Top API Testing Interview Questions & Answers
Question: What
is API Testing?
Answer:
API stands for Application Programming interface
details regarding how some software components must act together. In general
terms, API testing is a set of procedures and functions allowing the creation
of apps accessing data or features of an operating system or application. All
in all, testing of such procedures is acknowledged as API testing.
Question: What
are the common tests performed on API’s?
Answer:
The common tests performed on API’s
- Verification of the API whether it is
updating any data structure
- Verify if the API does not return anything
- Based on input conditions, returned values
from the API’s are checked
- Verification of the API whether it triggers
some other event or calls another API
Question: Mention the key difference between UI level testing and API testing?
Answer:
UI ( User Interface) refers to testing graphical interface such as how user
interacts with the applications, testing application elements like fonts,
images, layouts etc. UI testing basically focuses on look and feel of an
application.
While, API enables communication between two separate software
systems. A software system implementing an API contains functions or
sub-routines that can be executed by another software system.
Please Click on Download button to download this questions for your easy reference.
Question: What
are the advantages of API Testing?
Answer:
- Test for Core Functionality: API
testing provides access to the application without a user interface. The
core and code-level of functionalities of the application will be tested
and evaluated early before the GUI tests. This will help detect the minor
issues which can become bigger during the GUI testing.
- Time Effective: API
testing usually is less time consuming than functional GUI testing. The
web elements in GUI testing must be polled, which makes the testing
process slower. Particularly, API test automation requires less code so it
can provide better and faster test coverage compared to GUI test
automation. These will result in the cost saving for the testing project.
- Language-Independent: In API testing, data is exchanged
using XML or JSON. These transfer modes are completely
language-independent, allowing users to select any code language when
adopting automation testing services for the project.
- Easy Integration with GUI: API tests enable highly integrable
tests, which is particularly useful if you want to perform functional GUI
tests after API testing. For instance, simple integration would allow new
user accounts to be created within the application before a GUI test
started.
Question: How
to test API’s ?
Answer:
To test the API’s we should follow
the following steps
ร
Select the suite in which you want
to add the API test case
ร
Choose test development mode
ร
Develop test cases for the desired
API methods
ร
Configure application control
parameters
ร
Configure test conditions
ร
Configure method validation
ร
Execute API test
ร
View test reports
ร
Filter API test cases
ร
Sequence API test cases
Question: What are the principles of API test design?
Answer:
The principle for API test design are
Setup: Create objects, start services, initialize data etc
Execution: Steps to exercise API or scenario, also logging
Verification: Oracles to evaluate execution outcome
Reporting: Pass, failed or blocked
Clean up: Pre-test state
Question: What
are the common protocols that are used in API testing?
Answer:
รผ HTTP
รผ JMS
รผ REST
รผ SOAP
รผ UDDI
Question: Provided some best practices that are followed to
make API testing successful?
Answer:
Enlisted below are some best practices for API testing:
รผ Test cases should be grouped under category with
expected results that happen consistently and other typical results.
รผ Test cases should include selected parameters as well as
API call declarations.
รผ API load tests are performed to determine system
application stress.
รผ Maintain the limits of the variables used in the tests
as well as avoid ‘Test Chaining’.
รผ To make ease for the testers, API call is being
prioritized and call sequencing is planned.
รผ Every input combination and dependencies are considered
for complete test coverage.
รผ Automation of the test cases, documentation is done as
and when required.
Question: What
are the tools used for API testing?
Answer:
The different tools used for API testing are enlisted below:
รผ SOAPUI
รผ Postman
รผ Katalon Studio
รผ Rest Assured
รผ Jmeter
Please Click on Download button to download this questions for your easy reference.
Question: What is API framework?
Answer:
API
framework is described by the config file which consists of the list of all
APIs that are required to be activated and are activated for any particular
program run. This is essential as every test run does not require all APIs.
‘Config’
file purpose is to describe and enlist every configurable component within a
test run.
Question: Explain
API documentation?
Answer:
As it is well aware fact that, for
any foundation, there has to be a good documentation. API documentation
likewise serves as a quick reference for accessing library or working within a
program.
When we go through any such
documents, it must consist of a proper plan, content source, proper layout or
sketch for delivery, information related to each function, etc.
API documentation tools are:
รผ
JavaDoc
รผ
Doxygen
Enlisted below are the categories
in which every function is being documented which mainly revolve around the
parameters:
·
Function description
·
Sequence, syntax, and elements
required for each parameter.
·
Syntax and type of error message
that can occur.
·
Links related to functions.
Question: Name some most used templates for API documentation?
Answer:
Enlisted below are some free templates which makes API
documentation much easier and simple:
- Slate
- FlatDoc
- Swagger
- API
blueprint
- RestDoc
- Miredot
- Web
service API Specification.
