“xyz”), response.path(“lable”) , response.body().asString() , response.getBody().prettyPrint(); , RestAssured.given().queryParam(“xyz”,”abc”);
• What is difference between request.get(“https//dev-mode.com/api/allcustomers”) and request.request(Method.GET,”/ allcustomers “);
• What is the difference between PUT and Patch? Have you ever used and where.
• What are status code(2xx ,3xx ,4xx, 5xx) in API.
• How do you print your response in JSON format?
• How do you post body in POST and how many ways to post.
• What all are the dependency for Rest-Assured.

Restful APIs | Restful web services interview questions

• How to parse a JSON
• How to parse an XML
• How to Insert key: value based upon some searching criteria
• Write code for conversion of JSON to XML and XML to json
• What do you mean by the query parameter and path parameter?
• What is the difference between put and patch?
• What is the validation while API automation?
• Explain your framework(Rest Assured)
• What do you mean by object notation and array notation in JSON?
• Write code for JSON Read
• What do you mean by POJO why we use POJO?
• What do you mean by authentication and what are the types of authentication while API testing
• What is the difference between URI and URL
• How do you store the result and use it further in groovy scripting
• What do you mean by Test runner in groovy scripting
• What is the Rest of the service architecture?
• What is the soap service architecture?
• What is the soap UI work hierarchy?
• How to set and get property using Groovy scripting
• What do you mean by jsonsluper and xmlholder
• How to convert JSON to Hashmap
• What do you mean by Data source Data Sink and Data Source loop and why do we use it
• How to handle SSL in SoapUI
• What are the different types of properties in SoapUI how you declare using Groovy scripting?
• What is the main thing while API automation?
• What do you mean by Webservices and why do we use Webservices.
• What is the difference between soap and Rest?
• What do you mean by UDDI .and what do you mean by WSDL.
• What is the different type of HTTP Methods?
• How to parse a list from a JSON, for example, there is JSON and there are multiple IDs how you will parse all the IDs from JSON and how you will parse a particular I’d from that JSON.

Rest API Interview Questions

• The model used of your Rest API means how your following rest API ( these are coming from Richardson maturity model)
• The architecture of the API project ( Jax-rs with jersey or restless etc)
• How you create JSON data on post-call. ( I mean are you hardcoding data in code or somewhere you calling like JSON or CSV file)
• How you extract path parameters
• How you reading JSON response ( here JSON object, JSON array, reading whole key-value pair, etc)
• Question will be from about headers and cookies ( in Get call and post-call related)
• Maintaining URL’s ( means get a call or post-call or delete call URL; here interviewer will make twist based on your earlier told how your company follows API development, simply Richardson model)
• Question will be from what is path parameters, query parameters, etc
• Extent report or default report.
• Some database query as you know API bit related with DB as just making the sure response and request was drop in DB or not OK

API Hangout Interview Questions Discussion

• Difference between Get and Post call?
• How/why do we call Get and Post a call?
• Is it mandatory to send request data in JSON format only?
• How API works?
• Please explain RPC API.
• What is the difference between REST API and microservices?
• Why we do that get parameter session and variable declaration in API?
• why we use mocks or stubs?
• Difference between SOAP API and REST API?
• What is the difference between the patch and put method in RestApi?
• What is the difference between a REST and RESTful?
• What is REST ASSURED?
• How does caching works in microservices?
• What are the expectations the Technical panel sees for a tester from an API Automation perspective?
• Why we do API Testing what is the advantage and where all we can do API testing?

Rest web services interview questions

What Rest Stands For?
Answer: REST stands for REpresentational State Transfer.

What Is Rest?
Answer:  REST is a web standards-based architecture and uses HTTP Protocol for data communication. It revolves around resources where every component is a resource and a resource is accessed by a common interface using HTTP standard methods. REST was first introduced by Roy Fielding in 2000.

In REST architecture, a REST Server simply provides access to resources, and a REST client accesses and presents the resources. Here each resource is identified by URIs/ global IDs. REST uses various representations to represent a resource like text, JSON, and XML. Nowadays JSON is the most popular format being used in web services.

