Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

API questions > General questions > Flashcards

General questions Flashcards

1
Q

What does API stand for?

A

application programming Interface

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What kind of requests did you send?

A

I have worked on all kinds of CRUD operation requests

Post, GET, Put, Patch, Delete, Head

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What OPTIONS http method is for?

A

Specifies what kind of actions are available for certain request URLs
( If API provides such options ).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What HEAD http method and why did you use it?

A

The HEAD method asks for a response identical to that of a GET request, but without the response body. Could HEAD request could be used to read its Content-Length header to check the file size without actually downloading the file.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

How did you do API testing? What was your purpose in your last project?

A
  • I did API testing for an internal project employee info. An OLD Application exposed the restful api for easy integration with other apps. So I test that the app functionality works in API layer. i have experience in testing and automating in postman and using Rest Assured library.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

The difference between PUT and PATCH?

A

PUT is used for complete update.

PATCH is used for partial update.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

The difference between PUT and POST

A

PUT is used for complete update of existing data.

PATCH is used for adding new data to the server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Give a step by step example of how you would automate a testcase API side.

A 
First, I would read the documentation( functional requirements ) of the application. Understand each endpoint including
 - authorization
 - authentication
and understand relevant information such as: 
 - query parameters
 - headers
 - expected status codes
 - response body
 - response headers

I would test it out manually in postman to get results for both positive and negative responses.

Then, I write test scenarios and assertions around those expected outcomes according to the documentation

Finally, I can write in both postman, and Rest Assured latest project i worked on was a Rest Assured Maven project.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

If you need API authentication, how do you attach it to your request? Types of authentication you know in API?

A

A few Experiences:

Basic authentication

Token based authentication
- bearer token in authentication header

API key in custom header

API key in query param

oAuth2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Give an example of an API test you recently wrote and how detailed you went with the test?

A

most recently I had a POST /employees endpoint that expected a json as a payload and it has a restriction on the field values such as name length, phone number, email verifications along with positive scenarios where i add correct json payload and expected 201 status code with valid headers and response payload. I added negative scenarios for all kinds of 400 Bad Request scenarios.
- either name as invalid length
- phone or email in valid format
- multiple invalid inputs
Additionally i added a GET /employee/{id} requests to verify the data was added correctly. Same flow with PUT and PATCH requests

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

How do you validate Json body?

A

I can do verification of json body both in postman and Rest Assured. In postman, save the json response as a JavaScript object and access the property of the object for verification.

In Rest Assured, I use Json Path to capture the value of the field to be verified and compare that with expected result in the test.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

How detailed are you when you test with postman?

A

I organize my collection according to the functionality of the app.

The collection is designed to go through multiple scenarios by carrying data created in previous steps to make it stable.

For example while testing DELETE requests, instead of relying on data that exists in the app, I create my own data with POST and use as test data.

Tested all negative scenarios like 403 forbidden response to make sure only those who have authority can make authorized requests.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

How would you validate only part of the body of a response?

A

Capture the value from the json and compare that according to the expected result. In some scenario, I also add additional validation for Json Schema to make sure the Json Structure is a expected according to the requirements.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

How do you test the structure of your Json response without having to verify the actual value of the field?

A

I do Json Schema validation to verify the structure of the Json response. I have Json Schema file that I got from developers to describe how the response structure should look like in Rest Assured project, I have Json-schema-validator dependency. I make a GET request to /products and assert that
.body(matchesJsonSchemaInClassPath(“product-schema.json”))

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Do you only do Status Code validations? What other part of the API do you validate?

A 
Status Codes
Headers
Body XML or Json
Structure of the body with schema
Optionally response time.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What kinds of edge cases did you test for API validations? Give an example from your project.

A

One of the POST requests i was working on only accepts 10-13 digit numbers and suppose it gave 400 Bad request response if it was less or more digit.

So I tested with the number less than 10 and more than 13, it worked fine when it was less than 10 but whenever it goes over 15, the response is 500. Which was accepted as a valid defect.

17
Q

How do you convert from JSON to Java Object and Java Object to JSON?

A

I have a POJO class that represents the structure of the JSON object. I use the Jackson Data-Bind library to do such conversion known as serialization and deserialization.

POJO class is used to represent data, it does not have extra functionality other than representing the data it should have. 
(Encapsulated fields and no-args constructors.)
18
Q

What collections do you use to read the JSON file and store the data?

A

Map
List
List

19
Q

How do you test the business restrictions that are on the API?

A

restrictions can be multiple things like authorization and authentication or restrictions on valid data when adding or updating data

I use multiple different test scenarios to test positive/negative scenarios according to the restrictions.

20
Q

Describe where else you’ve used API other than API testing?

A

Some of my UI scenarios heavily rely on correct data in the correct state to be able to go through the application flow. I didn’t have access to the database/getting data from the database was complex since it was spread among too many database tables. However, there was an API endpoint that returned such data I need easily. So I made an API call to get my test data and pass it to the UI scenario to drive my UI test.

Use in other scenarios to quickly and easily generate test data.

21
Q

Example of an API challenge?

A

Lack of documentation

Documentation is not up to date or no way to understand how it works or who to ask

Slow response from the requests

22
Q

How do you pass a JSON file with API?

A

If the POST /endpoint accepts a binary file as body or form data that include key and binary file as the body you can use Postman request body form-data tab to add such file to send to the server.

In RESTAssured this can be done using its support for multipart form data by passing the location of the file in the file system.

23
Q

Initially, your API returns some dummy data from local storage or in-memory database as API response, now it’s connected to the real test database. How can you verify your API request-response is matching data coming from the database?

A

This is a perfect API-DB validation scenario. Make a connection to the database with JDBC for getting the expected results of your API request.

Then make an actual API request to GET /endpoint

and verify the data from the response match data you got from the database.

24
Q

If you had a bearer token and got 403 what does it mean what are the first steps?

A

It means the user doesn’t have permission to do such an action. I would first read the documentation to see if the user should have access. If they should and don’t. Then I would manually test it and make a bug report.

25
Q

Suppose you run your API suite, every day it was taking 10 minutes, but this time it took 30 minutes. What would you do? What could be the reason?

A

The server could be overloaded.

Could be too much data and taking time to return.

General internet slowness issue from server-side.

26
Q

Have you worked with XML responses?

A

Not recently, most of the API endpoints I

API questions (2 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions