‭https://www.linkedin.

com/in/anshulagarwal30/‬

‭A‬‭PI Testing Interview Questions & Answ‬‭ers‬

‭API (Common Web API Testing Interview Q & A)‬

‬l
‭1.‬‭What is an API?‬

a
‭An‬ ‭API‬ ‭(Application‬ ‭Programming‬ ‭Interface)‬ ‭is‬ ‭a‬ ‭software‬ ‭intermediary‬ ‭that‬

w
‭enables‬‭two‬‭applications‬‭to‬‭communicate‬‭with‬‭each‬‭other.‬‭It‬‭comprises‬‭a‬‭number‬
‭of subroutine definitions, logs, and tools for creating application software.‬

r
‭In‬ ‭an‬ ‭API‬ ‭testing‬ ‭interview,‬ ‭you‬ ‭could‬ ‭be‬ ‭asked‬ ‭to‬ ‭give‬ ‭some‬ ‭API‬ ‭examples,‬

a
‭here‬ ‭are‬ ‭the‬ ‭well-known‬ ‭ones:‬ ‭Google‬ ‭Maps‬ ‭API,‬ ‭Amazon‬ ‭Advertising‬ ‭API,‬

g
‭Twitter API, YouTube API, etc.‬

A
‭2.‬‭What are main differences between API and Web Service?‬

‭●‬ ‭All Web services are APIs but not all APIs are Web services.‬

l
‭●‬ ‭Web services‬‭might not contain all the specifications‬‭and cannot perform all the‬

u
‭tasks that APIs would perform.‬

h
‭●‬ ‭A Web service uses only three styles of use: SOAP, REST and XML-RPC for‬

s
‭communication whereas API may be exposed to in multiple ways.‬

n
‭A
 ‭https://www.linkedin.com/in/anshulagarwal30/‬

‭●‬ ‭A Web service always needs a network to operate while APIs don’t need a‬
‭network for operation.‬

‭3.‬‭What are the Limits of API Usage?‬

‬l
‭Many‬‭APIs‬‭have‬‭a‬‭certain‬‭limit‬‭set‬‭up‬‭by‬‭the‬‭provider.‬‭Thus,‬‭try‬‭to‬‭estimate‬‭your‬
‭usage‬ ‭and‬ ‭understand‬ ‭how‬ ‭that‬ ‭will‬ ‭impact‬ ‭the‬ ‭overall‬ ‭cost‬ ‭of‬ ‭the‬ ‭offering.‬

a
‭Whether‬ ‭this‬ ‭will‬‭be‬‭a‬‭problem‬‭depends‬‭in‬‭large‬‭part‬‭on‬‭how‬‭data‬‭is‬‭leveraged.‬

w
‭Getting‬ ‭caught‬ ‭by‬ ‭a‬ ‭quota‬‭and‬‭effectively‬‭cut-off‬‭because‬‭of‬‭budget‬‭limitations‬
‭will‬ ‭render‬ ‭the‬ ‭service‬ ‭(and‬ ‭any‬ ‭system‬ ‭or‬ ‭process‬ ‭depending‬ ‭on‬ ‭it)‬ ‭virtually‬

r
‭useless.‬

g a
‭Creating‬ ‭an‬ ‭API‬ ‭(Common‬ ‭Web‬ ‭API‬ ‭Testing‬ ‭interview‬
‭questions)‬

A
‭4.‬‭What are some architectural styles for creating a Web API?‬

l
‭This‬ ‭is‬ ‭one‬ ‭of‬ ‭the‬ ‭fundamental‬ ‭Web‬ ‭API‬‭interview‬‭questions.‬‭Bellows‬‭are‬‭four‬

u
‭common Web API architectural styles:‬

h
‭●‬ ‭HTTP for client-server communication‬

s
‭●‬ ‭XML/JSON as formatting language‬

n
‭●‬ ‭Simple URI as the address for the services‬

‭●‬ ‭Stateless communication‬

‭A
‭5.‬‭Who can use a Web API?‬

‭Web‬ ‭API‬ ‭can‬ ‭be‬ ‭consumed‬ ‭by‬ ‭any‬ ‭clients‬ ‭which‬ ‭support‬ ‭HTTP‬ ‭verbs‬ ‭such‬ ‭as‬
‭GET,‬ ‭PUT,‬ ‭DELETE,‬ ‭POST.‬ ‭Since‬ ‭Web‬ ‭API‬ ‭services‬ ‭do‬ ‭not‬ ‭require‬
‭configuration,‬ ‭they‬ ‭can‬ ‭be‬ ‭easily‬ ‭used‬ ‭by‬ ‭any‬ ‭client.‬ ‭In‬ ‭fact,‬ ‭even‬ ‭portable‬
‭devices‬
 ‭https://www.linkedin.com/in/anshulagarwal30/‬

‭such‬ ‭as‬ ‭mobile‬ ‭devices‬ ‭can‬ ‭easily‬ ‭use‬ ‭Web‬ ‭API,‬ ‭which‬ ‭is‬ ‭undoubtedly‬ ‭the‬
‭biggest advantage of this technology.‬

‭Testing‬‭an‬‭API‬‭–‬‭Top‬‭Web‬‭API‬‭Testing‬‭interview‬‭questions‬‭&‬

‬l
‭answers‬

a
‭6.‬‭What is API Testing?‬

w
‭API‬ ‭testing‬ ‭is‬ ‭a‬ ‭kind‬ ‭of‬ ‭software‬ ‭testing‬ ‭that‬ ‭determines‬‭if‬‭the‬‭developed‬‭APIs‬

r
‭meet‬ ‭expectations‬ ‭regarding‬ ‭the‬ ‭functionality,‬ ‭reliability,‬ ‭performance,‬ ‭and‬
‭security of the application.‬

g a
‭7.‬‭What are the advantages of API Testing?‬

‭In‬ ‭an‬ ‭API‬‭interview,‬‭they‬‭are‬‭likely‬‭to‬‭ask‬‭about‬‭the‬‭advantages‬‭of‬‭API‬‭testing.‬

A
‭So be prepared with the significant ones such as:‬

l
‭●‬ ‭Test‬ ‭for‬ ‭Core‬ ‭Functionality:‬ ‭API‬ ‭testing‬ ‭provides‬ ‭access‬ ‭to‬ ‭the‬ ‭application‬
‭without‬ ‭a‬ ‭user‬ ‭interface.‬ ‭The‬ ‭core‬ ‭and‬ ‭code-level‬ ‭of‬ ‭functionalities‬ ‭of‬ ‭the‬

u
‭application‬ ‭will‬ ‭be‬ ‭tested‬ ‭and‬ ‭evaluated‬ ‭early‬ ‭before‬ ‭the‬ ‭GUI‬ ‭tests.‬ ‭This‬ ‭will‬

h
‭help detect the minor issues which can become bigger during the GUI testing.‬

s
‭●‬ ‭Time‬‭Effective:‬‭API‬‭testing‬‭usually‬‭is‬‭less‬‭time‬‭consuming‬‭than‬‭functional‬‭GUI‬

n
‭testing.‬ ‭The‬ ‭web‬ ‭elements‬ ‭in‬ ‭GUI‬ ‭testing‬ ‭must‬ ‭be‬ ‭polled,‬ ‭which‬ ‭makes‬ ‭the‬
‭testing‬ ‭process‬‭slower.‬‭Particularly,‬‭API‬‭test‬‭automation‬‭requires‬‭less‬‭code‬‭so‬‭it‬

‭A
‭can‬ ‭provide‬ ‭better‬ ‭and‬ ‭faster‬ ‭test‬ ‭coverage‬ ‭compared‬ ‭to‬ ‭GUI‬ ‭test‬ ‭automation.‬
‭These will result in the cost saving for the testing project.‬

‭●‬ ‭Language-Independent:‬ ‭In‬ ‭API‬ ‭testing,‬ ‭data‬ ‭is‬ ‭exchanged‬ ‭using‬ ‭XML‬ ‭or‬
‭JSON.‬ ‭These‬ ‭transfer‬ ‭modes‬ ‭are‬ ‭completely‬ ‭language-independent,‬ ‭allowing‬
‭users‬‭to‬‭select‬‭any‬‭code‬‭language‬‭when‬‭adopting‬‭automation‬‭testing‬‭services‬‭for‬
‭the project.‬
 ‭https://www.linkedin.com/in/anshulagarwal30/‬

‭●‬ ‭Easy‬ ‭Integration‬ ‭with‬ ‭GUI:‬ ‭API‬ ‭tests‬ ‭enable‬ ‭highly‬ ‭integrable‬ ‭tests,‬ ‭which‬ ‭is‬
‭particularly‬‭useful‬‭if‬‭you‬‭want‬‭to‬‭perform‬‭functional‬‭GUI‬‭tests‬‭after‬‭API‬‭testing.‬
‭For‬ ‭instance,‬ ‭simple‬ ‭integration‬ ‭would‬ ‭allow‬ ‭new‬ ‭user‬ ‭accounts‬ ‭to‬ ‭be‬ ‭created‬