Name Some Of The Commonly Used Http Methods Used In Rest Based Architecture?
Answer: Following well-known HTTP methods are commonly used in REST-based architecture:

• GET − Provides read-only access to a resource.
• PUT − Used to create a new resource.
• DELETE − Used to remove a resource.
• POST − Used to update an existing resource or create a new resource.
• OPTIONS − Used to get the supported operations on a resource.

What Are Web Services?
Answer: A web service is a collection of open protocols and standards used for exchanging data between applications or systems. Software applications written in various programming languages and running on various platforms can use web services to exchange data over computer networks like the Internet like inter-process communication on a single computer.

What Are Restful Web Services?
Answer: Web services based on REST Architecture are known as RESTful web services. These web services use HTTP methods to implement the concept of REST architecture. A RESTful web service usually defines a URI, Uniform Resource Identifier a service, provides resource representation such as JSON, and a set of HTTP Methods.

What Is A Resource In Rest?
Answer: REST architecture treats every content as a resource. These resources can be text files, HTML pages, images, videos, or dynamic business data. REST Server simply provides access to resources and REST client accesses and modifies the resources. Here each resource is identified by URIs/ global IDs.

How To Represent A Resource In Rest?
Answer: REST uses various representations to represent a resource where text, JSON, XML. XML and JSON are the most popular representations of resources.

What Are The Best Practices To Design A Resource Representation?
Answer: Following are important points to be considered while designing a representation format of a resource in RESTful web services:

• Understandability − Both Server and Client should be able to understand and utilize the representation format of the resource.
• Completeness − Format should be able to represent a resource completely. For example, a resource can contain another resource. The format should be able to represent simple as well as complex structures of resources.
• Linkability − A resource can have a linkage to another resource, a format should be able to handles such situations.

Which Protocol Is Used By Restful Web Services?
Answer: RESTful web services make use of HTTP protocol as a medium of communication between client and server.

What Is Messaging In Restful Web Services?
Answer: A client sends a message in the form of an HTTP Request and the server responds in the form of an HTTP Response. This technique is termed Messaging. These messages contain message data and metadata i.e. information about the message itself.

What Are The Core Components Of A HTTP Request?
Answer: An HTTP Request has five major parts :

• Verb − Indicate HTTP methods such as GET, POST, DELETE, PUT, etc.
• URI − Uniform Resource Identifier (URI) to identify the resource on the server.
• HTTP Version − Indicate HTTP version, for example HTTP v1.1 .
• Request Header − Contains metadata for the HTTP Request message as key-value pairs. For example, client ( or browser) type, format supported by the client, format of the message body, cache settings, etc.
• Request Body − Message content or Resource representation.

What Are The Core Components Of A HTTP Response?
Answer: An HTTP Response has four major parts:-

• Status/Response Code − Indicate Server status for the requested resource. For example, 404 means resource not found and 200 means response is ok.
• HTTP Version − Indicate HTTP version, for example HTTP v1.1 .
• Response Header − Contains metadata for the HTTP Response message as key-value pairs. For example, content length, content type, response date, server type, etc.
• Response Body − Response message content or Resource representation.

What Is Addressing In Restful Web Services?
Answer: Addressing refers to locating a resource or multiple resources lying on the server. It is analogous to locate a postal address of a person.

What Is Uri?
Answer: URI stands for Uniform Resource Identifier. Each resource in a REST architecture is identified by its URI.

What Is Purpose Of A Uri In Rest Based Web Services?
Answer: The purpose of a URI is to locate a resource(s) on the server hosting the web service.

What Is Format Of A Uri In Rest Architecture?
Answer: A URI is of the following format:− <protocol>://<service-name>/<ResourceType>/<ResourceID>

What Is The Purpose Of Http Verb In Rest Based Web Services?
Answer: VERB identifies the operation to be performed on the resource.

What Are The Best Practices To Create A Standard Uri For A Web Service?
Answer: Following are important points to be considered while designing a URI −

• Use a Plural Noun − Use a plural noun to define resources. For example, we’ve used users to identify users as a resource.
• Avoid using spaces − Use underscore(_) or hyphen(-) when using a long resource name, for example, use authorized_users instead of authorized%20users.
• Use lowercase letters − Although URI is case-insensitive, it is good practice to keep URL in lower case letters only.
• Maintain Backward Compatibility − As Web Service is a public service, a URI once made public should always be available. In case, URI gets updated, redirect the older URI to the new URI using HTTP Status code, 300.
• Use HTTP Verb − Always use HTTP Verb like GET, PUT, and DELETE to do the operations on the resource. It is not good to use operations names in URI.