Question: What are the testing methods that come under API testing?
Answer:
API testing generally involves following testing
methods:
- Unit testing and Functional testing
- Load testing for testing the performance
under load.
- Discovery testing for listing, creating and
deleting the number of calls that has been documented in API.
- Usability testing and Reliability testing
for obtaining consistent results.
- Security testing and Penetration testing for
validating all types of authentication.
- Automation testing for creating and
executing scripts that require API calls execution regularly.
- End to end Integration testing and Web UI
testing.
- API documentation testing for determining
its efficiency and effectiveness.
Question: What
is the difference between API and WebServices?
Answer:
Question: What
is SOAP?
Answer:
The term SOAP refers to Simple Object Access Control. In simple
terms, it is an XML based protocol that helps in exchanging information among
computers.
Question: What
is REST API?
Answer:
REST API is a set of functions helping developers in performing
requests along with receiving responses. Through HTTP protocol interaction is
made in REST API.
The term REST refers to Representational State Transfer. In very
short span of time, it has become an effective standard for API creation.
Please Click on Download button to download this questions for your easy reference.
Question: What
is a “Resource” in REST?
Answer:
REST architecture treats any content as a resource, which can be
either text files, HTML pages, images, videos or dynamic business information.
REST Server gives access to resources and modifies them, where each resource is identified by URIs/ global IDs.
Question: What
is messaging in RESTful Web services?
Answer:
RESTful
web services use the HTTP protocol as a communication tool between the client
and the server. The technique that when the client sends a message in the form
of an HTTP Request, the server sends back the HTTP reply is called Messaging.
These messages comprise message data and metadata, that is, information on the
message itself.
Question: what
is the difference between Rest and SOAP?
Answer:
Question: What
Is an HTTP Request?
Answer:
HTTP stands for Hypertext Transfer Protocol and is a way of
sending messages to software on another computer over the Internet or over a
Network.
An HTTP request is sent to a specific URL and consists of:
• VERB specifying the type of request e.g. GET, POST, PUT, DELETE
• A set of HTTP Headers. The headers specify information such as
the type of Browser,
type of content in the message, and what type of response is
accepted in return.
• A body, or payload in the request, representing the
information sent to, or from, the Web Application. Not all HTTP messages can
have payloads: POST and PUT can have payloads, GET and DELETE can not.
Question: What
Is a URL?
Answer:
URL is a Uniform Resource Locator and is the address we use to
access websites and web applications.
When working with APIs you will often see this referred to as a
URI (Uniform Resource Identifier).
Think of a URI as the generic name for a URL.
Question: What
Are HTTP Verbs?
Answer:
A Web Browser will usually make GET requests
and POST requests.
• GET requests ask to read information from the server
e.g. clicking on a link.
• POST requests supply information to the server e.g.
submitting a form.
GET requests do not have a body, and just consist of the
Verb, URL and the Headers.
Question: What
are the most commonly used HTTP methods supported by REST?
Answer:
GET- The GET method is used to extract information from the given
server using a given URI. While using GET request, it should only extract data
and should have no other effect on the data.
POST- A POST request is used to send data to the server, for
example, customer information, file upload, etc. using HTML forms.
PUT- Replaces all current representations of the target resource
with the uploaded content.
DELETE- Removes all current representations of the target resource
given by a URI.
Question: What
Is an HTTP Response?
Answer:
When
you issue an HTTP Request to the server you receive an HTTP Response.
The
response from the server tells you if your request was successful, or if there
was a problem.
• A
status code of 200, which means that the request was successful.
•
A Content-Type header of application/json which means that
the body is a JSON response.
• A
body which contains the actual payload response from the server.
Question: What
Is an HTTP Status Code?
Answer:
Web
Services and HTTP APIs use HTTP Status Codes to tell us what happened when the
server processed the request.
The
simple grouping for HTTP Status Codes is:
• 1xx
- Informational
• 2xx
- Success e.g. 200 Success
• 3xx
- Redirection e.g. 302 Temporary Redirect
• 4xx
- Client Error e.g. 400 Bad Request, 404 Not Found
• 5xx
- Server Error e.g. 500 Internal Server Error
The type of status code you receive depends on the application you are interacting with.
Usually
a 4xx error means that you have done something wrong and a 5xx error means that
something has gone wrong with the application server you are interacting with.
Question: What
Are Payloads?
Answer:
A
Payload is the body of the HTTP request or response.
When
browsing the Web, the Browser usually receives an HTML payload. This is
the web page that you see rendered in the Browser.
Typically
when working with an HTTP API we will send and receive JSON or XML payloads.
Question:What
Is JSON?