‬l
‭within the application before a GUI test started.‬

‭8.‬‭Some common protocols used in API testing?‬

a
‭Many‬ ‭protocols‬ ‭are‬ ‭now‬ ‭available‬ ‭to‬ ‭be‬ ‭used‬ ‭in‬ ‭API‬ ‭testing,‬ ‭such‬ ‭as‬ ‭JMS,‬

w
‭REST, HTTP, UDDI and SOAP.‬

r
‭9.‬‭What is the test environment of API?‬

a
‭Setting‬ ‭up‬‭the‬‭API’s‬‭test‬‭environment‬‭is‬‭not‬‭an‬‭easy‬‭task,‬‭so‬‭you‬‭should‬‭have‬‭a‬

g
‭ready‬ ‭answer‬ ‭if‬ ‭your‬ ‭API‬ ‭testing‬ ‭interview‬ ‭is‬‭coming.‬‭The‬‭test‬‭environment‬‭of‬
‭API‬‭is‬‭a‬‭bit‬‭complete‬‭and‬‭requires‬‭the‬‭configuration‬‭of‬‭the‬‭database‬‭and‬‭server,‬

A
‭depending‬ ‭on‬ ‭the‬ ‭software‬ ‭requirements.‬‭No‬‭GUI‬‭(Graphical‬‭User‬‭Interface)‬‭is‬
‭available in this test form.‬

l
‭When‬ ‭the‬ ‭installation‬ ‭process‬ ‭is‬ ‭complete,‬ ‭API‬ ‭is‬ ‭verified‬ ‭for‬ ‭the‬ ‭proper‬

u
‭operation.‬‭Throughout‬‭the‬‭process,‬‭the‬‭API‬‭called‬‭from‬‭the‬‭original‬‭environment‬

h
‭is set up with different parameters to study the test results.‬

s
‭10.‬‭What are principles of an API test design?‬

n
‭The five most important principles of an API test design are:‬

‭●‬ ‭Setup: Create objects, start services, initialize data, etc‬

‭A
‭●‬ ‭Execution: Steps to apply API or the scenario, including logging‬

‭●‬ ‭Verification: Oracles to evaluate the result of the execution‬

‭●‬ ‭Reporting: Pass, failed or blocked‬

‭●‬ ‭Clean up: Pre-test state‬

 ‭https://www.linkedin.com/in/anshulagarwal30/‬

‭11.‬‭What are the common API testing types?‬

‭While‬ ‭there‬ ‭are‬ ‭certainly‬ ‭specialty‬ ‭tests,‬ ‭and‬ ‭no‬ ‭list‬ ‭can‬ ‭be‬ ‭asked‬ ‭to‬ ‭be‬
‭comprehensive‬ ‭in‬ ‭this‬ ‭realm,‬ ‭most‬ ‭tests‬ ‭fit‬ ‭broadly‬ ‭into‬ ‭these‬ ‭following‬ ‭nine‬

‬l
‭categories‬ ‭that‬ ‭you‬ ‭should‬ ‭remember‬ ‭before‬ ‭attending‬ ‭in‬ ‭an‬ ‭API‬ ‭testing‬
‭interview.‬

a
‭1.‬ ‭Validation Testing‬

w
‭2.‬ ‭Functional Testing‬

r
‭3.‬ ‭UI testing‬

a
‭4.‬ ‭Load testing‬

g
‭5.‬ ‭Runtime/ Error Detection‬

‭6.‬ ‭Security testing‬

A
‭7.‬ ‭Penetration testing‬

l
‭8.‬ ‭Fuzz testing‬

u
‭9.‬ ‭Interoperability and WS Compliance testing‬

h
‭12.‬‭What is the procedure to perform API testing?‬

s
‭1.‬ ‭Choose the suite to add the API test case‬

n
‭2.‬ ‭Choose the test development mode‬

‭A
‭3.‬ ‭Demand the development of test cases for the required API methods‬

‭4.‬ ‭Configure the control parameters of the application and then test conditions‬

‭5.‬ ‭Configure method validation‬

‭6.‬ ‭Execute the API test‬

‭7.‬ ‭Check test reports and filter API test cases‬

‭8.‬ ‭Arrange all API test cases‬

 ‭https://www.linkedin.com/in/anshulagarwal30/‬

‭13.‬‭What must be checked when performing API testing?‬

‭During‬ ‭the‬ ‭API‬ ‭testing‬ ‭process,‬ ‭a‬ ‭request‬ ‭is‬ ‭raised‬ ‭to‬ ‭the‬ ‭API‬ ‭with‬ ‭the‬ ‭known‬
‭data.‬ ‭This‬ ‭way‬ ‭you‬ ‭can‬ ‭analyze‬ ‭the‬ ‭validation‬ ‭response.‬ ‭While‬ ‭testing‬‭an‬‭API,‬

‬l
‭you should consider:‬

‭●‬ ‭Accuracy of data‬

a
‭●‬ ‭Schema validation‬

w
‭●‬ ‭HTTP status codes‬

r
‭●‬ ‭Data type, validations, order and completeness‬

a
‭●‬ ‭Authorization checks‬

g
‭●‬ ‭Implementation of response timeout‬

‭●‬ ‭Error codes in case API returns, and‬

A
‭●‬ ‭Non-functional testing like performance and security testing‬

l
‭14.‬‭What is the best approach method to perform API testing?‬

u
‭The following factors should be considered when performing API testing:‬

h
‭●‬ ‭Defining the correct input parameters‬

s
‭●‬ ‭Verifying the calls of the mixture of two or more added value parameters‬

n
‭●‬ ‭Defining the basic functionality and scope of the API program‬

‭A
‭●‬ ‭Writing appropriate API test cases and making use of testing techniques such as‬
‭equivalence class, boundary value, etc. to check the operability‬

‭●‬ ‭Testing case execution‬

‭●‬ ‭Comparing the test result with the expected result‬

 ‭https://www.linkedin.com/in/anshulagarwal30/‬

‭●‬ ‭Verifying the API behavior under conditions such as connection to files and so‬
‭on.‬

‭15.‬‭What are tools could be used for API testing?‬

‬l
‭There‬ ‭are‬ ‭myriad‬ ‭of‬ ‭different‬ ‭API‬ ‭testing‬ ‭tools‬ ‭available.‬ ‭A‬ ‭few‬ ‭of‬ ‭common‬
‭tools‬ ‭are‬ ‭Katalon‬ ‭Studio,‬ ‭Postman,‬ ‭SoapUi‬ ‭Pro,‬ ‭Apigee,‬ ‭etc.‬‭While‬‭doing‬‭Unit‬

a
‭and‬ ‭API‬‭testing,‬‭both‬‭targets‬‭source‬‭code.‬‭If‬‭an‬‭API‬‭method‬‭uses‬‭code‬‭based‬‭in‬

w
‭.NET then another supporting tool must have .NET.‬

r
‭16.‬‭What are differences between API Testing and Unit Testing?‬

g a
‭API Testing‬ ‭UNIT Testing‬

‭Conducted by QA Team‬ ‭Conducted by Development Team‬

A
‭Mostly block box testing‬ ‭White box testing‬

l
‭Aimed‬ ‭to‬ ‭access‬‭the‬‭full‬‭functionality‬ ‭Used to verify whether each unit in‬

u
‭of‬ ‭the‬ ‭system‬ ‭for‬ ‭it‬ ‭will‬‭be‬‭employed‬ ‭isolation performs as expected or not.‬

h
‭by the end users ( external developers‬

s
‭who will use your API)‬

n
‭Often‬ ‭run‬ ‭after‬ ‭the‬ ‭build‬‭is‬‭ready‬‭and‬ ‭Each‬ ‭of‬ ‭the‬ ‭code‬ ‭modules‬ ‭must‬ ‭be‬
‭authors‬ ‭do‬ ‭not‬ ‭have‬ ‭access‬ ‭to‬ ‭the‬ ‭ensured‬ ‭to‬ ‭pass‬ ‭the‬ ‭unit‬ ‭test‬ ‭before‬

‭A
‭source code.‬ ‭being built by developers.‬

‭17.‬‭What are differences between API Testing and UI Testing?‬

 ‭https://www.linkedin.com/in/anshulagarwal30/‬

‭●‬ ‭API‬‭enables‬‭communication‬‭between‬‭two‬‭separate‬‭software‬‭systems.‬‭A‬‭software‬
‭system‬ ‭implementing‬ ‭an‬ ‭API‬ ‭contains‬ ‭functions‬ ‭or‬ ‭subroutines‬ ‭that‬ ‭can‬ ‭be‬
‭executed by another software system.‬

‬l
‭●‬ ‭On‬ ‭the‬ ‭other‬ ‭hand,‬ ‭UI‬ ‭(‬ ‭User‬ ‭Interface)‬ ‭testing‬ ‭refers‬ ‭to‬ ‭testing‬ ‭graphical‬
‭interface‬ ‭such‬ ‭as‬ ‭how‬ ‭users‬ ‭interact‬ ‭with‬ ‭the‬ ‭applications,‬ ‭testing‬ ‭application‬

a
‭elements‬‭like‬‭fonts,‬‭images,‬‭layouts‬‭etc.‬‭UI‬‭testing‬‭basically‬‭focuses‬‭on‬‭look‬‭and‬
‭feel of an application.‬

w
‭18.‬‭What are major challenges faced in API testing?‬

r
‭If you can overcome the challenges in API Testing, you can be confident in the‬

a
‭API testing interview too. They are:‬

g
‭●‬ ‭Parameter Selection‬

A
‭●‬ ‭Parameter Combination‬

‭●‬ ‭Call sequencing‬

l
‭●‬ ‭Output verification and validation‬

u
‭●‬ ‭Another‬‭important‬‭challenge‬‭is‬‭providing‬‭input‬‭values,‬‭which‬‭is‬‭very‬‭difficult‬‭as‬

h
‭GUI is not available in this case.‬

s
‭19.‬‭What are the testing methods that come under API testing?‬

n
‭One of the most common Web API testing interview questions is about the testing‬

‭A
‭methods. They are:‬

‭●‬ ‭Unit testing and Functional testing‬

‭●‬ ‭Load testing to test the performance under load‬

‭●‬ ‭Discovery testing to list, create and delete the number of calls documented in API‬

‭●‬ ‭Usability and Reliability testing to get consistent results‬

 ‭https://www.linkedin.com/in/anshulagarwal30/‬

‭●‬ ‭Security and Penetration testing to validate all types of authentication‬

‭●‬ ‭Automation testing to create and run scripts that require regular API calls‬

‭●‬ ‭End to end Integration and Web UI testing‬

‬l
‭●‬ ‭API documentation testing to determine its efficiency and effectiveness‬

a
‭20.‬ ‭Why is API testing considered as the most suitable form for‬
‭Automation testing?‬

w
‭API testing is now preferred over GUI testing and is considered as most suitable‬

r
‭because:‬

a
‭●‬ ‭It verifies all the functional paths of the system under test very effectively.‬

g
‭●‬ ‭It provides the most stable interface.‬

A
‭●‬ ‭It is easier to maintain and provides fast feedback.‬

l
‭21.‬‭What are common API errors that often founded?‬

u
‭Not‬ ‭only‬ ‭API‬ ‭fundamental‬ ‭questions,‬ ‭the‬ ‭interviewer‬ ‭also‬ ‭determine‬ ‭your‬
‭knowledge‬‭and‬‭experience‬‭by‬‭asking‬‭about‬‭the‬‭API‬‭errors‬‭in‬‭a‬‭Web‬‭API‬‭testing‬

h
‭interview. So the most common ones are:‬

s
‭●‬ ‭Missing module errors‬

n
‭●‬ ‭Documentation errors‬

‭A
‭●‬ ‭Parameter validation errors‬

‭●‬ ‭And‬‭some‬‭standard‬‭error‬‭expectations‬‭as‬‭if‬‭the‬‭result‬‭is‬‭not‬‭so‬‭predicted‬‭then‬‭the‬
‭occurrence‬‭of‬‭errors‬‭can‬‭be‬‭seen‬‭and‬‭for‬‭the‬‭same‬‭warnings‬‭are‬‭specified‬‭in‬‭the‬
‭form‬ ‭of‬ ‭a‬ ‭message.‬ ‭There‬ ‭can‬ ‭be‬ ‭one‬ ‭or‬ ‭more‬ ‭warnings‬ ‭within‬ ‭an‬ ‭individual‬
‭module.‬
 ‭https://www.linkedin.com/in/anshulagarwal30/‬

‭22.‬‭What kinds of bugs that API testing would often find?‬

‭●‬ ‭Missing or duplicate functionality‬

‭●‬ ‭Fails to handle error conditions gracefully‬

‬l
‭●‬ ‭Stress‬

a
‭●‬ ‭Reliability‬

‭●‬ ‭Security‬

w
‭●‬ ‭Unused flags‬

r
‭●‬ ‭Not implemented errors‬

a
‭●‬ ‭Inconsistent error handling‬

g
‭●‬ ‭Performance‬

A
‭●‬ ‭Multi-threading issues‬

l
‭●‬ ‭Improper errors‬

u
‭Documenting‬ ‭the‬ ‭API‬ ‭(Common‬ ‭Web‬ ‭API‬ ‭Testing‬ ‭interview‬

h
‭questions)‬

s
‭23.‬‭What is API documentation?‬

n
‭The‬ ‭API‬ ‭documentation‬ ‭is‬ ‭a‬ ‭complete,‬ ‭accurate‬ ‭technical‬ ‭writing‬ ‭giving‬

‭A
‭instructions‬‭on‬‭how‬‭to‬‭effectively‬‭use‬‭and‬‭integrate‬‭with‬‭an‬‭API.‬‭It‬‭is‬‭a‬‭compact‬
‭reference‬‭manual‬‭that‬‭has‬‭all‬‭the‬‭information‬‭needed‬‭to‬‭work‬‭with‬‭the‬‭API,‬‭and‬
‭helps‬‭you‬‭answer‬‭all‬‭the‬‭API‬‭testing‬‭questions‬‭with‬‭details‬‭on‬‭functions,‬‭classes,‬
‭return types, arguments, and also examples and tutorials.‬

‭24.‬‭What are API documentation templates that are commonly used?‬

 ‭https://www.linkedin.com/in/anshulagarwal30/‬

‭There‬‭are‬‭several‬‭available‬‭API‬‭documentation‬‭templates‬‭help‬‭to‬‭make‬‭the‬‭entire‬
‭process‬ ‭simple‬ ‭and‬ ‭straightforward,‬ ‭which‬ ‭could‬ ‭be‬ ‭answered‬ ‭in‬ ‭your‬ ‭API‬
‭testing interview, such as:‬

‬l
‭●‬ ‭Swagger‬

‭●‬ ‭Miredot‬

a
‭●‬ ‭Slate‬

w
‭●‬ ‭FlatDoc‬

r
‭●‬ ‭API blueprint‬

a
‭●‬ ‭RestDoc‬

g
‭●‬ ‭Web service API specification‬

A
‭25.‬‭When writing API document, what must be considered?‬

‭●‬ ‭Source of the content‬

l
‭●‬ ‭Document plan or sketch‬

u
‭●‬ ‭Delivery layout‬

h
‭●‬ ‭Information needed for every function in the document‬

s
‭●‬ ‭Automatic document creation programs‬

n
‭26.‬‭How often are the APIs changed and, more importantly, deprecated?‬

‭A
‭APIs,‬ ‭especially‬ ‭modern‬ ‭RESTful‬ ‭APIs,‬ ‭are‬ ‭a‬ ‭nice‬ ‭creation‬ ‭that‬ ‭can‬ ‭certainly‬
‭simplify‬ ‭and‬‭accelerate‬‭integration‬‭efforts,‬‭which‬‭makes‬‭it‬‭more‬‭likely‬‭you‬‭will‬
‭benefit‬‭from‬‭them.‬‭But‬‭APIs‬‭can‬‭and‬‭do‬‭change‬‭for‬‭various‬‭reasons,‬‭sometimes‬
‭abruptly,‬ ‭and‬ ‭hence‬ ‭REST‬ ‭APIs‬ ‭do‬ ‭not‬ ‭differ‬ ‭from‬ ‭traditional‬ ‭integration‬
‭methods‬ ‭in‬ ‭this‬ ‭respect.‬ ‭If‬ ‭an‬ ‭API‬ ‭call‬ ‭is‬ ‭obsolete‬ ‭and‬ ‭disappears,‬ ‭your‬
‭procedure will‬
 ‭https://www.linkedin.com/in/anshulagarwal30/‬

‭interrupt‬ ‭and‬ ‭it‬ ‭is‬ ‭important‬ ‭to‬ ‭understand‬ ‭how‬ ‭often‬ ‭the‬ ‭APIs‬ ‭you‬ ‭depend‬ ‭on‬
‭change or are deprecated.‬

‬l
‭REST (Common Web API Testing interview questions)‬

a
‭27.‬‭What is REST?‬

w
‭REST‬ ‭(Representational‬ ‭State‬ ‭Transfer)‬ ‭is‬ ‭an‬ ‭architectural‬‭style‬‭for‬‭developing‬

r
‭web‬ ‭services‬ ‭which‬ ‭exploit‬ ‭the‬ ‭ubiquity‬ ‭of‬ ‭HTTP‬ ‭protocol‬ ‭and‬ ‭uses‬ ‭HTTP‬
‭method‬ ‭to‬ ‭define‬ ‭actions.‬ ‭It‬ ‭revolves‬ ‭around‬ ‭resource‬ ‭where‬ ‭every‬ ‭component‬

a
‭being‬ ‭a‬ ‭resource‬‭that‬‭can‬‭be‬‭accessed‬‭through‬‭a‬‭shared‬‭interface‬‭using‬‭standard‬

g
‭HTTP methods.‬

A
‭In‬ ‭REST‬ ‭architecture,‬ ‭a‬ ‭REST‬ ‭Server‬ ‭provides‬ ‭access‬ ‭to‬ ‭resources‬ ‭and‬ ‭REST‬
‭client‬ ‭accesses‬ ‭and‬ ‭makes‬ ‭these‬ ‭resources‬ ‭available.‬ ‭Here,‬ ‭each‬ ‭resource‬ ‭is‬

l
‭identified‬ ‭by‬ ‭URIs‬ ‭or‬ ‭global‬ ‭IDs,‬ ‭and‬ ‭REST‬ ‭uses‬ ‭multiple‬‭ways‬‭to‬‭represent‬‭a‬

u
‭resource,‬ ‭such‬ ‭as‬ ‭text,‬ ‭JSON,‬ ‭and‬ ‭XML.‬ ‭XML‬ ‭and‬ ‭JSON‬ ‭are‬ ‭nowadays‬ ‭the‬
‭most popular representations of resources.‬

s h
‭28.‬‭What is a RESTFul Web Services?‬

n
‭Mostly,‬ ‭there‬ ‭are‬ ‭two‬ ‭kinds‬ ‭of‬ ‭Web‬ ‭Services‬ ‭which‬ ‭should‬ ‭be‬ ‭remembered‬ ‭in‬
‭your next API testing interview:‬

‭A
‭1.‬ ‭SOAP‬ ‭(Simple‬ ‭Object‬ ‭Access‬ ‭Protocol)‬ ‭–‬ ‭an‬ ‭XML-based‬ ‭method‬ ‭to‬
‭expose web services.‬

‭2.‬ ‭Web‬‭services‬‭developed‬‭in‬‭the‬‭REST‬‭style‬‭are‬‭referred‬‭to‬‭as‬‭RESTful‬‭web‬
‭services.‬ ‭These‬ ‭web‬ ‭services‬ ‭use‬ ‭HTTP‬ ‭methods‬ ‭to‬ ‭implement‬ ‭the‬
‭concept‬ ‭of‬ ‭REST‬ ‭architecture.‬ ‭A‬ ‭RESTful‬ ‭web‬ ‭service‬ ‭usually‬‭defines‬‭a‬
‭URI,‬
 ‭https://www.linkedin.com/in/anshulagarwal30/‬

‭Uniform Resource Identifier a service, provides resource representation like‬

‭JSON and a set of HTTP methods.‬

‭29.‬‭What is a “Resource” in REST?‬

‬l
‭REST‬ ‭architecture‬ ‭treats‬ ‭any‬ ‭content‬ ‭as‬ ‭a‬ ‭resource,‬ ‭which‬ ‭can‬ ‭be‬ ‭either‬ ‭text‬
‭files,‬‭HTML‬ ‭pages,‬ ‭images,‬ ‭videos‬ ‭or‬ ‭dynamic‬ ‭business‬ ‭information.‬‭REST‬

a
‭Server‬ ‭gives‬ ‭access‬ ‭to‬ ‭resources‬ ‭and‬ ‭modifies‬ ‭them,‬ ‭where‬ ‭each‬ ‭resource‬ ‭is‬

w
‭identified by URIs/ global IDs.‬

r
‭30.‬‭What is the most popular way to represent a resource in REST?‬

a
‭REST‬ ‭uses‬ ‭different‬ ‭representations‬ ‭to‬ ‭define‬ ‭a‬ ‭resource‬ ‭like‬ ‭text,‬ ‭JSON,‬ ‭and‬

g
‭XML.‬
‭XML and JSON are the most popular representations of resources.‬

A
‭31.‬‭Which protocol is used by RESTful Web services?‬

l
‭RESTful‬ ‭web‬ ‭services‬ ‭use‬ ‭the‬ ‭HTTP‬ ‭protocol‬ ‭as‬ ‭a‬ ‭medium‬ ‭of‬‭communication‬

u
‭between the client and the server.‬

h
‭32.‬‭What are some key characteristics of REST?‬

s
‭Key‬‭characteristics‬‭of‬‭REST‬‭are‬‭likely‬‭asked‬‭in‬‭a‬‭Web‬‭API‬‭Testing‬‭interview.‬‭So‬

n
‭please get the answer ready in your mind with these 2 ones:‬

‭●‬ ‭REST‬‭is‬‭stateless,‬‭therefore‬‭the‬‭SERVER‬‭has‬‭no‬‭status‬‭(or‬‭session‬‭data)‬‭With‬‭a‬

‭A
‭well-applied‬ ‭REST‬ ‭API,‬ ‭the‬ ‭server‬ ‭could‬ ‭be‬ ‭restarted‬ ‭between‬‭two‬‭calls,‬‭since‬
‭all data is transferred to the server‬

‭●‬ ‭Web‬ ‭service‬ ‭uses‬ ‭POST‬ ‭method‬ ‭primarily‬ ‭to‬ ‭perform‬ ‭operations,‬ ‭while‬ ‭REST‬
‭uses GET for accessing resources.‬

‭33.‬‭What is messaging in RESTful Web services?‬

 ‭https://www.linkedin.com/in/anshulagarwal30/‬

‭RESTful‬‭web‬‭services‬‭use‬‭the‬‭HTTP‬‭protocol‬‭as‬‭a‬‭communication‬‭tool‬‭between‬
‭the‬‭client‬‭and‬‭the‬‭server.‬‭The‬‭technique‬‭that‬‭when‬‭the‬‭client‬‭sends‬‭a‬‭message‬‭in‬
‭the‬ ‭form‬ ‭of‬ ‭an‬ ‭HTTP‬ ‭Request,‬ ‭the‬ ‭server‬ ‭sends‬ ‭back‬ ‭the‬‭HTTP‬‭reply‬‭is‬‭called‬

‬l
‭Messaging.‬ ‭These‬ ‭messages‬ ‭comprise‬ ‭message‬ ‭data‬ ‭and‬ ‭metadata,‬ ‭that‬ ‭is,‬
‭information on the message itself.‬

a
‭34.‬‭What are the core components of an HTTP request?‬

w
‭An HTTP request contains five key elements:‬

r
‭1.‬ ‭An action showing HTTP methods like GET, PUT, POST, DELETE.‬

a
‭2.‬ ‭Uniform‬‭Resource‬‭Identifier‬‭(URI),‬‭which‬‭is‬‭the‬‭identifier‬‭for‬‭the‬‭resource‬

g
‭on the server.‬

‭3.‬ ‭HTTP Version, which indicates HTTP version, for example-HTTP v1.1.‬

A
‭4.‬ ‭Request‬‭Header,‬‭which‬‭carries‬‭metadata‬‭(as‬‭key-value‬‭pairs)‬‭for‬‭the‬‭HTTP‬

l
‭Request‬ ‭message.‬ ‭Metadata‬ ‭could‬ ‭be‬ ‭a‬ ‭client‬ ‭(or‬ ‭browser)‬ ‭type,‬ ‭format‬

u
‭supported‬ ‭by‬‭the‬‭client,‬‭format‬‭of‬‭a‬‭message‬‭body‬‭format,‬‭cache‬‭settings,‬
‭and so on.‬

h
‭5.‬ ‭Request‬ ‭Body,‬ ‭which‬ ‭indicates‬ ‭the‬ ‭message‬ ‭content‬ ‭or‬ ‭resource‬

s
‭representation.‬

n
‭35.‬‭What are the most commonly used HTTP methods supported by REST?‬

‭A
‭●‬ ‭GET‬‭is‬‭only‬‭used‬‭to‬‭request‬‭data‬‭from‬‭a‬‭specified‬‭resource.‬‭Get‬‭requests‬‭can‬‭be‬
‭cached‬ ‭and‬ ‭bookmarked.‬ ‭It‬ ‭remains‬ ‭in‬ ‭the‬ ‭browser‬ ‭history‬ ‭and‬ ‭haS‬ ‭length‬
‭restrictions.‬ ‭GET‬ ‭requests‬ ‭should‬ ‭never‬ ‭be‬ ‭used‬ ‭when‬ ‭dealing‬ ‭with‬ ‭sensitive‬
‭data.‬

‭●‬ ‭POST‬ ‭is‬ ‭used‬ ‭to‬ ‭send‬ ‭data‬ ‭to‬ ‭a‬ ‭server‬ ‭to‬ ‭create/update‬ ‭a‬ ‭resource.‬ ‭POST‬
‭requests‬ ‭are‬ ‭never‬ ‭cached‬ ‭and‬ ‭bookmarked‬ ‭and‬ ‭do‬ ‭not‬ ‭remain‬ ‭in‬ ‭the‬ ‭browser‬
‭history.‬
 ‭https://www.linkedin.com/in/anshulagarwal30/‬

‭●‬ ‭PUT replaces all current representations of the target resource with the request‬
‭payload.‬

‭●‬ ‭DELETE removes the specified resource.‬

‬l
‭●‬ ‭OPTIONS is used to describe the communication options for the target resource.‬

