Please find below mostly common API testing interview questions:
API Methods:
API Most Common Methods:
- GET
- POST
- PUT
- DELETE
- PATCH
Others Methods:
- HEAD
- TRACE
Authentication used in API
- Basic Authentication
- API Key
- Bearer Token
- OAuth 2.0
HTTP Request:
- Hyper Text Transfer Protocol
- Components:
- Request Method Type – Get, Post, etc.
- Endpoint
- Request Headers
- Request Body – In case of Post, put, etc.
Status codes – All five classes
- 100 – 199 series – Informational
- 200 – 299 series – Success
- 300 – 399 series – Redirection
- 400 – 499 series – Client Side Error
- 500 – 599 series – Server Side Error
Difference between POST and PUT API call
- POST is used to create the data while PUT is used for data update
- PUT call will create the data if data is not present
Headers in API
- Content-Type
- Keep-Alive
- x-api-key
Common API Status codes:
| Status Codes | Status Codes Meaning |
| 200 | OK |
| 201 | Created |
| 204 | No Content |
| 206 | Partial Content |
| 400 | Bad Request |
| 401 | Unauthorized |
| 403 | Forbidden |
| 404 | Not Found |
| 500 | Internal Server Error |
| 502 | Bad Gateway |
| 503 | Service Unavailable |
CRUD Operation: Create Read Update Delete
Cookie:
- Data sent by server to User’s browser
- Used for identifying requests if these are coming from same user
- Used for session management, server record
- Create cookie
- set-cookie:<Name>=<Value>
- Read more on cookie: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies
HTTP and HTTPS requests port number:
- HTTP – 80 Port
- HTTPS – 443 Port
Testing Points in an API:
- Status Code
- Response Time
- Authorization
- Response
Tools that can be used to test API manually:
- Postman
- JMeter
Full Form of REST:
REpresentational State Transfer Application Programming Interface
Read this article on security aspect of API testing: https://labs.detectify.com/2021/08/10/how-to-hack-apis-in-2021/
TestingAlternative 