Answer:
JSON
stands for JavaScript Object Notation and is a text representation that is also
valid JavaScript code.
JSON can be thought of as a hierarchical set of key/value pairs
where the value can be:
• Object - delimited by { and }.
• Array - delimited by [ and ].
• String - delimited by " and ".
• Integer
An array is a list of objects or key/value pairs.
The keys are String values e.g. “projects”, “project”, “id”,
etc.
Question: What
Is a URL?
Answer:
URL is a Uniform Resource Locator and is the address we use to
access websites and web applications.When working with APIs you will often see this referred to as a
URI (Uniform Resource Identifier).
Think of a URI as the generic name for a URL.
Question: What
Is XML?
Answer:
XML
stands for Extensible Markup Language.HTML is a variant of XML.
For
XML to be valid, it must be well formed, meaning that every opening tag must
have a corresponding closing tag, and strings must have an opening and closing
quote.
Question: What
Is Authentication?
Answer:
When we send a message to a server we might need to be
authenticated i.e. authorized to send a message and receive a
response.
For many Web Applications you authenticate yourself in the
application by logging in with a username and password. The same is true for
Web Services or HTTP APIs.
If you are not authenticated and try to send a message to a
server then you are likely to receive a response from the server with a 4xx
status code e.g.
• 401 Unauthorized
• 403 Forbidden
There are many ways to authenticate HTTP requests for HTTP APIs.
Some common approaches you might encounter are:
• Custom Headers
• Basic Authentication Headers
• Session Cookies
Please Click on Download button to download this questions for your easy reference.
Question: Explain
the types of bugs that can be found using API testing?
Answer:
API is capable of finding many types of bugs that includes:
1. Stress
2. Security
3. Duplicate or missing functionality
4. Reliability
5. Unused flags
6. Performance
7. Incompatible error handling
8. Multi-threaded issues, and
9. Improper errors
2. Security
3. Duplicate or missing functionality
4. Reliability
5. Unused flags
6. Performance
7. Incompatible error handling
8. Multi-threaded issues, and
9. Improper errors
Question: What
are the common Web API architectural styles?
Answer:
Bellows are four common Web API architectural styles:
- HTTP
for client-server communication
- XML/JSON
as formatting language
- Simple
URI as the address for the services
- Stateless
communication
Question: What
must be checked when performing API testing?
Answer:
During the API testing process, a request is raised to the API
with the known data. This way you can analyze the validation response. While
testing an API, you should consider:
- Accuracy
of data
- Schema
validation
- HTTP
status codes
- Data
type, validations, order and completeness
- Authorization
checks
- Implementation
of response timeout
- Error
codes in case API returns, and
- Non-functional
testing like performance and security testing
Question: What is the best approach method to perform API testing?
Answer:
The following factors should be considered when performing API
testing:
- Defining
the correct input parameters
- Verifying
the calls of the mixture of two or more added value parameters
- Defining
the basic functionality and scope of the API program
- Writing
appropriate API test cases and making use of testing techniques such as
equivalence class, boundary value, etc. to check the operability
- Testing
case execution
- Comparing
the test result with the expected result
- Verifying
the API behavior under conditions such as connection to files and so on.
Question: What
are common API errors that often founded?
Answer:
- Missing
module errors
- Documentation
errors
- Parameter
validation errors
- And
some standard error expectations as if the result is not so predicted then
the occurrence of errors can be seen and for the same warnings are
specified in the form of a message. There can be one or more warnings
within an individual module.
Question: What
all challenges you faced during API testing?
Answer:
Challenges are the part of every
form of testing and the same goes with API testing too.
Mentioned below are some common challenges that are faced in API
testing:
· The first and foremost challenge is selecting an appropriate parameter and then its combination.
· Parameter categorization
· Proper sequencing of call is required as this may lead to inadequate coverage in testing.
· Output verification and validation
· Another important challenge is providing input values, which is very difficult as GUI is not available in this case.
· The first and foremost challenge is selecting an appropriate parameter and then its combination.
· Parameter categorization
· Proper sequencing of call is required as this may lead to inadequate coverage in testing.
· Output verification and validation
· Another important challenge is providing input values, which is very difficult as GUI is not available in this case.
Question: What
are the types of Issues observed while performing API testing?
Answer:
When testing is performed, then there have to be issues
associated with them. Issues observed while performing this form of testing are
not new or much different, but they are common in this category.
Find below the list of such issues/defects:
- Inconsistent
or absence of error handling mechanism
- Repetition
or redundancy of the functionalities
- Missing
required functionality in some cases
- Passing
incorrect argument to the input values
- Improper
messaging
- Stress
and performance issues
- Reliability
issues with respect to connection with other APIs
- Multi-threading and improper handling issues.
Any post on API testing Terminology
Reply