‭●‬ ‭HEAD asks for a response identical to that of a GET request, but without the‬

a
‭response body.‬

w
‭36.‬‭Can GET request to be used instead of PUT to create a resource?‬

r
‭The‬ ‭PUT‬ ‭or‬ ‭POST‬ ‭method‬ ‭should‬ ‭be‬ ‭used‬ ‭to‬ ‭create‬ ‭a‬ ‭resource.‬ ‭GET‬ ‭is‬ ‭only‬

a
‭used to request data from a specified resource.‬

g
‭37.‬‭Is there any difference between PUT and POST operations?‬

A
‭PUT‬ ‭and‬ ‭POST‬ ‭operation‬ ‭are‬ ‭quite‬ ‭similar,‬ ‭except‬ ‭the‬ ‭terms‬ ‭of‬ ‭the‬ ‭result‬
‭generated by them.‬

l
‭PUT‬‭operation‬‭is‬‭idempotent,‬‭so‬‭you‬‭can‬‭cache‬‭the‬‭response‬‭while‬‭the‬‭responses‬

u
‭to‬ ‭POST‬ ‭operation‬ ‭are‬‭not‬‭cacheable,‬‭and‬‭if‬‭you‬‭retry‬‭the‬‭request‬‭N‬‭times,‬‭you‬

h
‭will end up having N resources with N different URIs created on server.‬

s
‭In‬ ‭a‬ ‭Web‬ ‭API‬ ‭Testing‬ ‭interview,‬ ‭you‬ ‭should‬ ‭give‬ ‭a‬ ‭specific‬ ‭example‬ ‭for‬ ‭PUT‬
‭and‬ ‭POST‬ ‭operations‬ ‭to‬ ‭make‬ ‭crystal‬ ‭clear‬ ‭to‬ ‭the‬ ‭interviewer.‬ ‭Below‬ ‭is‬ ‭an‬

n
‭example:‬

‭A
‭Scenario:‬ ‭Let’s‬‭say‬‭we‬‭are‬‭designing‬‭a‬‭network‬‭application.‬‭Let’s‬‭list‬‭down‬‭few‬
‭URIs‬‭and‬‭their‬‭purpose‬‭to‬‭get‬‭to‬‭know‬‭when‬‭to‬‭use‬‭POST‬‭and‬‭when‬‭to‬‭use‬‭PUT‬
‭operations.‬

‭GET /device-management/devices‬ ‭:‬ ‭Get‬ ‭all‬ ‭devices‬

‭POST /device-management/devices : Create a new device‬
 ‭https://www.linkedin.com/in/anshulagarwal30/‬

‭GET‬ ‭/device-management/devices/{id}‬ ‭:‬ ‭Get‬ ‭the‬ ‭device‬ ‭information‬ ‭identified‬

‭by “id”‬
‭PUT‬ ‭/device-management/devices/{id}‬ ‭:‬ ‭Update‬ ‭the‬ ‭device‬ ‭information‬

‬l
‭identified‬ ‭by‬ ‭“id”‬
‭DELETE /device-management/devices/{id} : Delete device by “id”‬

a
‭38.‬ ‭Which purpose does the OPTIONS method serve for the RESTful‬
‭Web services?‬

w
‭The‬ ‭OPTIONS‬ ‭Method‬‭lists‬‭down‬‭all‬‭the‬‭operations‬‭of‬‭a‬‭web‬‭service‬‭supports.‬

r
‭It creates read-only requests to the server.‬

a
‭39.‬ ‭What is URI? What is the main purpose of REST-based web services‬

g
‭and what is its format?‬

A
‭URI stands for Uniform Resource Identifier. It is a string of characters designed‬
‭for unambiguous identification of resources and extensibility via the URI‬

l
‭scheme.‬

u
‭The purpose of a URI is to locate a resource(s) on the server hosting of the web‬
‭service.‬

s h
‭A‬ ‭URI’s‬ ‭format‬ ‭is‬ ‭<protocol>://<service-‬
‭name>/<ResourceType>/<ResourceID>.‬

n
‭40.‬‭What is payload in RESTFul Web services?‬

‭A
‭The‬ ‭“payload”‬ ‭is‬ ‭the‬ ‭data‬ ‭you‬ ‭are‬ ‭interested‬ ‭in‬ ‭transporting.‬ ‭This‬ ‭is‬
‭differentiated‬ ‭from‬ ‭the‬ ‭things‬ ‭that‬ ‭wrap‬ ‭the‬ ‭data‬ ‭for‬ ‭transport‬ ‭like‬‭the‬‭HTTP/S‬
‭Request/Response headers, authentication, etc.‬

‭41.‬‭What is the upper limit for a payload to pass in the POST method?‬

‭<GET> appends data to the service URL. But, its size shouldn’t exceed the‬
‭maximum URL length. However, <POST> doesn’t have any such limit.‬
 ‭https://www.linkedin.com/in/anshulagarwal30/‬

‭So,‬‭theoretically,‬‭a‬‭user‬‭can‬‭pass‬‭unlimited‬‭data‬‭as‬‭the‬‭payload‬‭to‬‭POST‬‭method.‬
‭But,‬ ‭if‬ ‭we‬ ‭consider‬‭a‬‭real‬‭use‬‭case,‬‭then‬‭sending‬‭POST‬‭with‬‭large‬‭payload‬‭will‬
‭consume‬ ‭more‬ ‭bandwidth.‬ ‭It’ll‬ ‭take‬ ‭more‬ ‭time‬ ‭and‬ ‭present‬ ‭performance‬

‬l
‭challenges to your server. Hence, a user should take action accordingly.‬

‭42.‬‭What is the caching mechanism?‬

a
‭Caching‬ ‭is‬ ‭just‬ ‭the‬ ‭practice‬ ‭of‬ ‭storing‬ ‭data‬ ‭in‬ ‭temporarily‬ ‭and‬ ‭retrieving‬ ‭data‬

w
‭from a high-performance store (usually memory) either explicitly or implicitly.‬

r
‭When‬ ‭a‬ ‭caching‬ ‭mechanism‬ ‭is‬ ‭in‬ ‭place,‬ ‭it‬ ‭helps‬ ‭improve‬ ‭delivery‬ ‭speed‬ ‭by‬
‭storing‬ ‭a‬ ‭copy‬ ‭of‬ ‭the‬ ‭asset‬ ‭you‬ ‭requested‬ ‭and‬ ‭later‬ ‭accessing‬ ‭the‬ ‭cached‬ ‭copy‬

a
‭instead of the original.‬

g
A
‭SOAP (Common Web API Testing interview questions)‬

l
‭43.‬‭What are SOAP Web services?‬

u
‭This‬ ‭is‬ ‭one‬ ‭of‬ ‭the‬ ‭fundamental‬ ‭Web‬ ‭services‬ ‭testing‬ ‭questions‬ ‭that‬ ‭you‬ ‭must‬

h
‭know‬ ‭the‬ ‭answer.‬ ‭The‬ ‭SOAP‬ ‭(Simple‬‭Object‬‭Access‬‭Protocol)‬‭is‬‭defined‬‭as‬‭an‬

s
‭XML-‬‭based‬‭protocol.‬‭It‬‭is‬‭known‬‭for‬‭designing‬‭and‬‭developing‬‭web‬‭services‬‭as‬
‭well‬ ‭as‬ ‭enabling‬ ‭communication‬ ‭between‬ ‭applications‬ ‭developed‬ ‭on‬ ‭different‬

n
‭platforms‬ ‭using‬ ‭various‬ ‭programming‬ ‭languages‬ ‭over‬ ‭the‬ ‭Internet.‬ ‭It‬ ‭is‬ ‭both‬
‭platform and language independent.‬

‭A
‭44.‬‭How does SOAP work?‬

‭SOAP‬ ‭is‬ ‭used‬ ‭to‬ ‭provide‬ ‭a‬ ‭user‬ ‭interface‬ ‭that‬ ‭can‬ ‭be‬ ‭accessed‬ ‭by‬ ‭the‬ ‭client‬
‭object,‬ ‭and‬ ‭the‬ ‭request‬ ‭that‬ ‭it‬ ‭sends‬ ‭goes‬ ‭to‬ ‭the‬ ‭server,‬ ‭which‬ ‭can‬ ‭be‬ ‭accessed‬
‭using‬ ‭the‬ ‭server‬ ‭object.‬ ‭The‬ ‭user‬ ‭interface‬ ‭creates‬ ‭some‬ ‭files‬ ‭or‬ ‭methods‬
‭consisting‬ ‭of‬ ‭server‬‭object‬‭and‬‭the‬‭name‬‭of‬‭the‬‭interface‬‭to‬‭the‬‭server‬‭object.‬‭It‬
‭also contains other‬
 ‭https://www.linkedin.com/in/anshulagarwal30/‬

