API Testing Interview Questions For Experienced


API Testing Interview Questions For Experienced

Most Frequently asked API Testing Interview Questions For Experienced.

Below is the list of most frequently asked API Testing Interview Questions For Experienced. Please visit the next section also for further questions on this list.

1. What is an API?

API (Application Programming Interface) is a software intermediary that enables two applications to communicate with each other. HTTP-based API is often called a Web API since they are used to access Web Applications which are deployed to Servers accessible over the Internet or network. Applications that are accessed via HTTP APIs are often called Web Services. Mobile Applications often use Web Services and REST APIs to communicate with servers to implement their functionality. The Mobile Application processes the message returned from the Web Service and displays it to the User in the application GUI. So again, the user is unaware that HTTP requests are being made or of the format of the requests and responses.

2. Explain what is an HTTP request?

Hypertext Transfer Protocol is a way of sending messages to software on another computer over the internet or over a network.

An HTTP request is sent to a specific URL and consists of:

  • a VERB specifying the type of request e.g. GET, POST, PUT, DELETE

  • A set of HTTP Headers. The headers specify information such as the type of browser, type of content in the message, and what type of response is accepted in return.

  • A body, or payload in the request, representing the information sent to, or from, the Web Application. Not all HTTP messages can have payloads: POST and PUT can have payloads, GET and DELETE do not.

3. What is a URL?

This is the most common question in API testing interviews.

URL is a Uniform Resource Locator and is the address we use to access websites and web applications. When working with APIs you will often see this referred to as a URI (Uniform Resource Identifier). We can think of a URI as the generic name for a URL. When we have to call an HTTP API we need the URL for the endpoint we want to call e.g


This is the locator that says “I want to call the “java-interview-questions-on-string” resource located at “allstq.com” using the http protocol”.

The above URL can be broken down into the form:


• scheme-HTTP
• host-allstq.com
• resource-java-interview-questions-on-string

A larger form for a URL is:


The query is a way of passing parameters in the URL to the endpoint e.g. Google uses query parameters to define the search term and the page:


4. Describe what are HTTP verbs.

A web browser will usually make GET requests and POST requests.
GET requests to ask to read information from the server e.g. clicking on a link.

POST requests supply information to the server e.g. submitting a form.

GET requests do not have a body, and just consist of the Verb, URL, and the Headers.

POST requests can have a payload body.

When working with a Web Application or HTTP API the typical HTTP Verbs used are:

  • GET, to read information.
  • POST, to create information.
  • PUT, to amend or create information.
  • DELETE, to delete information.

5. What is an HTTP response?

When you issue an HTTP Request to the server you receive an HTTP Response. The response from the server tells you if your request was successful, or if there was a problem.

Response contains

  • status code of 200, which means that the request was successful.
  • content-Type header of application/JSON means that the body is a JSON response
  • body that contains the actual payload response from the server.

6. What is an HTTP status code?

Web Services and HTTP APIs use HTTP Status Codes to tell us what happened when the server processed the request.

The simple grouping for HTTP Status Codes is:

• 1xx – Informational
• 2xx – Success e.g. 200 Success
• 3xx – Redirection e.g. 302 Temporary Redirect
• 4xx – Client Error e.g. 400 Bad Request, 404 Not Found • 5xx – Server Error e.g. 500 Internal Server Error

The type of status code you receive depends on the application you are interacting with. Usually, a 4xx error means that you have done something wrong and a 5xx error means that something has gone wrong with the application server you are interacting with.

Wikipedia List of HTTP Status Code

7. Explain what are payloads?

A Payload is the body of the HTTP request or response. When browsing the Web, the Browser usually receives an HTML payload. This is the web page that you see rendered in the Browser. Typically when working with an HTTP API we will send and receive JSON or XML payloads.

 “projects”: {

  “project”: [


   “id”: 198,
   “name”: “Taboo xyx”, “position”: 8,
   “description”: “”,
   “state”: “active”,





8. What Is JSON?

JSON stands for JavaScript Object Notation and is a text representation that is also valid JavaScript code. JSON can be thought of as a hierarchical set of key/value pairs where the value can be:

  • Object-delimitedby{and}.

  • Array-delimitedby[and].

  • String-delimited by”and”.

  • Integer

An array is a list of objects or key/value pairs.
The keys are String values e.g. “projects”, “project”, “id”, etc.

9. Explain what do you mean by XML?

XML stands for Extensible Markup Language. HTML is a variant of XML.

A New Projectaniheeiadtatd



XML is constructed from nested elements

  • An element has an opening and closing tag e.g. and

– The tag has a name i.e. state.
– Opening tag begins with < and ends with >e.g.
– The closing tag begins with </ and ends with > e.g.

An element has a value, which is the text between the tags e.g. the state element has a value of active.

  • An element can have attributes, these are always within the opening tag e.g. the id element () has an attribute named type with a value of “integer”.

  • Elements can contain other Elements. These are called Nested Elements. e.g. the element of the project has a nested element called project.

For XML to be valid, it must be well-formed, meaning that every opening tag must have a corresponding closing tag, and strings must have an opening and closing quote.

Some elements do not have a closing tag, these are self-closing. The opening tag, instead of ending with > actually ends with /> you can see this in the element.

10- What are HTTP headers?

HTTP messages have the Verb and URL, followed by a set of headers, and then the optional payload.

POST https://allstq.com/java-interview-questions-on-string/ HTTP/1.1 Host: https://allstq.com/
Content-Type: application/json
Accept: application/json


The headers are a set of metadata for the message.

Headers are a name, followed by the value of the header. The above HTTP message example has three headers:

• Host

• Content-Type

• Accept

The Host header defines the destination server domain name.

The Content-Type header tells the server that the content of this message is JSON.

The Accept header tells the server that the client (application sending the message) will only accept response payloads represented in JSON.

11. Define Authentication.

When we send a message to a server we might need to be authenticated i.e. authorized to send a message and receive a response.

For many Web Applications, you authenticate yourself in the application by logging in with a username and password. The same is true for Web Services or HTTP APIs.

If you are not authenticated and try to send a message to a server then you are likely to receive a response from the server with a 4xx status code e.g.

• 401 Unauthorized

• 403 Forbidden

There are many ways to authenticate HTTP requests for HTTP APIs. Some common approaches you might encounter are:

• Custom Headers

• Basic Authentication Headers

• Session Cookies

12. What is REST?

REST stands for Representational State Transfer and it has a formal definition, which you can read in Roy Fielding’s Ph.D. thesis, it very often means that the API will respond to HTTP verbs as commands. e.g.

• GET, to read information.
• POST, to create information.
• PUT, to amend the information.
• DELETE, to delete information.

The documentation for the particular system you are testing will describe how the API has interpreted REST if they have described their API as a REST API.



For more API Testing Interview Question visit ALLSTQ

Wikipedia API