API Testing Interview Questions

 API Testing Interview Questions

APIs allow developers to share data across different platforms.

1. What is an API?

API is an acronym and it stands for Application Programming Interface. API acts as an interface between two software applications and allows the two software applications to communicate with each other. API is a collection of software functions that can be executed by another software program.

2. What is API Testing?

API testing involves testing APIs directly and also as a part of integration testing to check whether the API meets expectations in terms of functionality, reliability, performance, and security of an application. In API Testing our main focus will be on the Business logic layer of the software architecture. 

3. What are the common API Testing Types?

• Unit testing
• Functional testing
• Load testing
• Runtime/ Error Detection
• Security testing
• UI testing
• Interoperability and WS Compliance testing
• Penetration testing
• Fuzz testing

4. common protocols used in API Testing?

• HTTP
• REST
• SOAP
• JMS
• UDDI

Architectural styles for creating a Web API?

• Simple URI as the address for the services
• Stateless communication
• HTTP for client-server communication
• XML/JSON as formatting language

What is API test environment?

In API testing environment, no GUI (Graphical User Interface) is available.

Throughout the process, various parameters for the original environment are established via API calls to examine the test results.

5. API vs Web services?

Web services:

1. All web services are APIs
2. All web services need to be exposed over web(HTTP)
3. A Web service uses only three styles of use: SOAP, REST and XML-RPC for communication
4. A Web service always needs a network to operate

APIs:

1. All APIs are not web services
2. All APIs need not be exposed over web(i.e. HTTP)
3. API uses multiple ways for communication e.g. DLL files in C/C++, Jar files/ RMI in java, Interrupts in Linux kernel API etc.
4. APIs don’t need a network for operation

6. What is Soap?

SOAP stands for Simple Object Access Protocol. It is an XML based messaging protocol. It helps in exchanging information among computers.

7. Rest API?

REST stands for Representational State Transfer. It is a set of functions helping developers in performing requests and receive responses. Interaction is made through HTTP Protocol in REST API.

8.  SOAP vs REST?

SOAP:
1. SOAP is a protocol through which two computers communicate by sharing XML document
2. SOAP supports only XML format
3. SOAP does not support caching
4. SOAP is slower than REST
5. SOAP is like a custom desktop application, closely connected to the server
6. SOAP runs on HTTP but envelopes the message

REST:
1. REST is a service architecture and design for network-based software architecture
2. REST supports different data formats
3. REST supports caching
4. REST is faster than SOAP
5. REST client is just like a browser and uses standard methods An application has to fit inside it
6. REST uses the HTTP headers to hold meta information

9. Common tests that are performed on APIs?

1. Verify whether the return value is based on the input condition. The response of the APIs should be verified based on the request.
2. Verify whether the system is authenticating the outcome when the API is updating any data structure
3. Verify whether the API triggers some other event or request another API
4. Verify the behavior of the API when there is no return value

10. Advantages of API Testing?

• API Testing is time effective when compared to GUI Testing. API test automation requires less code so it can provide faster and better test coverage.
• API Testing helps us to reduce the testing cost. With API Testing we can find minor bugs before the GUI Testing. These minor bugs will become bigger during GUI Testing. So finding those bugs in the API Testing will be cost-effective to the Company.
• API Testing is language independent.
• API Testing is quite helpful in testing Core Functionality. We can test the APIs without a user interface. In GUI Testing, we need to wait until the application is available to test the core functionalities.
• API Testing helps us to reduce the risks.

11. What exactly needs to be verified in API Testing?

Basically, on API Testing, we send a request to the API with the known data and we analyze the response.
1. Data accuracy
2. HTTP status codes
3. Response time
4. Error codes in case API return any errors
5. Authorization checks
6. Non-functional testing such as performance testing, security testing

12. Name some tools used for API Testing?

• Postman
• Katalon Studio
• SoapUI
• Tricentis Tosca
• Apigee
• JMeter
• Rest-Assured

 

13. Most used templates for API documentation?

• Swagger
• FlatDoc
• RestDoc
• API blueprint
• Slate
• Miredot
• Web service API Specification.

14. API examples which are quite popular.

• Google Maps API
• YouTube
• Twitter
• Amazon Advertising API

15. API testing Vs Unit Testing?

UNIT TESTING:

• Unit testing is conducted by the Development Team
• Unit testing is a form of White box testing
• Unit testing is conducted prior to the process of including the code in the build
• Source code is involved in Unit testing
• In unit testing, the scope of testing is limited, so only basic functionalities are considered for testing

API TESTING:

• API testing is conducted by QA Team
• API testing is a form of Black box testing
• API testing is conducted after the build is ready for testing
• Source code is not involved in API testing
• In API testing, the scope of testing is wide, so all the issues that are functional are considered for testing

16. Main challenges faced in API testing?

• Selecting proper parameters and its combinations
• Categorizing the parameters properly
• Proper call sequencing is required as this may lead to inadequate coverage in testing
• Verifying and validating the output
• Due to the absence of GUI, it is quite difficult to provide input values

17. Types of bugs we face in API testing?

• Stress, performance, and security issues
• Duplicate or missing functionality
• Reliability issues
• Improper messaging
• Incompatible error handling mechanism
• Multi-threaded issues
• Improper errors

18. How is UI testing is not similar to API testing?

UI (User Interface) testing is to test the graphical interface part of the application. Its main focus is to test the look and feel of an application. On the other hand, API testing enables the communication between two different software systems. Its main focus is in the business layer of the application.

19. Name some most commonly used HTTP methods?

GET: It enables you to retrieve data from a server
POST: It enables you to  send data to a server to create/update a resource.  PUT: It lets you replace an existing file or resource in a server
DELETE: It lets you delete data from a server
PATCH: It is used to apply partial modifications to a resource
OPTIONS: It is used to describe the communication options for the target resource
HEAD: It asks for a response identical to that of a GET request, but without the response body

Note:HTTP PUT method is used to update an existing resource, while the POST method is used to create a new resource

20. Can you use GET request instead of PUT to create a resource?

No, GET request only allows read only rights. It enables you to retrieve data from a server but not create a resource. PUT or POST methods should be used to create a resource.

21. Difference between PUT and POST methods?

PUT and POST methods are sometimes confused in regards to when each should be used. Using POST request, our intent is to create a new object on the server whereas with PUT request, our intent is to update/replace an object by another object.

POST should be used when the client sends the page to the server and then the server lets the client know where it put it. PUT should be used when the client specifies the location of the page

API Error Codes

1.    400 Bad Request Error

2.    401 Unauthorized Error

3.    403 Forbidden Error

4.    404 Not Found Error

5.    408 Request Timeout Error

6.    500 Internal Server Error

7.    502 Bad Gateway Error

8.    504 Gateway Timeout Error

9.    505 HTTP Version Not Supported Error

10. 507 Insufficient Storage Error

11. 508 Loop Detected Error

 

If the status code is between 200 and 299 (inclusive), this indicates that the API call was successful. But if there’s an error, you’ll get a 4xx or 5xx status code.

4xx Status Codes – Client Error: The client (you, the API user) has sent a request that the server could not process correctly.

5xx Status Codes – Server Error: The server encountered an unexpected condition that prevented it from fulfilling the request.