‭information‬ ‭such‬ ‭as‬ ‭the‬ ‭name‬ ‭of‬ ‭the‬ ‭interface‬ ‭and‬ ‭methods.‬ ‭It‬ ‭uses‬ ‭HTTP‬ ‭to‬
‭send‬‭the‬‭XML‬‭to‬‭the‬‭server‬‭using‬‭the‬‭POST‬‭method,‬‭which‬‭analyzes‬‭the‬‭method‬
‭and‬ ‭sends‬ ‭the‬ ‭result‬ ‭to‬ ‭the‬ ‭client.‬ ‭The‬ ‭server‬ ‭creates‬ ‭more‬ ‭XML‬ ‭consisting‬ ‭of‬

‬l
‭responses‬ ‭to‬ ‭the‬ ‭request‬ ‭of‬ ‭user‬ ‭interface‬ ‭using‬ ‭HTTP.‬ ‭The‬ ‭client‬ ‭can‬ ‭use‬ ‭any‬
‭approach‬ ‭to‬‭send‬‭the‬‭XML,‬‭like‬‭the‬‭SMTP‬‭server‬‭or‬‭POP3‬‭protocol‬‭to‬‭pass‬‭the‬
‭messages or reply to queries.‬

a
‭45.‬‭When to use SOAP API?‬

w
‭Use‬ ‭the‬ ‭SOAP‬ ‭API‬ ‭to‬ ‭create,‬ ‭retrieve,‬ ‭update‬ ‭or‬ ‭delete‬ ‭records,‬ ‭like‬ ‭accounts,‬

r
‭leads,‬ ‭and‬ ‭user-defined‬‭objects.‬‭With‬‭more‬‭than‬‭20‬‭different‬‭calls,‬‭you‬‭can‬‭also‬

a
‭use‬ ‭the‬ ‭SOAP‬ ‭API‬ ‭to‬ ‭manage‬ ‭passwords,‬ ‭perform‬ ‭searches,‬ ‭etc.‬ ‭by‬ ‭using‬ ‭the‬

g
‭SOAP API in any language that supports web services.‬

‭46.‬‭How users utilize the facilities provided by SOAP?‬

A
‭●‬ ‭PutAddress():‬ ‭It‬ ‭is‬ ‭used‬ ‭to‬ ‭enter‬ ‭an‬ ‭address‬‭in‬‭the‬‭webpage‬‭and‬‭has‬‭an‬‭address‬

l
‭instance on the SOAP call.‬

u
‭●‬ ‭PutListing():‬‭It‬‭is‬‭used‬‭to‬‭allow‬‭the‬‭insertion‬‭of‬‭a‬‭complete‬‭XML‬‭document‬‭into‬

h
‭the‬‭web‬‭page.‬‭It‬‭receives‬‭the‬‭XML‬‭file‬‭as‬‭an‬‭argument‬‭and‬‭transports‬‭the‬‭XML‬
‭file‬‭to‬‭XML‬‭parser‬‭liaison,‬‭which‬‭reads‬‭it‬‭and‬‭inserts‬‭it‬‭into‬‭the‬‭SOAP‬‭call‬‭as‬‭a‬

s
‭parameter.‬

n
‭●‬ ‭GetAddress():‬ ‭It‬ ‭is‬ ‭used‬ ‭to‬ ‭get‬ ‭a‬ ‭query‬ ‭name‬ ‭and‬ ‭gets‬ ‭the‬ ‭result‬ ‭that‬ ‭best‬
‭matches‬‭a‬‭query.‬‭The‬‭name‬‭is‬‭sent‬‭to‬‭the‬‭SOAP‬‭call‬‭in‬‭the‬‭form‬‭of‬‭text‬‭character‬

‭A
‭string.‬

‭●‬ ‭GetAllListing(): It is used to return the full list in an XML format.‬

‭47.‬‭What is the major obstacle users faced when using SOAP?‬

‭When‬ ‭using‬ ‭SOAP,‬ ‭users‬ ‭often‬ ‭see‬ ‭the‬ ‭firewall‬ ‭security‬ ‭mechanism‬ ‭as‬ ‭the‬
‭biggest‬‭obstacle.‬‭This‬‭block‬‭all‬‭the‬‭ports‬‭leaving‬‭few‬‭like‬‭HTTP‬‭port‬‭80‬‭and‬‭the‬
‭HTTP‬
 ‭https://www.linkedin.com/in/anshulagarwal30/‬

‭port‬ ‭used‬ ‭by‬ ‭SOAP‬ ‭that‬ ‭bypasses‬ ‭the‬‭firewall.‬‭The‬‭technical‬‭complaint‬‭against‬

‭SOAP‬ ‭is‬ ‭that‬ ‭it‬ ‭mixes‬ ‭the‬ ‭specification‬ ‭for‬ ‭message‬ ‭transport‬ ‭with‬ ‭the‬
‭specification for message structure.‬

‬l
‭48.‬ ‭What are the various approaches available for developing SOAP‬
‭based web services?‬

a
‭There are two different methods available for developing SOAP-based web‬

w
‭services, which are explained below:‬

r
‭●‬ ‭Contract-first approach: the contract is first defined by XML and WSDL, and‬
‭then Java classes are derived from the contract.‬

a
‭●‬ ‭Contract-last approach: Java classes are first defined, and then the contract is‬

g
‭generated, which is normally the WSDL file from the Java class.‬

A
‭“Contract-first” method is the most popular approach.‬

l
‭49.‬‭What are the elements of a SOAP message structure?‬

u
‭It is a common XML document that contains the elements as a SOAP message‬

h
‭Envelope: It is an obligatory root element that translates the XML document and‬
‭defines the beginning and end of the message.‬

s
‭Header: It is an optional item which contains information about the message‬

n
‭being sent.‬

‭A
‭Body: It contains the XML data comprising the message being sent.‬

‭Fault: It provides the information on errors that occurred while during message‬
‭processing.‬

‭50.‬‭What are the syntax rules for a SOAP message?‬

‭●‬ ‭Must use encoded XML‬

 ‭https://www.linkedin.com/in/anshulagarwal30/‬

‭●‬ ‭Envelope namespace must be used‬

‭●‬ ‭Encoding namespace must be used‬

‭●‬ ‭Must not consist of a DTD reference‬

‬l
‭●‬ ‭Must not have XML processing instruction‬

a
‭51.‬‭What is the transport method in SOAP?‬

w
‭Application‬ ‭layer‬ ‭and‬ ‭transport‬ ‭layers‬ ‭of‬ ‭a‬ ‭network‬ ‭are‬ ‭used‬ ‭by‬ ‭SOAP;‬‭HTTP‬
‭and‬ ‭SMTP‬ ‭are‬ ‭the‬ ‭valid‬ ‭protocol‬ ‭of‬ ‭the‬ ‭application‬ ‭layer‬ ‭used‬ ‭as‬‭the‬‭transport‬

r
‭for‬ ‭SOAP.‬ ‭HTTP‬ ‭is‬ ‭more‬ ‭preferable,‬ ‭since‬ ‭it‬ ‭works‬ ‭well‬ ‭with‬ ‭the‬ ‭current‬

a
‭Internet infrastructure,‬ ‭in‬ ‭particular‬ ‭with‬

g
‭firewalls.‬ ‭The‬ ‭SOAP‬ ‭requests‬ ‭can‬ ‭be‬ ‭sent‬ ‭using‬ ‭an‬ ‭HTTP‬ ‭GET‬ ‭method‬ ‭while‬
‭the specification only contains details about HTTP POST.‬

A
‭52.‬‭What are some important characteristics of a SOAP envelope element?‬

l
‭●‬ ‭SOAP message has a root Envelope element‬

u
‭●‬ ‭Envelope is an obligatory part of the SOAP message.‬

h
‭●‬ ‭If an envelope includes a header element, it should not contain more than one.‬

s
‭●‬ ‭Envelope version will change if the SOAP version changes.‬

n
‭●‬ ‭The SOAP envelope is indicated by the prefix ENV and the envelope element.‬

‭●‬ ‭The optional SOAP encoding is also specified using a namespace and the‬

‭A
‭optional encoding style element.‬

‭53.‬‭What are the major functionalities provided by the SOAP protocol class?‬

‭The‬ ‭SOAP‬ ‭protocol‬ ‭is‬ ‭used‬ ‭to‬ ‭provide‬ ‭simple‬ ‭access‬ ‭methods‬ ‭for‬ ‭all‬ ‭the‬
‭applications available on the Internet, providing the following functionalities:‬
 ‭https://www.linkedin.com/in/anshulagarwal30/‬

‭●‬ ‭Call‬‭:‬ ‭A‬ ‭class‬ ‭which‬ ‭provides‬ ‭the‬ ‭main‬ ‭functionality‬ ‭for‬ ‭a‬ ‭remote‬ ‭method‬ ‭for‬
‭which‬‭a‬‭call‬‭is‬‭needed.‬‭It‬‭is‬‭used‬‭to‬‭create‬‭the‬‭call()‬‭and‬‭to‬‭specify‬‭the‬‭encoding‬
‭style‬‭of‬‭the‬‭registry‬‭that‬‭will‬‭be‬‭assigned‬‭when‬‭if‬‭necessary.‬‭This‬‭call()‬‭function‬

