Top 40 API Testing Interview Questions and Answers

Given-When-Then is a testing methodology used in API testing to define the preconditions, actions, and expected outcomes of a test case.

• Given: Defines the preconditions or initial state of the system

• When: Defines the actions or events that occur in the system

• Then: Defines the expected outcomes or results of the actions taken

There are several status codes available in API testing to indicate the outcome of a request.

• 200 - OK: The request was successful

• 201 - Created: The request was successful and a new resource was created

• 400 - Bad Request: The request was invalid or could not be understood

• 401 - Unauthorized: Authentication is required and has failed or has not been provided

• 403 - Forbidden: The server understood the request but refuses to authorize it

• 404 - Not Found: The requested resource could ...read more

Variables in Postman are used to store and reuse values throughout requests and scripts.

• Variables can be defined at different scopes such as global, collection, environment, and local.

• Variables can be set using the syntax {{variable_name}}.

• Variables can be used in request URLs, headers, body, and scripts.

• Examples: {{baseUrl}}, {{accessToken}}, {{randomNumber}}

Important HTTP methods in Postman include GET, POST, PUT, PATCH, and DELETE.

• GET: Used to retrieve data from a server. Example: GET request to fetch user details.

• POST: Used to submit data to a server. Example: POST request to create a new user.

• PUT: Used to update data on a server. Example: PUT request to update existing user details.

• PATCH: Used to partially update data on a server. Example: PATCH request to update user's email address.

• DELETE: Used to delete data on a server. E...read more

API stands for Application Programming Interface. Bottom-up testing is a testing approach that starts from the lowest level of the software.

• API is a set of protocols, routines, and tools for building software applications.

• API allows different software applications to communicate with each other.

• Bottom-up testing is a testing approach that starts with testing the smallest and lowest level components of the software.

• Bottom-up testing is also known as unit testing.

• Examples of AP...read more

To automate API using Selenium WebDriver, we can use tools like RestAssured and create test scripts to interact with API endpoints.

• Use RestAssured library to send HTTP requests and validate responses

• Create test scripts to interact with API endpoints and verify data

• Utilize Selenium WebDriver to automate the process of sending requests and validating responses

Pre requisites of API testing include understanding of API documentation, knowledge of HTTP methods, familiarity with testing tools.

• Understanding of API documentation

• Knowledge of HTTP methods (GET, POST, PUT, DELETE)

• Familiarity with testing tools like Postman or SoapUI

• Ability to write test cases for API endpoints

• Understanding of status codes and response formats

API testing is a type of software testing that involves testing APIs directly and ensuring they meet functional and performance requirements.

• API testing involves testing the functionality, reliability, performance, and security of APIs

• It can be done manually or using automated tools

• API testing can be done at different levels such as unit, integration, and end-to-end testing

• Examples of API testing tools include Postman, SoapUI, and JMeter

The test plan includes X number of APIs for performance testing.

• Identify all APIs to be tested for performance

• Include both internal and external APIs

• Consider different types of APIs such as REST, SOAP, GraphQL

• Ensure APIs are properly documented in the test plan

API testing is a type of software testing that involves testing APIs to ensure they meet functional and performance requirements.

• API testing involves testing the functionality, reliability, performance, and security of APIs

• Load testing is a type of performance testing that involves testing the system's ability to handle a large number of users or requests

• Load testing can be used to identify bottlenecks and performance issues in the system

• Examples of API testing tools include ...read more

CRUD stands for Create, Read, Update, Delete - the four basic functions of persistent storage.

• Create - testing the ability to create new resources through API calls

• Read - testing the ability to retrieve existing resources from the API

• Update - testing the ability to modify existing resources through API calls

• Delete - testing the ability to remove resources from the API

To write a post query in RestAssured, use the given() method to set request parameters and body, then use the post() method to send the request.

• Use given() method to set request parameters and body

• Use post() method to send the request

• Example: given().param("key", "value").body("{\"name\": \"John\"}").post("/endpoint")

Common bugs in API testing include incorrect data formats, authentication issues, and performance problems.

• Incorrect data formats such as missing or incorrect parameters

• Authentication issues like invalid tokens or permissions

• Performance problems such as slow response times or timeouts

API stands for Application Programming Interface. API testing involves testing the functionality, reliability, performance, and security of APIs.

• API is a set of rules and protocols that allows different software applications to communicate with each other.

• API testing involves verifying the functionality of API calls, data retrieval, authentication, error codes, and response times.

