Google News
logo
API Testing Interview Questions
API (Application Programming Interface) helps in communication and data exchange between two software systems. API is a collection of functions which can be executed by another software program.
 
Let us now understand how an API works. When you use an application on your smartphone, the application connects to the Internet. It sends data to a server. The server will retrieve that data, interpret it, and perform the required actions. Then it sends it back to your phone. The application interprets that data and provides you with the information in a readable way without exposing the internal details.
 
Examples of API :
 
Google maps API
Amazon API
Twitter API
Third-party payment processing etc,.
API testing is a type of software testing that involves testing APIs directly. API is a part of integration testing to check whether the API meets expectations in terms of functionality, reliability, performance, and security of applications. Multiple API system can performed API testing. In API testing, our primary focus is on Business Logic Layer of the software architecture.
There are various types of API testing they are following :
* Unit Testing
* Load Testing
* Security Testing
* UI Testing
* Functional Testing
* Fuzz Testing
* Penetration Testing (Pen Test)
* Interoperability and WS compliance Testing.
* All Web services are APIs but not all APIs are Web services.
* Web services might not contain all the specifications and cannot perform all the tasks that APIs would perform.
* A Web service uses only three styles of use: SOAP, REST and XML-RPC for communication whereas API may be exposed to in multiple ways.
* A Web service always needs a network to operate while APIs don’t need a network for operation.
Protocols used in API testing are :
 
* HTTP
* REST
* SOAP
* JMS
* UDDI
Here, are the seven principles of API test design.
 
Exhaustive Testing : Exhaustive testing is not possible. Instead we need optimal amount of testing which is based on the risk assessment of the application.

Defect Clustering : Defect Clustering states that a small number of modules contain the most of the defect detected. Approximately 80% of the defect found in 20% of the modules. By experience we can identify such risky modules. But this approach has its own problems. If the same tests are repeated over and over again, eventually the same test case will no longer find new bugs.

Pesticide Paradox : Testers cannot depend on existing technique. They must have to look continually to improve the existing method to make testing more effective. But even all these hard work in testing we can never claim our product is bug free. To overcome this, test cases need to be regularly reviewed and revised add new and different test cases to help find more defects.

Testing shows presence of defects : Testing principle states that- testing talks about the presence of defects not about the absence of defect. Software testing reduces the probability of undiscovered defects remaining in the software but even if no defects found, it is not a proof of correctness.

But if we work hard, taking all precautions and make our software products 99% bug free. The software does not meet the needs and requirements of the client.

Absence of error -fallacy : This can be possible the software which is 99% bug free is still unusable. The case can be if the system is tested for the wrong requirement. Software testing is not finding the defects but also to check that software addresses the business needs. The absence of error is fallacy i.e. finding and fixing defects does not help if the system build is unusable and doesn't fulfill the user's needs and requirements.

Early Testing : Testing should start as soon as possible in the software development lifecycle. So that defects in the requirement or design phase captured in the early stages. It is cheaper to fix defect in the early stages of testing. We should start finding the bug at the moment the requirements are defined.

Testing is context dependent : Testing is context dependent that we test an e-commerce site will be different from the way we test the commercial. All the developed software's are not identical. We will use different methodology; techniques and type of testing depend on the application type.
The most popularly used tool in the market is PostMan. This tool helps to create manual and automated test cases for testing the APIs in a well-designed manner. Apart from this, there are different tools like JMeter, Parasoft SOAtest, SoapUI, Apigee, API fortress, JUnit, etc.
Bellows are four common Web API architectural styles :
 
* HTTP for client-server communication
* XML/JSON as formatting language
* Simple URI as the address for the services
* Stateless communication
Web API can be consumed by any clients which support HTTP verbs such as GET, PUT, DELETE, POST. Since Web API services do not require configuration, they can be easily used by any client. In fact, even portable devices such as mobile devices can easily use Web API, which is undoubtedly the biggest advantage of this technology.
Test for Core Functionality : API testing provides access to the application without a user interface. The core and code-level of functionalities of the application will be tested and evaluated early before the GUI tests. This will help detect the minor issues which can become bigger during the GUI testing.

Time Effective : API testing usually is less time consuming than functional GUI testing. The web elements in GUI testing must be polled, which makes the testing process slower. Particularly, API test automation requires less code so it can provide better and faster test coverage compared to GUI test automation. These will result in the cost saving for the testing project.

Language-Independent : In API testing, data is exchanged using XML or JSON. These transfer modes are completely language-independent, allowing users to select any code language when adopting automation testing services for the project.

Easy Integration with GUI : API tests enable highly integrable tests, which is particularly useful if you want to perform functional GUI tests after API testing. For instance, simple integration would allow new user accounts to be created within the application before a GUI test started.