API

Question 1

What are API’s?

Answer 1

API, or Application Programming Interface, acts like a language that lets different software systems talk to each other. It’s like a messenger sends requests for information from one system to another, when it gets a response, it translates and delivers it. APIs make sure different software can work together smoothly.

Question 2

What is a Web Service? API vs Web Service?

Answer 2

Web services are APIs accessible online. They need an internet connection and are accessed through a web service URL. It’s important to know while all web services are APIs, not all APIs are web services.

Question 3

What type of Web Services do you know? What are the differences?

Answer 3

SOAP, which is more secure but slower, follows W3C consortium guidelines, and uses XML; RESTful, which is faster, lightweight, allows flexible development without strict guidelines, and uses JSON, XML, or TEXT for data exchange.

Question 4

Which Protocol is used by RESTful Web Services?

Answer 4

RESTful web services use HTTP/HTTPS protocols as a medium of communication between client and server.

Question 5

Most Commonly Used HTTP Methods Supported By REST?

Answer 5

POST creates new data, GET retrieves information, PUT replaces the target resource, PATCH updates selected values, and DELETE removes the specified resource.

Question 6

Can a GET request be used instead of PUT to create a resource?

Answer 6

To create a resource, use the POST or PUT method, with PUT also serving for updates, while GET is only for requesting data from a specified resource.

Question 7

What is the difference between PUT and POST requests?

Answer 7

With a POST request, goal is to create a new object on the server, with a PUT` request, the goal is replace an existing object with another (Update).

Question 8

Which HTTP Status codes you know?

Answer 8

HTTP status codes provide information about requests: 1xx for information, 2xx for success (like 200 Ok), 3xx for redirection, 4xx for client errors (e.g., 400 Bad Request), and 5xx for server errors (e.g., 500 Internal Server Error).

Question 9

What is API Testing?

Answer 9

Is a type of testing which determines if the developed APIs meet expectations about the functionality, reliability, performance, and security of the application. We test to verify that we get what is expected. We will have to verify a few areas of the response body and also status codes.

Question 10

What are the advantages of API Testing?

Answer 10

API testing, focusing on core functionality and code-level operations, it is directed before GUI tests to catch issues early, proving time-effective and cost-saving. It’s language-independent, using XML or JSON for data exchange, offering flexibility in code language selection. This testing is crucial for accurate data exchange in web services, especially for third-party vendors like Expedia, where errors can lead to financial losses.

Question 11

What is EndPoint?

Answer 11

An endpoint is a location where a resource can be accessed, identified by a URI like /BookStore/v1/Books or /Account/v1/User. Creating a URI is essential to successfully access to endpoint, representing one end of a communication channel when an API interacts with another system.

Question 11

What tools can be used to test APIs? How do you test APIs in your project?

Answer 11

In our project, we utilize REST APIs, managing manual testing with Postman. We improve Postman’s features, organizing tests using global and environment variables for easy value changes. Postman’s JavaScript methods validate status codes and verify response items, with the collection runner executing multiple calls in order. For automation, we use the Rest Assured Java library. As a tester, I send API requests (GET, POST, PUT, or DELETE) and verify status codes, response bodies, and check headers. I make sure each endpoint functions as expected. For positive testing, I send valid requests, headers, parameters, and JSON bodies, verifying a 200/201 response. In negative testing, I send invalid elements, expecting a non-200/201 status code.

Question 12

What is a URI?

Answer 12

URI, or Uniform Resource Identifier, is a string that identifies and locates resources on the internet, combining a domain or base URL with a specific path or endpoint. URI = Domain/Base URL + endpoint URL/service URL/resource

Question 13

Do you have an API documentation website for your API? Any other API documentation you know?

Answer 13

my experience has been primarily with Swagger. It’s an open-source framework supporting developers in designing, building, documenting, and consuming RESTful Web services. there are also various API documentation templates like FlatDoc, RestDoc, and API Blueprint.

Question 14

Can you tell me what is required to send a POST, GET, PUT, PATCH, and DELETE calls?

Answer 14

? In our web connections, when we use POST, we make sure to include a URI, headers, and a payload (data in JSON, XML, etc.). For GET, only the URI and headers are needed since no payload is required for retrieving data. When it comes to PUT (update), we need a URI, headers, and a payload to modify information. On the other hand, DELETE requires a URI and headers, and optionally a payload sent as a JQuery or PATH parameter. It’s important to note that the HTTP request method includes the request method (Get, Post, Put, Delete), request URI (complete resource URL), request header (Accept, Content-Type), and request body (data to be sent to the resource).