• API testing can be done using tools like Postman, SoapUI, or writing automated test scripts using...read more

The main HTTPS requests in API testing are GET, POST, PUT, DELETE.

• GET request is used to retrieve data from the server

• POST request is used to submit data to the server

• PUT request is used to update existing data on the server

• DELETE request is used to remove data from the server

API testing is a type of software testing that involves testing APIs directly and verifying their functionality, reliability, performance, and security.

• API testing involves testing the communication between different software systems

• It verifies the functionality, reliability, performance, and security of APIs

• API testing can be performed using tools like Postman, SoapUI, and JMeter

• API testing can be automated using scripting languages like JavaScript and Python

To create a payload for API testing, you need to understand the API endpoints, parameters, and expected data formats.

• Identify the API endpoints and the type of request (GET, POST, PUT, DELETE, etc.)

• Understand the parameters required for the API request (query parameters, headers, body)

• Refer to API documentation for details on expected data formats and sample payloads

• Use tools like Postman or Swagger to easily create and test payloads

• Ensure the payload includes valid data to t...read more

HTTP methods used in API testing include GET, POST, PUT, DELETE, PATCH, and OPTIONS.

• GET - Used to retrieve data from the server

• POST - Used to submit data to the server

• PUT - Used to update existing data on the server

• DELETE - Used to remove data from the server

• PATCH - Used to partially update data on the server

• OPTIONS - Used to retrieve information about the communication options available for a resource

API testing with Rest API involves testing the functionality, performance, and security of API endpoints.

• Understand the API documentation to identify endpoints, parameters, and expected responses

• Test different HTTP methods like GET, POST, PUT, DELETE

• Verify response codes, headers, and payload data

• Perform boundary value analysis and negative testing

• Use tools like Postman or RestAssured for automation testing

• Validate authentication and authorization mechanisms

• Check for data con...read more

Performance testing procedures for API involve load testing, stress testing, and scalability testing.

• Conduct load testing to determine how the API performs under normal and peak load conditions.

• Perform stress testing to evaluate the API's stability and reliability under extreme conditions.

• Conduct scalability testing to assess the API's ability to handle increased workload by adding more resources.

• Monitor response times, throughput, and error rates during testing to identify p...read more

API testing involves checking various response codes to ensure the API functions correctly.

• Test for common response codes like 200 (OK), 400 (Bad Request), 401 (Unauthorized), 404 (Not Found), 500 (Internal Server Error)

• Verify the response code matches the expected result based on the API request

• Use tools like Postman or RestAssured to automate API testing and check response codes

• Check for edge cases where the API may return unexpected response codes

RestAssured can be used to automate the Login API by sending HTTP requests and validating responses.

• Use RestAssured library to send HTTP requests to the Login API endpoint

• Include the necessary authentication credentials in the request header or body

• Validate the response status code and body to ensure successful login

• Use assertions to verify expected response values

• Implement test cases for different scenarios such as invalid credentials or expired tokens

API testing in Tosca involves validating the functionality and performance of APIs using Tosca automation tool.

• Create API test cases in Tosca by defining input data, expected output, and assertions

• Execute API test cases using Tosca to validate API responses

• Verify API performance by analyzing response times and throughput

• Integrate API testing with Tosca with other testing activities for end-to-end testing

• Use Tosca's reporting and analysis features to track API test results

API testing involves testing different methods of APIs to ensure they function correctly.

• API methods include GET, POST, PUT, DELETE

• GET method is used to retrieve data from the server

• POST method is used to send data to the server

• PUT method is used to update existing data on the server

• DELETE method is used to remove data from the server

QA artifacts are documents or deliverables that are created during the QA process to support testing activities.

• QA artifacts include test plans, test cases, test scripts, test data, and test reports.

• These artifacts help in organizing and documenting the testing process.

• They provide a reference for test execution, tracking defects, and reporting test results.

• Examples of QA artifacts are test plans that outline the testing approach, test cases that describe the steps to be exec...read more

Playwright is a tool that can be used for API automation testing.

• Playwright can be used to automate API calls and test responses.

• It supports multiple programming languages like JavaScript, Python, and C#.

• Playwright provides a simple and intuitive API for interacting with web services.

• It allows for easy setup and execution of API tests.

• Playwright can be integrated with testing frameworks like Jest or Mocha for comprehensive testing.

Json path converter is used in API testing to extract data from JSON responses.

