Interview Questions and Answers

An API, or application programming interface, is a software-to-software interface that permits communication and data sharing between otherwise independent applications. All data is regarded as resources in a REST API, and each resource is identified by a distinct standard resource identifier (URI).

Representational State Transfer is referred to as REST.

RESTful web services, which adhere to the REST architecture, are another name for REST API.

The following distinguishing characteristics of RESTful online services:

• server-client decoupling
• communication assistance
• thin, uniform interface
• stateless
• layered approach
• cacheable
• on-demand code

When a REST client wishes to send a request to the server using a REST API web service, they can do so using an HTTP application form, and the server is no different. In REST, this type of communication is known as messaging.

Addressing is the term used to describe how RESTful web services locate different sorts of resources using a URL on the REST server. Resources typically address a single or a number of resources.

Duplicate calls on the client side are known to result in problems since idempotent techniques are known to provide the same result even after the identical request has been submitted many times.

Tools like Swagger and Postman, which allow users to examine query parameters, headers, and response headers, as well as document endpoints and convert them to XML and JSON, can be used to test RESTful web services.

In RESTful web services, payloads are the request data sent via the POST or GET or PUT or DELETE technique and located in the message's body of an HTTP request.

REST APIs employ the HTTP protocol for client communication, whereas other protocols are used elsewhere.

Extensible Markup Language (XML) and JSON are used to represent the resources in REST APIs or JavaScript Object Notation.

POST Approach:

• On the server, a resource can be created with POST.
• POST lacks idempotence which means non-idempotent.
• Responses from POST are cacheable.

PUT Approach:

• A resource at a certain URI can be changed to another resource using the PUT command.
• PUT is idempotent, meaning that no matter how many times it is called, only one resource will be produced.
• Responses from PUT are not.

• Weather apps use public REST APIs to communicate related data and display weather information.
• Airlines use APIs to disclose flight information to ticketing and travel websites for commercial usage.
• APIs are used by public transit providers to publish their data online and make it instantly accessible to mapping and navigation apps.

• Both the client and the server should have no trouble understanding it.
• Regardless of the layout of the format, it should be comprehensive.
• It should take into account how the resources are connected to one another and handle them carefully.

• Resources
• Demand 
• Headers
• Status codes
• Request Body
• Response Body

The architectural design used to create web APIs is

• Client-server communication via HTTP
• As a formatting language, XML/JSON
• Simple URI is used as the services' address.
• Stateless interaction

Unified resource identifier is referred to as a URI. A URI in REST is a string which designates a web server's resource. Each resource has a distinct URI that, when used in a Http response, enables clients to target it and do actions on it. Addressing is the process of directing traffic to a resource using its URI.

In the HTTP requests, the term "payload" refers to data in the content of the HTTP request and/or response messages.

RESTful APIs can be tested using a variety of software tools, including JMeter, Katalon and PostmanStudio. Sending numerous calls from the testing tool and watching how your API reacts are often steps in the testing process. You can quickly run numerous different scenarios thanks to the capability for automated testing provided by various testing solutions.

The core idea behind Restful architecture is resource. A resource is a thing that:

• a kind, connection to other resources, and techniques that use it.

Resources are labeled as:

• their URI, the HTTP methods they accept, the type of data in the request and response, and the data format.

Uniform Resource Identifier is what URI stands for. In a REST architecture, a URI identifies each resource. Locating a resource or resources on the server hosting the web service is the purpose of a URI.

A few HTTP response status codes:

• Code 200: success.
• Code 201:resource has been successfully created. 
• Code 204: no content in the response body.
• Code 404: no method available.
• Code 500: Internal server error.

These are the standard codes that refer to the predefined status of the task at the server. Following are the status codes formats available:

• 1xx - represents informational responses
• 2xx - represents successful responses
• 3xx - represents redirects
• 4xx - represents client errors
• 5xx - represents server errors

HTTP Methods are also known as HTTP Verbs. They form a major portion of uniform interface restriction followed by the REST that specifies what action has to be followed to get the requested resource. Below are some examples of HTTP Methods:

• GET: This is used for fetching details from the server and is basically a read-only operation.
• POST: This method is used for the creation of new resources on the server.
• PUT: This method is used to update the old/existing resource on the server or to replace the resource.
• DELETE: This method is used to delete the resource on the server.
• PATCH: This is used for modifying the resource on the server.
• OPTIONS: This fetches the list of supported options of resources present on the server.

The POST, GET, PUT, DELETE corresponds to the create, read, update, delete operations which are most commonly called CRUD Operations.

In REST, any HTTP Request has 5 main components, they are:

• Method/Verb − This part tells what methods the request operation represents. Methods like GET, PUT, POST, DELETE, etc are some examples.
• URI − This part is used for uniquely identifying the resources on the server.
• HTTP Version − This part indicates what version of HTTP protocol you are using. An example can be HTTP v1.1.
• Request Header − This part has the details of the request metadata such as client type, the content format supported, message format, cache settings, etc.
• Request Body − This part represents the actual message content to be sent to the server.

