8) What must be checked when performing API testing?

– Accuracy of data

– Schema validation

– HTTP status codes

– Data type, validations, order and completeness

– Authorization checks

– Implementation of response timeout

– Error codes

– Non-functional testing like performance and security testing

6) What are the advantages of API testing?

– Early testing

– Easier Test Maintenance

– Faster Test Execution

– Greater coverage

– Language Independent

7) What are the different types of API Testing?

– Functional Testing

– Validation Testing

– Load Testing

– Performance Testing

– Security Testing

– Schema Validation

– Error Detection

11) What are major challenges faced in API testing?

– Parameter Selection

– Parameter Combination

– Call sequencing
– Output verification and validation

13) What makes an API Restful?

For an API to be RESTful, it must adhere to the following rules:

Stateless—A REST API is stateless in nature, Client-Server

Architecture
Uniform Interface—A client and server should communicate with
one another via HTTP using URIs, CRUD (Create, Read, Update,
Delete) and JSON conventions.
17) What are the core components of an HTTP request?
An HTTP request contains five key elements:

– An action showing HTTP methods like GET, PUT, POST, DELETE.

– Uniform Resource Identifier (URI), which is the identifier for the

resource on the server.

– HTTP Version, which indicates HTTP version

– Request Header, which carries metadata (as key-value pairs) for

the HTTP Request message.

– Request Body, which indicates the message content or resource

representation.

26) What is the purpose of HTTP Status Code? 

HTTP Status code are standard codes and refers to predefined status of
task done at server. For example, HTTP Status 404 states that
requested resource is not present on server.
Below are some of the common status codes:

– 200: OK, shows success.

– 201: CREATED, when a resource is successful created using POST

or PUT request. Return link to newly created resource using location
header.

– 304: NOT MODIFIED, used to reduce network bandwidth usage in

case of conditional GET requests. Response body should be empty.
Headers should have date, location etc.

– 400: BAD REQUEST, states that invalid input is provided e.g.

validation error, missing data.

– 401: FORBIDDEN, states that user is not having access to method

being used for example, delete access without admin rights.
– 404: NOT FOUND, states that method is not available.

– 409: CONFLICT, states conflict situation while executing the

method for example, adding duplicate entry.

– 500: INTERNAL SERVER ERROR, states that server has thrown

some exception while executing the method.

6. What are some common API errors?

 In the list of API interview questions, this seems to be a more
advanced question. Here are some suggested answers:
 Missing module errors
 Documentation errors
 Parameter validation errors
 Some other standard error expectations: if the result is not so
predicted, then the occurrence of errors can be seen and for the
same warnings are specified in the form of a message. There can be
one or more warnings within an individual module.
Which principles need to be considered when creating an API test
design?
 Setup: Create objects, start services, and initialize the data
 Execution: Steps to apply API or the scenario, including logging
 Verification: Oracles to evaluate the result of the execution
 Reporting: Pass, failed, or blocked
 Clean up: Pre-test state
3). Do you know about the common tests performed on the APIs?

Here is the list of common tests that are performed on APIs –

 You should verify the API first and check either it is updating any data
structure or not.
 You need to check either API returns anything.
 As per the given parameters or values, the values returned by APIs need
to check.
 Verify the API either it triggers any other event or calling another API.

 What are the different principles of API testing design?

  The major principles include – Setup, Execution, Verification, Reporting,
and Clean up etc.

What are the possible number of bugs can be detected with API testing?

 These are duplicate content errors, stress, tough error conditions, reliability
issues, performance issues, inconsistency, multi-threading issues, not
used flags, improper errors and more.

1:If I progrmmed something and API developers missed something to

add how we will verify that field was missing
2:Why bad request ?
3:Response Body is getting 200 OK but not getting any response(Its bug)
4:Why Parameterization in the API??
5:Authorization/Authentication
6:Variable types in API
7:Check redundancy is possible or not in the variable names
8:How do we remove local variables
9:Newmen ?
10:API ?
11:Challenges in the API Testing
12:How do we verify If user getting is 200 OK response(Max no ways to verify)
13:What type regression issues should be appear If new field added/removed ?
14:Rest Assured ??
15:Java ?
16:Few Mendatory/few Numeric/Few Strings what kind of API testing should be perform
a)Which type of response
b)Which type of error