• Json path converter is a tool used to extract specific data from JSON responses in API testing.

• It allows testers to easily navigate through complex JSON structures and retrieve the required information.

• Examples of Json path expressions include $.store.book[0].title to extract the title of the first book in a JSON response.

• Json path expressions can also include filters and conditions to extract data...read more

To re-run a failed API, you can follow these steps

• Identify the reason for the failure by checking error logs or response codes

• Make necessary corrections to the request parameters or code

• Retry the API call using tools like Postman or by updating the code

• Monitor the response to ensure the issue has been resolved

Status codes in API testing indicate the outcome of the request made to the API.

• 200 - OK: Request was successful

• 201 - Created: Request resulted in a new resource being created

• 400 - Bad Request: Request was invalid

• 401 - Unauthorized: Request requires authentication

• 404 - Not Found: Resource not found

• 500 - Internal Server Error: Server encountered an error

API testing using Postman involves sending requests to an API and validating the response.

• Create a new request in Postman and enter the API endpoint

• Select the appropriate HTTP method (GET, POST, PUT, DELETE, etc.)

• Add headers, parameters, and body if necessary

• Send the request and check the response for correctness

• Use assertions to validate the response data

Variables in Postman are placeholders that can be used to store and reuse values in requests and scripts.

• Variables in Postman are denoted by enclosing them in double curly braces like {{variable_name}}

• Variables can be defined at different scopes such as global, environment, and local

• Variables can be used to store values like API keys, tokens, and dynamic data

• Variables can be dynamically updated using scripts or pre-request scripts

Status codes of REST Assured API responses are used to indicate the outcome of the request.

• Status code 200 - OK: Indicates that the request was successful.

• Status code 201 - Created: Indicates that a new resource was successfully created.

• Status code 400 - Bad Request: Indicates that the request was malformed or invalid.

• Status code 401 - Unauthorized: Indicates that authentication is required.

• Status code 404 - Not Found: Indicates that the requested resource was not found.

• Statu...read more

API testing involves testing the various HTTP methods like GET, POST, PUT, DELETE, etc.

• API testing ensures that the API functions correctly and meets the requirements

• Common HTTP methods used in API testing include GET, POST, PUT, DELETE

• Each HTTP method has a specific purpose in API testing, such as retrieving data with GET or updating data with PUT

• API testing tools like Postman or SoapUI can be used to test HTTP methods

Response codes in API testing indicate the status of the request made to the API.

• 200 - OK: Request was successful

• 400 - Bad Request: Invalid input or missing parameters

• 401 - Unauthorized: Authentication required

• 404 - Not Found: Resource not found

• 500 - Internal Server Error: Server-side issue

restAssured is a Java library for API testing, commonly used for testing RESTful APIs.

• restAssured is a Java library that simplifies API testing by providing a fluent interface for making HTTP requests and validating responses.

• It can be used to test RESTful APIs by sending requests (GET, POST, PUT, DELETE) and verifying the responses.

• Assertions can be made on response status codes, headers, body content, and more.

• Example: Given().when().get("https://api.example.com/users").the...read more

API testing involves verifying the functionality, reliability, performance, and security of APIs.

• Create test cases to verify the functionality of each API endpoint

• Test for reliability by checking for consistent responses under different conditions

• Performance testing involves measuring response times and throughput

• Security testing includes checking for vulnerabilities like injection attacks

• Use tools like Postman, SoapUI, or JMeter for automated testing

Status codes in API testing indicate the outcome of a request made to the API.

• 200 - OK: Request was successful

• 400 - Bad Request: Invalid input or missing parameters

• 401 - Unauthorized: Authentication required

• 404 - Not Found: Resource not found

• 500 - Internal Server Error: Server-side issue

Validating API through Postman involves sending requests, receiving responses, and verifying data.

• Create a new request in Postman and enter the API endpoint

• Add any required headers, parameters, or body data

• Send the request and check the response status code

• Verify the response body for expected data or values

• Use assertions in Postman to validate response data

• Save the request in a collection for future testing

Contract testing in API involves verifying the interactions between different services based on predefined contracts.

• Contract testing ensures that each service meets the expectations set by the contract.

• It helps in detecting issues early in the development cycle.

• Popular tools for contract testing in APIs include Pact and Spring Cloud Contract.

Test cases for Login API

• Verify valid username and password login successfully

• Verify invalid username and password combination fails to login

• Verify login with empty username or password fails

• Verify login with special characters in username or password fails