What Is Statelessness In Restful Web Services?
Answer: As per REST architecture, a RESTful web service should not keep a client state on the server. This restriction is called statelessness. It is the responsibility of the client to pass its context to the server and the server can store this context to process the client’s further request. For example, a session maintained by the server is identified by a session identifier passed by the client.

What Are The Advantages Of Statelessness In Restful Web Services?
Answer: Following are the benefits of statelessness in RESTful web services:

• Web services can treat each method request independently.
• Web services need not maintain the client’s previous interactions. It simplifies application design.
• As HTTP is itself a statelessness protocol, RESTful Web services work seamlessly with HTTP protocol.

What Are The Disadvantages Of Statelessness In Restful Web Services?
Answer: Following is the disadvantage of statelessness in RESTful web services:-

Web services need to get extra information in each request and then interpret to get the client’s state in case client interactions are to be taken care of.

What Do You Mean By Idempotent Operation?
Answer: Idempotent operations mean their result will always the same no matter how many times these operations are invoked.

Which Type Of Web Services Methods Are To Be Idempotent?
Answer: PUT and DELETE operations are idempotent.

Which Type Of Web Services Methods Are To Be Read-Only?
Answer: GET operations are read-only and are safe.

What Is The Difference Between Put And Post Operations?
Answer: PUT and POST operation is nearly the same with the difference lying only in the result where PUT operation is idempotent and POST operation can cause a different result.

What Should Be The Purpose Of Options Method Of Restful Web Services?
Answer: It should list down the supported operations in a web service and should be read-only.

What Should Be The Purpose Of Head Method Of Restful Web Services?
Answer: It should return only HTTP Header, no Body, and should be read-only.

What Is Caching?
Answer: Caching refers to storing server responses in the client itself so that a client needs not to make a server request for the same resource again and again. A server response should have information about how caching is to be done so that a client caches the response for some time or never caches the server response.

Which Header Of HTTP Response, Provides The Date And Time Of The Resource When It Was Created?
Answer: The date header provides the date and time of the resource when it was created.

Which Header Of HTTP Response, Provides The Date And Time Of The Resource When It Was Last Modified?
Answer: Last Modified header provides the date and time of the resource when it was last modified.

Which Header Of Http Response Provides Control Over Caching?
Answer: Cache-Control is the primary header to control caching.

Which Header Of Http Response Sets Expiration Date And Time Of Caching?
Answer: Expires header sets expiration date and time of caching.

Which Directive Of Cache-Control Header Of Http Response Indicates That Resource Is Cacheable By Any Component?
Answer: The public directive indicates that the resource is cacheable by any component.

Which Directive Of Cache-Control Header Of Http Response Indicates That Resource Is Catchable By Only Client And Server, No Intermediary Can Cache The Resource?
Answer: The private directive indicates that the resource is cachable by only the client and server, no intermediary can cache the resource.

Which Directive Of Cache-Control Header Of Http Response Indicates That Resource Is Not Cacheable?
Answer: no-cache/no-store directive indicates that the resource is not cacheable.

Which Directive Of Cache-Control Header Of Http Response Can Set The Time Limit Of Caching?
Answer: the max-age directive indicates that the caching is valid up to max-age in seconds. After this, the client has to make another request.

Which Directive Of Cache-Control Header Of Http Response Provides Indication To Server To Revalidate Resource If Max-age Has Passed?
Answer: the must-revalidate directive indicates the server to revalidate resources if max-age has passed.

What Are The Best Practices For Caching?
Answer: Always keep static contents like images, CSS, JavaScript cacheable, with an expiration date of 2 to 3 days. Never keep the expiry date too high. Dynamic contents should be cached for a few hours only.