HTTP Response has 4 components:

• Response Status Code − This represents the server response status code for the requested resource. Example- 400 represents a client-side error, 200 represents a successful response.
• HTTP Version − Indicates the HTTP protocol version.
• Response Header − This part has the metadata of the response message. Data can describe what is the content length, content type, response date, what is server type, etc.
• Response Body − This part contains what is the actual resource/message returned from the server.

Addressing is the process of locating a single/multiple resources that are present on the server. This task is accomplished by making use of URI (Uniform Resource Identifier). The general format of URI is:

<protocol>://<application-name>/<type-of-resource>/<id-of-resource>

Due to their statelessness, which prevents them from storing data from the server even since they are requested, REST services are scalable.

There isn't, theoretically, a cap on the size of the payload that can be transmitted via POST methods. Larger payloads, however, may require more bandwidth. As a result, processing the request by the server can take longer.

In order to quickly obtain a server answer in the future, REST API maintains a copy of the response in a specific region of computer memory. Catching is the term for this brief technique.

REST(Representational State Transfer): 

• It is a web service development architectural design pattern.
• It is more cacheable and speedier in speed.
• It just takes on the protocol-specific security measures that have been put in place.

SOAP (Simple Object Access Protocol): 

• It is a stringent protocol that is used to provide safe APIs.\
• It is not cacheable and moves more slowly.
• It can specify its own security precautions.

For more differences please check here: REST vs SOAP

Statelessness is an advantage of REST, but it can also be a drawback.

State is not preserved through REST. In those other words, the server doesn't save a history of previous communications. If maintaining state is required, the client is responsible for doing so.

Developers must exercise caution and only use APIs from reliable, authentic providers as REST has less stringent security controls than SOAP. REST is therefore a bad choice for transmitting private data among servers and clients.

REST has a number of important features, including

• Because REST is stateless, the SERVER has had no state or session data
• The server might be resumed in between calls thanks to a well-implemented REST API because all data is sent to the server.
• While REST uses GET to access services, web services often employ POST to carry out tasks.

The Web API's Media type formatter includes:

• The foundation class used to handle serializing and deserializing solid objects is called MediaTypeFormatter.
• BufferedMediaTypeFormatter is an utility class that enables asynchronous formatters on top of the infrastructure for asynchronous formatters.

• Because the client side does not supply a specific session id for it, RESTful web services are transient and do not keep session simulation responsibility.
• Inherently, REST is unable to enforce the security limitation. However, by putting protocols in place, it inherits them. To improve the security of the REST APIs, SSL/TLS authentication integration must be done with great care.

Sensitive information such as user id, password, or verification token should not be visible in URIs. REST APIs can be kept secure with the help of security initiatives including such authorization and authorization, API server affirmation, TLs/SSL encryption, rate-limiting for DDoS attacks, and more.

It is an HTTP protocol used to retrieve the HTTP operations or options that are supported and assist clients in selecting choices in REST APIs. CORS, or Cross-Origin Resource Sharing, employs the REST option approach.

In contrast to RPC-style web services, document-style web services allow us to send an XML document as part of a SOAP request.

The application where a document-style web service is most suitable is one where an XML message behaves like a document, the content of which is subject to change, and the purpose of the web service is independent of the contents of XML messages.

Both JAX-WS and JAX-RS are frameworks (APIs) that allow for different types of communication in Java. A library called JAX-WS can then be used to do SOAP communications in Java, whereas JAX-RS enables REST communication.

There are various web service testing tools for REST APIs.

• MVC Jersey API
• Spring REST web service
• CXF Axis 
• Restlet

• Clients: Requests are sent by numerous users using various devices.
• Identity providers: They verify the identities of users or customers and provide security tokens.
• API Gateway: Client requests are handled via API Gateway.
• Static: All of the system's material is contained in static content.
• Management: Determines failures and balances services across nodes.
• Service discovery: A tool for determining the path of communication among microservices is called service discovery.
• CDN: Network connection of proxy servers and associated data centers is called a content delivery network(CDN).
• Information: Information stored on a network of IT devices can be accessed remotely with the help of a remote service.

The following are crucial considerations while creating a resource's representation format for a RESTful web service:

• Understanding and use of the resource's representation format should be possible for both the server and the client.
• Completeness A format ought to be able to accurately depict a resource. A resource could contain another resource, for instance. Format ought to be able to depict both straightforward and intricate resource structures.
• Linkability is a format that needs to be able to handle situations where one resource links to another.

A RESTful web service should not maintain a client state on the server in accordance with REST design. Statelessness is the term for this limitation. The client must transmit its context to the server, which can then store it and use it to perform the client's subsequent requests. For instance, the session identifier given by the client can be used to identify a server-maintained session.

• With a monolithic architecture, all the software parts of a program are put together and neatly wrapped in one large container.
• A group of services that communicate with one another is referred to as a service-oriented architecture. Simple data exchange or the coordination of an action between two or even more services are both possible forms of communication.
• Microservices Architecture is a type of architectural design that organizes an application as a group of tiny, independent services based on a business domain.

Because GraphQL hides your microservices architecture from the customers, it works perfectly with microservices. From the front end, you want all the data to come from a small API, while from the back end, you want to divide it into microservices. The best technique I'm aware of to do both is by using GraphQL. It enables you to divide the backend into microservices while still giving each application a single API and enabling joins across data from various services.