‬l
‭is used by the RPC call, which represents the options of the call object.‬

‭●‬ ‭Deployment‬ ‭Descriptor‬‭:‬ ‭A‬ ‭class‬ ‭used‬ ‭to‬ ‭provide‬ ‭the‬ ‭information‬ ‭about‬ ‭the‬

a
‭SOAP‬ ‭services.‬ ‭It‬ ‭enables‬ ‭easy‬ ‭deployment‬ ‭without‬ ‭the‬ ‭need‬ ‭for‬ ‭other‬
‭approaches.‬

w
‭●‬ ‭DOM2‬ ‭Writer‬‭:‬ ‭A‬ ‭class‬ ‭that‬ ‭serializes‬ ‭and‬ ‭uses‬ ‭DOM‬ ‭node‬ ‭as‬ ‭XML‬ ‭string‬ ‭to‬

r
‭provide more functionalities.‬

a
‭●‬ ‭RPC‬‭Message‬‭:‬‭A‬‭class‬‭used‬‭as‬‭the‬‭base‬‭class‬‭that‬‭calls‬‭and‬‭replies‬‭to‬‭the‬‭request‬

g
‭submitted to the server.‬

‭●‬ ‭Service Manager‬‭: A class that provides, lists and‬‭then outputs all SOAP services.‬

A
‭54.‬‭What are the web relation functionalities provided by SOAP protocol?‬

l
‭●‬ ‭HTTPUtils‬‭: This provides the functionality of the‬‭POST method to safely meet‬

u
‭the requirements.‬

h
‭●‬ ‭Parameter‬‭: It is an argument for an RPC call used‬‭by both the client and the‬

s
‭server.‬

n
‭●‬ ‭Response‬‭: It is an object that represents an RPC reply‬‭from both client and‬
‭server, but the result will not be displayed until after the method call.‬

‭A
‭●‬ ‭TCPTunnel‬‭: It is an object that provides the ability‬‭to listen on a specific port‬
‭and to forward all the host and port names.‬

‭●‬ ‭TypeConverter‬‭: It helps to convert an object of one‬‭type into another type and‬
‭this is called using the class in the form object.‬

‭55.‬ ‭How does the message security model allow the creation of SOAP‬
‭more secure to use?‬
 ‭https://www.linkedin.com/in/anshulagarwal30/‬

‭The‬ ‭security‬ ‭model‬ ‭includes‬ ‭the‬ ‭given‬ ‭security‬ ‭tokens.‬ ‭These‬ ‭tokens‬ ‭comprise‬
‭digital‬‭signatures‬‭for‬‭protection‬‭and‬‭authentication‬‭of‬‭SOAP‬‭messages.‬‭Security‬
‭tokens‬ ‭can‬ ‭be‬ ‭used‬ ‭to‬ ‭provide‬ ‭the‬ ‭bond‬ ‭between‬ ‭authentication‬‭secrets‬‭or‬‭keys‬

‬l
‭and security identities. Security token uses the authentication protocols and an‬
‭X.509‬ ‭certificate‬ ‭to‬ ‭define‬ ‭the‬ ‭relationship‬‭between‬‭the‬‭public‬‭key‬‭and‬‭identity‬
‭key.‬ ‭The‬ ‭signatures‬ ‭are‬ ‭used‬ ‭to‬ ‭verify‬ ‭the‬ ‭messages‬ ‭and‬ ‭their‬ ‭origin,‬ ‭generate‬

a
‭knowledge‬‭to‬‭confirm‬‭the‬‭security‬‭tokens‬‭to‬‭bind‬‭the‬‭identity‬‭of‬‭a‬‭person‬‭to‬‭the‬

w
‭identity‬ ‭of‬ ‭the‬ ‭originator.‬ ‭Security‬ ‭model‬ ‭prevents‬ ‭different‬ ‭attacks‬ ‭and‬ ‭can‬‭be‬
‭used to protect the SOAP architecture.‬

a r
‭56.‬ ‭What‬ ‭is‬ ‭the‬ ‭difference‬ ‭between‬ ‭top‬ ‭down‬ ‭&‬ ‭bottom‬ ‭up‬ ‭approach‬ ‭in‬
‭SOAP Web services?‬

g
‭●‬ ‭Top‬ ‭down‬ ‭SOAP‬ ‭Web‬ ‭services‬ ‭include‬ ‭creating‬ ‭WSDL‬ ‭document‬ ‭to‬ ‭create‬ ‭a‬

A
‭contract‬ ‭between‬ ‭the‬ ‭web‬ ‭service‬ ‭and‬ ‭the‬ ‭client,‬ ‭with‬ ‭a‬ ‭required‬ ‭code‬ ‭as‬ ‭an‬
‭option.‬‭This‬‭is‬‭also‬‭known‬‭as‬‭Contract-first‬‭approach.‬‭The‬‭top-down‬‭approach‬‭is‬

l
‭difficult‬ ‭to‬ ‭implement‬ ‭because‬ ‭classes‬ ‭must‬ ‭be‬ ‭written‬ ‭to‬ ‭confirm‬ ‭the‬ ‭contract‬

u
‭defined‬ ‭in‬ ‭WSDL.‬ ‭One‬ ‭of‬ ‭the‬ ‭benefits‬ ‭of‬ ‭this‬ ‭method‬ ‭is‬ ‭that‬ ‭both‬ ‭client‬ ‭and‬
‭server code can be written in parallel.‬

h
‭●‬ ‭Bottom‬ ‭up‬ ‭SOAP‬ ‭web‬ ‭services‬ ‭require‬ ‭the‬ ‭code‬ ‭to‬ ‭be‬ ‭written‬ ‭first‬ ‭and‬ ‭then‬

s
‭WSDL‬‭is‬‭generated.‬‭It‬‭is‬‭also‬‭known‬‭as‬‭Contract-last‬‭approach.‬‭Since‬‭WSDL‬‭is‬

n
‭created‬ ‭based‬ ‭on‬‭the‬‭code,‬‭bottom-up‬‭approach‬‭is‬‭easy‬‭to‬‭implement‬‭and‬‭client‬
‭codes must wait for WSDL from the server side to start working.‬

‭A
‭57.‬‭What are advantages of SOAP?‬

‭●‬ ‭SOAP is both platform and language independent.‬

‭●‬ ‭SOAP‬ ‭separates‬ ‭the‬ ‭encoding‬ ‭and‬ ‭communications‬ ‭protocol‬ ‭from‬ ‭the‬ ‭runtime‬
‭environment.‬
 ‭https://www.linkedin.com/in/anshulagarwal30/‬

‭●‬ ‭Web service can retrieve or receive a SOAP user data from a remote service,‬
‭and the source’s platform information is completely independent of each other.‬

‭●‬ ‭Everything can generate XML, from Perl scripts through C++ code to J2EE app‬

‬l
‭servers.‬

‭●‬ ‭It uses XML to send and receive messages.‬

a
‭●‬ ‭It uses standard internet HTTP protocol.‬

w
‭●‬ ‭SOAP‬‭runs‬‭over‬‭HTTP;‬‭it‬‭eliminates‬‭firewall‬‭problems.‬‭When‬‭protocol‬‭HTTP‬‭is‬

r
‭used‬ ‭as‬ ‭the‬ ‭protocol‬ ‭binding,‬ ‭an‬ ‭RPC‬ ‭call‬ ‭will‬ ‭be‬‭automatically‬‭assigned‬‭to‬‭an‬
‭HTTP request, and the RPC response will be assigned to an HTTP reply.‬

a
‭●‬ ‭Compared to RMI, CORBA and DCOM, SOAP is very easy to use.‬

g
‭●‬ ‭SOAP‬‭acts‬‭as‬‭a‬‭protocol‬‭to‬‭move‬‭information‬‭in‬‭a‬‭distributed‬‭and‬‭decentralized‬

A
‭environment.‬

‭●‬ ‭SOAP‬ ‭is‬ ‭independent‬ ‭of‬ ‭the‬ ‭transport‬ ‭protocol‬ ‭and‬ ‭can‬ ‭be‬ ‭used‬ ‭to‬ ‭coordinate‬

l
‭different protocols.‬

u
‭58.‬‭What are disadvantages of SOAP?‬

h
‭SOAP‬ ‭is‬ ‭typically‬ ‭significantly‬ ‭slower‬ ‭than‬ ‭other‬ ‭types‬ ‭of‬ ‭middleware‬

s
‭standards,‬ ‭including‬ ‭CORBA,‬ ‭because‬ ‭SOAP‬ ‭uses‬ ‭a‬ ‭detailed‬ ‭XML‬ ‭format.‬ ‭A‬

n
‭complete‬ ‭understanding‬ ‭of‬ ‭the‬ ‭performance‬ ‭limitations‬ ‭before‬ ‭building‬
‭applications around SOAP is hence required.‬

