API Flashcards
- What are API’s?
API is an acronym for Application Programming Interface which serves as a method of communication between two systems.
The API layer transmits and translates between 2 or more separate software systems. APIs work using requests and responses. When an API requests information from a web application or web server, it will receive a response.
- What is a Web Service? API vs Web Service?
Web services are simply API’s available over the web. They are API’s that require an internet connection and can only be accessed through a web service URL.
Remember: All Web Services are APIs, but not all APIs are Web Services.
- What type of Web Services do you know? What are the differences?
There are 2 types of web services:
1) SOAP web services (Simple Object Access Protocol) - is based on transferring only XML data as SOAP Messages. SOAP is more secure; however, it is slower than REST. A SOAP web service is developed based of the rules and guidelines set by the W3C consortium 2) RESTful web services (REST API- Representational State Transfer) - that uses different representations to exchange and transfer data in JSON, XML or TEXT format. REST is lightweight because developers have more flexibility to develop the web service the way they desire and don’t need to follow guidelines set by W3C consortium and it is less secure compared to SOAP, but it is faster.
- Which Protocol is used by RESTful Web Services?
RESTful web services use HTTP/HTTPS protocols as a medium of communication between client and server.
- Most Commonly Used HTTP Methods supported by REST?
POST – It submits information to the service for processing; it should typically return the modified or new resource → Create
GET -It requests a resource at the request-URI. It should not contain a request body → Retrieve
PUT – Replaces all current representations of the target resource with the uploaded content → Update
PATCH – Updates only a selected key-paired value → Update
DELETE – Removes all current representations of the target resource given by a URI → Delete
- Can a GET request be used instead of PUT to create a resource?
The POST or PUT method should be used to create a resource. PUT can be used to update a resource. GET is only used to request data from a specified resource.
- What are the differences between PUT and POST requests?
Using POST request, our intent is to create a new object on the server whereas with PUT request, our intent is to replace an object by another object (Update)
- Which HTTP Status codes do you know?
1xx → Informational
2xx → Success (request was accepted successfully) (200→ Ok, 201→ Created, 202→ Accepted, 204→ No Content)
3xx → Redirection
4xx → Client Error (400-Bad Request, 401-Unauthorized, 403-Forbidden, 404-Not Found, 405-Method not Allowed)
5xx → Server Error (500-Internal server Error, 501-Not implemented, 502-Bad Gateway,503-Service Unavailable)
- What is API Testing?
A type of testing which determines if the developed APIs meet expectations regarding functionality, reliability, performance and security of the application.
We test to verify that we get what is expected. We will have to verify a few areas of the response body and also status codes.
- What are the advantages of API Testing?
Test for Core Functionality: API testing provides access to the application without a user interface. The core and code-level of functionality of the application will be tested and evaluated early before the GUI tests. This will help detect the minor issues which can become bigger during the GUI testing.
Time Effective: API testing usually is less time consuming than functional GUI testing. The web elements in GUI testing must be polled, which makes the testing process slower. API test automation requires less code so it can provide better and faster test coverage compared to GUI test automation. These will result in the cost saving for the testing project.
Language-Independent: In API testing, data is exchanged using XML or JSON. These transfer modes are completely language-independent, allowing users to select any code language when adopting automation testing services for the project.
Supporting business models: We need to test web services for many business-related reasons. Think about a third-party vendor like Expedia. Expedia generates data provided from the producers (Airlines, Hotels, etc.) and that information needs to be correct. If it is not correct, there is a high chance of the business losing money.
- What tools can be used to test APIs? How do you test APIs in your project?
In my project we have REST APIs. For manual testing we use Postman. We have done our best to use Postmans features to organize our tests. We set global and environment variables so we can easily change any values from one location so that the respective change can immediately be updated wherever the variable is called.
We also use Postmans available JavaScript methods to validate status codes and verify data from our response body, and Postman’s collection runner to execute multiple calls at once in the desired order. Additionally, we are using the Rest Assured Java library.
As a tester I send an API request (whether it is a GET, POST, PUT or DELETE call) and then I verify the status code, response body and check headers. I verify that each endpoint is working as expected.
I do positive and negative testing of APIs:
Positive - I am sending valid requests, headers, parameters, and Json body and then verify that response is 200/201
Negative- I am sending invalid requests, headers, parameters, and body, expecting the status code not to be 200/201.
- What is EndPoint?
An endpoint by itself is the location where a resource can be accessed
Examples:
/createUsers
/getUsers
We must create a URI to successfully hit our endpoint
An endpoint is one end of a communication channel. When an API interacts with another system, the touchpoints of this communication are considered endpoints.
- What is a URI?
Uniform Resource Identifier
URI = Domain/Base URL + endpoint
- Do you have an API documentation website for your APIs? Any other API documentation that you know of?
Swagger is an open-source software framework backed by a large ecosystem of tools that helps developers design, build, document, and consume RESTful Web services.
Some of the API documentation templates: ● Swagger ● FlatDoc ● RestDoc ● API blueprint
However, I have only been exposed to Swagger.
- Can you tell me what is required to send a POST, GET, PUT, PATCH, and DELETE calls?
With POST you will need:
● URI
● Headers
● BODY/Payload (your data in JSON, XML, String, etc)
With GET you will need:
● URI
● Headers
● No BODY/Payload is required since GET you are only retrieving data from a server and not creating
● If you need to send data with a GET call to narrow down your search then you can send your data in form of JQuery Parameters or Path Parameters
With a PUT(update) call you will need: ● URI ● Headers ● AND a body/payload Note: If you are attempting to update information that does not exist in given server then PUT will behave as a POST call and create the information UNLESS developers have restricted that from happening
With a DELETE call you will need: ● URI ● Headers ● AND you may/may not need a payload ● If a payload is not required then you will send data in form as JQuery parameter or PATH parameter
HTTP request method is made up of four components:
● Request Method: Get, Post, Put, Delete
● Request URI: complete URL of the resource
● Request Header: Accept, Content-Type
● Request Body: data to be sent to the resource
- What would you expect in a response?
HTTP response method is made up of three components:
● Response Status Code:200, 201, 400, 404, 500
● Response Header: Date, Server, Last-Modified, Content-Type
● Response Body: data that comes back to the client from the server
- What is JSON?
● It is JavaScript Object Notation (is a minimal, readable format for structuring data.)
● It is used primarily to transmit data between a server and web application, as an alternative to XML (a lightweight version of XML)
● Represents Data in a Key: Value format
● JSON is NOT a programming language
- What are two types of Parameters sent with a URI?
Parameters are options you can pass with the endpoint to influence the response.
In REST we 2 types of Parameters:
● Path Parameters
As part of the URL-path (i.e. /api/resource/parametervalue )
● Query Parameters
As a query argument (i.e. /api/resource?parameter=value )