Question 15

What is JSON?

Answer 15

JSON, or JavaScript Object Notation, is a data structuring format used for transmitting data between server and web application. It serves as a lightweight alternative to XML and represents data in a key:value format.

Question 15

What would you expect in a response?

Answer 15

I expect Response Status Code (e.g., 200, 201, 400, 404, 500), the Response Header (including Date, Server, Last-Modified, Content-Type), and the Response Body, it contains data returned to the client from the server.

Question 16

What are two types of Parameters sent with URI?

Answer 16

In REST, parameters are choices that affect the response, Path Parameters: Included in the URL path (/api/resource/parametervalue) Query Parameters: Specified as query arguments(/api/resource?parameter=value)

Question 17

What are Headers in API?

Answer 17

It serves to provide meta-information about a request. In my project, when sending POST or PUT requests, I specify in the headers that the ContentType used is JSON. After receiving response, I verify the header information with other validations.

Question 18

What is Payload?

Answer 18

Requests and response bodies of HTTP messages include data known as Payload. Payloads sent in POST and PUT methods but not in GET and DELETE methods. The response payload usually contains data from a GET request, such as a record or a list of records, or it serves as a confirmation for a POST request.

Question 19

How do you verify a value in your Response body?

Answer 19

To validate value in Response we can use: 1. JUnit Assertions RestAssured.baseURI=”https://bookstore.toolsqa.com”; Response response = RestAssured. given(). query-Param(“ISBN”,”9781491950296”). when()get(“/BookStore/v1/Book”); int code = re-sponse.getStatusCode(); As-sert.assertEquals(200, code); String responseBody = re-sponse.asString();Assert.assertTrue(responseBody.contains(“9781491950296”)); 2. HamCrest Matchers RestAssured.baseURI=”https://bookstore.toolsqa.com”; Response response = RestAssured.given(). queryParam(“ISBN”, “9781491950296”). when(). get(“/BookStore/v1/Book”).then().assertThat().statusCode(200). and().assertThat().body(“ISBN”, equal-To(“9781491950296”));

Question 20

What are the main challenges faced in API testing?

Answer 20

selecting correct parameters without proper documentation, categorizing them appropriately, ensuring proper call sequencing, and verifying and validating output, are all made complex by the lack of a graphical user interface for input values.

Question 21

What is the JSON path?

Answer 21

JSONPath, like XPath for XML, allows querying to retrieve specific sections of a JSON document crucial for the application, verified by the code: String token = re-sponse.body().jsonPath().getString("token");.

Question 22

What would you do if you do not have URI or anything else provided but you have to do API testing?

Answer 22

Well, I would request for API documentation so I can know what exactly needs to be tested and what responses I should be receiving. From experience, it is considered bad practice if I just “assume” when I am not supposed to.

Question 23

Which data do you compare your API responses with?

Answer 23

I would have to compare it with API documentation. If I have access to a database and it is a requirement to validate data directly in the database then I would do that as well.

Question 24

How do you validate status codes in your project?

Answer 24

In Postman, we utilized JavaScript methods to assert status codes, while for automation using REST Assured, we used re-sponse.then().assertThat().statusCode("status code") for the same purpose.

Question 25

How do you write a feature file in Cucumber for API testing?

Answer 25

In our project, the token generation was set as a prerequisite in the Background, ensuring it as a precondition for any execution. This involved preparing a request file in the “Given” phase, calling the API/endpoint during the “When” phase, and performing assertions in the “Then” phase.

Question 26

What baseline metrics/requirements are necessary for starting to prepare a performance/load test profile for a service that has had no previous performance/load testing performed?

Answer 26

I haven’t done load or performance testing before, so I’m not familiar with the process.

Question 27

What performance and testing approaches would you perform on the service?

Answer 27

I check the API documentation and ask the BA and developers if I’m unsure about any details. If testing across various setups is needed, I use tools like Postman. I set environment variables for easy test adjustments and use global variables for consistent data. In Postman and SoapUI, I refer to variables using {{variable}}.

Question 28

You just mentioned SoapUI in your last answer, have you worked with SoapUI?

Answer 28

No, I haven’t, but I was curious to explore using different technologies for API testing, I did some research to understand the possibilities.

Question 29

What does 401 status code mean? 301, 403?

Answer 29

A 401 status means “Unauthorized,” needing a token for API access. For 301, “Moved Permanently,” update links to the new URL provided.403 Forbidden error indicates that the server understands the request but can’t provide additional access.