Top 10 Rest API Interview Questions and Answers

Rest stands for Representational State Transfer. RESTful web services are used to create Application Programming interfaces or APIs where clients and servers use a standard protocol and interface for the exchange of resources. HTTP is the protocol used for REST.

URI stands for Uniform Resource Identifier, which is a string of characters used to identify a resource by either its name, address or both. URI has two sub-branches:

• URI that specifies the name is called URN (Uniform Resource Name)
• URI that specifies the location is called URL (Uniform Resource Locator)

The identifier that specifies both name and location is URI. Since two or more resources can have the same name, that is the reason why we are more familiar with URLs instead of URNs.

• RESTful web services are faster because of the role of the HTTP standard it follows. It consumes less bandwidth and is faster than SOAP and consumes fewer resources.
• Highly compatible with SOAP.
• Independent of all the platforms and can be written in any programming language.
• RESTful Web Services allows the usage of multiple data formats. Example: HTML, JSON, XML, etc providing more flexibility for developers to use any language as per convenience.

HTTP status codes play a vital role in communicating between clients and servers. Understanding these codes is essential for web developers and administrators to troubleshoot problems and ensure the smooth operation of web applications. HTTP status codes are a crucial aspect of the Internet, which allows communication between clients (such as web browsers) and servers. These codes provide a standardized way of communicating the outcome of a request made by a client to a server. The status codes are three-digit numbers that are embedded in the HTTP header of a web page response. They indicate the status of the request, whether it was successful or not, and why it failed, if applicable. These codes are defined by the W3C, which is responsible for developing and maintaining web standards. The codes are grouped into five classes i.e. Informational class, Success class, Redirection class, Client Error class, and Server Error class.

• 1xx (Informational): The request has been received and is being processed by the server.
• 2xx (Successful): The request was received successfully, understood, and accepted.
• 3xx (Redirection): The client must complete the request by taking additional actions.
• 4xx (Client error): The request has bad syntax and cannot be fulfilled by the server.
• 5xx (Server error): A valid request was not fulfilled by the server.

• 200 OK: The request was accepted and the server has sent the requested data.
• 301 Permanently Moved: The requested resource was permanently moved to a different URL.
• 404 Not Found: The requested resource couldn't be found on the server.
• 500 Internal Server Error - An error occurred while processing the request.

• Web services and APIs are two terms that are often used interchangeably, but there are some differences between them. An API (Application Programming Interface) is a set of protocols, routines, and tools for building software applications. A web service is a type of API that can be accessed over a network and uses standardized protocols for communication.
• Web services typically have a heavyweight design and use SOAP conventions to send and receive data over the network. APIs, on the other hand, have a lightweight architecture and are often used for mobile or IoT devices that have limited bandwidth and processing power.
• Web services typically support only the HTTP protocol, while APIs can support a variety of protocols, including HTTP/s, TCP, and UDP. APIs also support multiple data formats, such as XML and JSON.
• While web services can be consumed by any client that understands XML, APIs can be open-source and shipped with software development kits (SDKs) like .NET
• Web services can be hosted on IIS, while APIs can be hosted on IIS or self-hosted using a lightweight web server.

API usage is subject to several limits, which can vary depending on the API provider. To avoid hitting API usage limits, it's important to monitor your usage and stay within limits set by the API provider. You can also implement caching strategies to reduce the number of requests you need to make or optimize your queries to retrieve only the data you need. Here are some common limits that you may encounter when using APIs:

• Rate limits: APIs can limit the number of requests you can make within a specific time frame. For example, an API may limit you to 100 requests per minute or 1000 requests per day. These limits are in place to prevent abuse and ensure that the API is available to all users.
• Quotas: APIs may also limit the total number of requests you can make over a longer period of time, such as a month. Quotas are typically used to manage resource consumption and prevent overloading the API provider's servers.
• Request size limits: APIs may limit the size of individual requests to prevent abuse or protect against denial-of-service attacks. These limits may vary depending on the API and can be enforced in different ways, such as by restricting the size of request headers or the maximum number of parameters.
• Response size limits: APIs may also limit the size of the responses they return to clients. For example, an API may limit the number of records returned in a single response or the size of the response body. To retrieve more data, you may need to make multiple requests and paginate through the results.
• Throttling: APIs may slow down or block requests from clients that exceed certain limits. Throttling is typically used to protect against the overuse of resources or to ensure fair usage among all clients.

API testing refers to the process of testing Application Programming Interfaces (APIs), which are the interfaces through which software applications communicate with each other.

API testing involves verifying whether an API fulfills the functional, performance, and security requirements defined for it. It typically involves sending requests to the API, receiving responses, and validating that the responses meet the expected behavior.

API testing can be performed manually, using tools like cURL or Postman, or through automated testing frameworks that can simulate the interactions between the application and the API. The objective of API testing is to ensure that the API behaves as expected and is able to handle a variety of inputs and usage scenarios, thus enabling the application to perform optimally.

API (Application Programming Interface) testing is the process of testing the functionality, performance, reliability, and security of an API. Here are some of the advantages of API testing:

• Early Detection of Bugs: API testing allows developers to detect bugs and issues early in the development process. This helps to save time and money in the long run.
• Reduced Testing Time: API testing requires less time compared to other types of testing. This is because it eliminates the need for UI testing and focuses only on the core functionality of the API.
• Automation: API testing can be easily automated using testing tools. This saves time and effort for developers, and ensures consistency in testing.
• Improved Quality: API testing helps to improve the quality of the software by identifying issues and bugs early in the development process. This leads to a more stable and reliable product.
• Security: API testing helps to identify security vulnerabilities in the API. This is important as APIs are often a target for cyber attacks.
• Better Collaboration: API testing promotes better collaboration between developers and testers. This is because it provides a common ground for both teams to work together.

In summary, API testing helps to improve the quality of software by detecting bugs and issues early, reducing testing time, improving security, and promoting better collaboration between developers and testers.

REST (Representational State Transfer) and SOAP (Simple Object Access Protocol) are two different architectural styles for building web services, and they differ in several aspects:

• XML as a Transport format is used for SOAP while REST generally uses JSON.
• SOAP relies on its own protocol, which is based on XML, while REST is based on the HTTP protocol.
• SOAP requires a specific message format and enforces it using a WSDL (Web Services Description Language) file, while REST does not need any specific message format which allows developers to use their own choice of format.
• SOAP supports a wider range of operations, including advanced messaging patterns like message queuing and security, while REST only supports basic CRUD (Create, Read, Update, Delete) operations.
• REST is based on a URI (Uniform Resource Identifier) model while SOAP is based on an XML model.
• REST is generally considered to be more lightweight and flexible than SOAP, while SOAP is more powerful and suitable for enterprise applications with more complex messaging requirements.

• Annotations are a key feature of the Spring framework and are used to mark classes and methods to provide metadata to the Spring container.
• We use @ResponseBody in all handling methods in @Controller to indicate that the method returns the response in the body of the response object. On the other hand, in @RestController, we don’t need to use @ResponseBody on every handler method since @RestController combines @Controller and @ResponseBody.
• @Controller is used for traditional Spring MVC controllers that return views, while @RestController is used for RESTful web service controllers that return data directly.
• @Controller first appeared in Spring 2.5 version whereas @RestController started in Spring 4.0 version.