What Are The Best Practices To Be Followed While Designing A Secure Restful Web Service?
Answer: As RESTful web services work with HTTP URLs Paths so it is very important to safeguard a RESTful web service in the same manner as a website is being secured. Following are the best practices to be followed while designing a RESTful web service:

• Validation − Validate all inputs on the server. Protect your server against SQL or NoSQL injection attacks.
• Session-based authentication − Use session-based authentication to authenticate a user whenever a request is made to a Web Service method.
• No sensitive data in URL − Never use username, password, or session token in URL, these values should be passed to Web Service via the POST method.
• Restriction on Method execution − Allow restricted use of methods like GET, POST, DELETE. The GET method should not be able to delete data.
• Validate Malformed XML/JSON − Check for well-formed input passed to a web service method.
• Throw generic Error Messages − A web service method should use HTTP error messages like 403 to show access forbidden etc.

What Is The Purpose Of the HTTP Status Code?
Answer: HTTP Status code is standard code and refers to the predefined status of the task done at the server. For example, HTTP Status 404 states that the requested resource is not present on the server.

What HTTP Status Code 200 States?
Answer: It means, OK, shows a success.

What HTTP Status Code 201 State?
Answer: It means, CREATED when a resource is successfully created using POST or PUT request. Return link to a newly created resource using a location header.

What HTTP Status Code 204 States?
Answer: It means, NO CONTENT, when the response body is empty for example, a DELETE request.

What HTTP Status Code 304 States?
Answer: It means, NOT MODIFIED, used to reduce network bandwidth usage in case of conditional GET requests. The response body should be empty. Headers should have a date, location, etc.

What HTTP Status Code 400 States?
Answer: It means, BAD REQUEST, states that invalid input is provided e.g. validation error, missing data.

What HTTP Status Code 401 States?
Answer: It means, FORBIDDEN, states that the user is not having access to the method being used, for example, delete access without admin rights.

What HTTP Status Code 404 States?
Answer: It means, NOT FOUND, states that the method is not available.

What HTTP Status Code 409 States?
Answer: It means, CONFLICT, states conflict situation while executing the method, for example, adding a duplicate entry.

What HTTP Status Code 500 States?
Answer: It means, INTERNAL SERVER ERROR, states that the server has thrown some exception while executing the method.

What Is Jax-rs?
Answer: JAX-RS stands for Java API for RESTful Web Services. JAX-RS is a JAVA based programming language API and specification to provide support for created RESTful Webservices. Its 2.0 version was released on 24 May 2013. JAX-RS makes heavy use of annotations available from Java SE 5 to simplify the development of JAVA based web services creation and deployment. It also provides support for creating clients for RESTful web services.

Explain REST?
Answer: REST stands for Representational State Transfer. REST is an architectural style of developing web services that take advantage of the ubiquity of HTTP protocol and leverages the HTTP method to define actions. It revolves around a resource where every component is a resource that can be accessed by a common interface using HTTP standard methods.

In REST architecture, a REST Server provides access to resources, and a REST client accesses and presents those resources. Here each resource is identified by URIs of global IDs. REST uses different ways to represent a resource like text, JSON, and XML.XML and JSON are the most popular representations of resources these days.

What Is The Most Popular Way To Represent A Resource In REST?
Answer: REST uses different representations to define a resource like text, JSON, and XML.
JSON is the most popular representation of resources.

Explain What Is A “Resource” In REST?
Answer: REST architecture treats every content as a resource. These resources can be either text files, HTML pages, images, videos, or dynamic business data.
REST Server provides access to resources and REST client accesses and modifies these resources. Here each resource is identified by URIs/ global IDs.

Which Protocol Is Used By RESTful Web Services?
Answer: RESTful web services make use of HTTP protocol as a medium of communication between client and server.

What Is Messaging In RESTful Web Services?
Answer: RESTful web services make use of HTTP protocol as a medium of communication between client and server. The client sends a message in the form of an HTTP Request.
In response, the server transmits the HTTP Response. This technique is called Messaging. These messages contain message data and metadata i.e. information about the message itself.

State The Core Components Of An HTTP Request?
Answer: Each HTTP request includes five key elements.

• The Verb indicates HTTP methods such as GET, PUT, POST, DELETE.
• URI stands for Uniform Resource Identifier (URI). It is the identifier for the resource on the server.
• HTTP Version which indicates HTTP version, for example-HTTP v1.1.
• Request Header carries metadata (as key-value pairs) for the HTTP Request message. Metadata could be a client (or browser) type, the format that the client supports, message body format, and cache settings.
• Request Body indicates the message content or resource representation.