‭A
‭SOAP‬‭is‬‭usually‬‭limited‬‭to‬‭pooling‬‭and‬‭not‬‭to‬‭event‬‭notifications‬‭when‬‭HTTP‬‭is‬
‭used‬ ‭for‬ ‭the‬ ‭transport.‬ ‭In‬ ‭addition,‬ ‭only‬ ‭one‬ ‭client‬ ‭can‬ ‭use‬ ‭the‬ ‭services‬ ‭of‬ ‭one‬
‭server in typical situations.‬

‭If‬ ‭HTTP‬ ‭is‬ ‭used‬ ‭as‬‭the‬‭transport‬‭protocol,‬‭firewall‬‭latency‬‭usually‬‭occurs‬‭since‬

‭the‬ ‭firewall‬ ‭analyzes‬ ‭the‬ ‭HTTP‬ ‭transport.‬ ‭This‬ ‭is‬ ‭because‬ ‭HTTP‬ ‭is‬ ‭also‬
‭leveraged‬
 ‭https://www.linkedin.com/in/anshulagarwal30/‬

‭for‬ ‭Web‬ ‭browsing,‬ ‭and‬ ‭so‬ ‭many‬ ‭firewalls‬ ‭do‬ ‭not‬ ‭understand‬ ‭the‬ ‭difference‬
‭between using HTTP within a web browser and using HTTP within SOAP.‬

‭SOAP‬ ‭has‬ ‭different‬ ‭support‬ ‭levels,‬ ‭depending‬ ‭on‬ ‭the‬ ‭supported‬ ‭programming‬

‬l
‭language.‬ ‭For‬ ‭instance,‬‭SOAP‬‭supported‬‭in‬‭Python‬‭and‬‭PHP‬‭is‬‭not‬‭as‬‭powerful‬
‭as it is in Java and .NET‬

a
‭59.‬‭SOAP or Rest APIs, which method to use?‬

w
‭SOAP‬ ‭is‬ ‭the‬ ‭heavyweight‬ ‭choice‬ ‭for‬ ‭Web‬ ‭service‬ ‭access.‬ ‭It‬ ‭provides‬ ‭the‬

r
‭following advantages when compared to REST:‬

a
‭●‬ ‭SOAP is not very easy to implement and requires more bandwidth and resources.‬

g
‭●‬ ‭SOAP message request is processed slower as compared to REST and it does‬
‭not use web caching mechanism.‬

A
‭●‬ ‭WS-Security: While SOAP supports SSL (just like REST) it also supports WS-‬

l
‭Security which adds some enterprise security features.‬

u
‭●‬ ‭WS-AtomicTransaction: Need ACID Transactions over a service, you’re going‬

h
‭to need SOAP.‬

s
‭●‬ ‭WS-ReliableMessaging:‬‭If‬‭your‬‭application‬‭needs‬‭Asynchronous‬‭processing‬‭and‬
‭a‬ ‭guaranteed‬ ‭level‬ ‭of‬ ‭reliability‬ ‭and‬ ‭security.‬ ‭Rest‬ ‭doesn’t‬ ‭have‬ ‭a‬ ‭standard‬

n
‭messaging‬ ‭system‬ ‭and‬ ‭expects‬ ‭clients‬ ‭to‬ ‭deal‬ ‭with‬ ‭communication‬ ‭failures‬ ‭by‬
‭retrying.‬

‭A
‭●‬ ‭If‬ ‭the‬ ‭security‬ ‭is‬ ‭a‬ ‭major‬ ‭concern‬ ‭and‬ ‭the‬ ‭resources‬ ‭are‬ ‭not‬ ‭limited‬ ‭then‬ ‭we‬
‭should‬ ‭use‬ ‭SOAP‬ ‭web‬ ‭services.‬ ‭Like‬ ‭if‬ ‭we‬ ‭are‬ ‭creating‬ ‭a‬ ‭web‬ ‭service‬ ‭for‬
‭payment‬ ‭gateways,‬ ‭financial‬ ‭and‬ ‭telecommunication‬ ‭related‬ ‭work,‬ ‭then‬ ‭we‬
‭should go with SOAP as here high security is needed.‬
 ‭https://www.linkedin.com/in/anshulagarwal30/‬

‭REST is easier to use for the most part and is more flexible. It has the following‬
‭advantages when compared to SOAP:‬

‭●‬ ‭Since REST uses standard HTTP, it is much simpler.‬

‬l
‭●‬ ‭REST is easier to implement, requires less bandwidth and resources.‬

‭●‬ ‭REST permits many different data formats whereas SOAP only permits XML.‬

a
‭●‬ ‭REST allows better support for browser clients due to its support for JSON.‬

w
‭●‬ ‭REST‬‭has‬‭better‬‭performance‬‭and‬‭scalability.‬‭REST‬‭reads‬‭can‬‭be‬‭cached,‬‭SOAP‬

r
‭based reads cannot be cached.‬

a
‭●‬ ‭If‬‭security‬‭is‬‭not‬‭a‬‭major‬‭concern‬‭and‬‭we‬‭have‬‭limited‬‭resources.‬‭Or‬‭we‬‭want‬‭to‬

g
‭create‬ ‭an‬ ‭API‬ ‭that‬ ‭will‬ ‭be‬ ‭easily‬ ‭used‬ ‭by‬ ‭other‬ ‭developers‬ ‭publicly‬ ‭then‬ ‭we‬
‭should go with REST.‬

A
‭●‬ ‭If we need Stateless CRUD operations then go with REST.‬

l
‭●‬ ‭REST‬ ‭is‬‭commonly‬‭used‬‭in‬‭social‬‭media,‬‭web‬‭chat,‬‭mobile‬‭services‬‭and‬‭Public‬
‭APIs like Google Maps.‬

u
‭●‬ ‭RESTful‬ ‭service‬ ‭returns‬ ‭various‬ ‭MediaTypes‬ ‭for‬‭the‬‭same‬‭resource,‬‭depending‬

h
‭on‬‭the‬‭request‬‭header‬‭parameter‬‭“Accept”‬‭as‬‭application/xml‬‭or‬‭application/json‬

s
‭for POST and /user/1234.json or GET /user/1234.xml for GET.‬

n
‭●‬ ‭REST‬ ‭services‬ ‭are‬‭meant‬‭to‬‭be‬‭called‬‭by‬‭the‬‭client-side‬‭application‬‭and‬‭not‬‭the‬
‭end user directly.‬

‭A
‭●‬ ‭ST‬‭in‬‭REST‬‭comes‬‭from‬‭State‬‭Transfer.‬‭You‬‭transfer‬‭the‬‭state‬‭around‬‭instead‬‭of‬
‭having the server store it, this makes REST services scalable.‬

‭60.‬ ‭What are the factors that help to decide which style of Web services –‬
‭SOAP or REST – to use?‬
 ‭https://www.linkedin.com/in/anshulagarwal30/‬

‭Generally, REST is preferred due to its simplicity, performance, scalability, and‬

‭support for multiple data formats.‬

‭However, SOAP is favorable to use where service requires an advanced level of‬

‬l
‭security and transactional reliability.‬

‭But you can read the following facts before opting for any of the styles.‬

‭●‬ ‭Does the service expose data or business logic?‬‭REST‬‭is commonly used for‬
‭exposing data while SOAP for logic.‬

w a
r
‭●‬ ‭The requirement from clients or providers for a formal contract‬‭.‬‭SOAP can‬

a
‭provide contract via WSDL.‬

g
‭●‬ ‭Support multiple data formats‬‭.‬

A
‭●‬ ‭Support for AJAX calls.‬‭REST can apply the XMLHttpRequest.‬

‭●‬ ‭Synchronous‬ ‭and‬ ‭asynchronous‬ ‭calls.‬‭SOAP‬ ‭enables‬ ‭both‬ ‭synchronous/‬

l
‭asynchronous operations whereas REST has built-in support for synchronous.‬

u
‭●‬ ‭Stateless or Stateful calls.‬‭REST is suited for stateless‬‭operations.‬

h
‭●‬ ‭Security.‬‭SOAP provides a high level of security.‬

s
‭●‬ ‭Transaction support.‬‭SOAP is good at transaction management.‬

n
‭●‬ ‭Limited‬ ‭bandwidth‬‭.‬ ‭SOAP‬ ‭has‬ ‭a‬ ‭lot‬ ‭of‬ ‭overhead‬ ‭when‬ ‭sending/receiving‬
‭packets‬ ‭since‬ ‭it’s‬ ‭XML‬ ‭based,‬ ‭requires‬ ‭a‬ ‭SOAP‬ ‭header.‬ ‭However,‬ ‭REST‬

‭A
‭requires‬ ‭less‬ ‭bandwidth‬ ‭to‬ ‭send‬ ‭requests‬ ‭to‬ ‭the‬ ‭server.‬ ‭Its‬‭messages‬‭are‬‭mostly‬
‭built using JSON.‬

‭●‬ ‭Ease of use‬‭.‬‭REST based application is easy to implement,‬‭test, and maintain.‬