What is Rest Assured?
Answer: In order to test the REST APIs, I found the REST Assured library so useful. It is developed by JayWay Company and it is a really powerful catalyzer for automated testing of REST-services. REST-assured provides a lot of nice features, such as DSL-like syntax, XPath-Validation, Specification Reuse, easy file uploads, and with those features, we will handle automated API testing much easier.

How to declare the API details in the Rest Assured Test?
Answer: Using Given(), When(), Then()

Name The Most Commonly Used HTTP Methods Supported By REST?
Answer: There are a few HTTP methods in REST that are more popular.

• GET -It requests a resource at the request-URL. It should not contain a request body as it will get discarded. Maybe it can be cached locally or on the server.
• POST – It submits information to the service for processing; it should typically return the modified or new resource.
• PUT – At the request URL it updates the resource.
• DELETE – It removes the resource at the request-URL.
• OPTIONS -It indicates the supported techniques.
• HEAD – It returns meta-information about the request URL.

Is There Any Difference Between PUT And POST Operations? Explain It.
Answer: PUT and POST operations are almost the same. The only difference between the two is in terms of the result generated by them.
PUT operation is idempotent while POST operation can give a different result.

What Is URI? Explain Its Purpose In REST Based Web Services. What Is Its Format?
Answer: URI stands for Uniform Resource Identifier. URI is the identifier for the resource in REST architecture.
The purpose of a URI is to locate a resource(s) on the server hosting the web service. A URI is of the following format-
<protocol>://<service-name>/<ResourceType>/<ResourceID>

How to compare the response values with Rest Assured Assertion?
Answer:  Example :
given().
parameters(“firstName”, “John”, “lastName”, “Doe”).
when().
post(“/greetXML”).
then().
body(“greeting.firstName”, equalTo(“John”)).
body(“greeting.lastName”, equalTo(“Doe”));

How to Insert cookies in Testing the API using Rest Assured?
Answer: given().cookie(“username”, “John”).when().get(“/cookie”).then().body(equalTo(“username”));

How to Insert headers in Testing the API using Rest Assured?
Answer: given().header(“MyHeader”, “Something”).

How to Validate Response Headers with Rest Assured?
Answer: get(“/x”).then().assertThat().header(“headerName”, “headerValue”).

How to handle Basic Authentication with Rest Assured?
Answer:given().auth().preemptive().basic(“username”,  “password”).when().get(“/secured/hello”).then().statusCode(200);

What Do You Understand By Payload In RESTFul Web Service?
Answer: The request body of every HTTP message includes request data called Payload. This part of the message is of interest to the recipient.
We can say that we send the payload in the POST method but not in <GET> and <DELTE> methods.

When we should use JsonPath and when we should use the POJO class?
Answer: When you want to validate the number of fields, we need to use POJOs. If you want to use the number of values from the responses to the next request as input we can use POJOs.
POJOs can help you leverage annotations from Jackson libraries. There is so much cool stuff you can do with POJOs and Jackson. POJOs can also help you to do schema validations.

If you are just validating one or two values in the response use JSON Path.

Tips For Web API Interview Preparation:

From my last interview experiences, I would like to add a few more concepts, if you can cover them:
1- Postman:
– Creating and managing collections
– Setting up different environment variables and using in requests(URL, Header, Query params) as parameters
– Setting up Global variables and using them in requests
– Using Test feature to validate basic scenarios like response code, JSON values using javascript
– Get value from the response and set in the environment or global variable

2- Oauth architecture
– understanding auth server, resource server, token, etc
3- Different ways of extracting JSON values, using regex expression, using JsonPath
4- Extracting values from simple hson, JSON array.
5- Good understanding of 2xx,3xx,4xx,5xx codes
6- Different ways of file upload using the POST method
7- Verifying API contracts

Restful API Web Services Conclusion

I Hope the above Restful API Web Services interview questions which we have shared in this post will able to give an idea on what are the main rest API interview questions you may face during an interview for both experienced and freshers testers.

If you face any other interview questions then you can update us by commenting in the comment section and we update the list. for more updates, you can join our SoftwareTestingo telegram group where we are regularly share testing Job updates and other updates too.