Whether you’re a current or aspiring web developer, you should be familiar with APIs and how they work, especially REST APIs. REST APIs are the most common approach to building web APIs, web services, and microservices — if you’ve worked with any software integration, you’ve likely interacted with a REST API. And if you’re interviewing for a new web developer position, there’s a good chance you’ll be asked about them. In this post, we’ll cover 25 common REST API questions you should know how to answer before your next interview, including some broad questions and others that may require more in-depth, technical responses. Let’s get started. Answer: REST stands for Representational State Transfer, and is an architectural style based on the Hypertext Transfer Protocol (HTTP) for developing web-based applications. REST outlines several guidelines that web services must follow to be considered RESTful. These guidelines ensure that requests and resources are sent easily and efficiently between client and server using standardized HTTP methods. Answer: An application programming interface is a software-to-software interface that allows otherwise separate applications to interact and share data. For example, a news website could leverage the Twitter API to automatically find relevant tweets and include them in news articles. A REST API, also called a RESTful API, is an API that follows REST principles. In a REST API, all data are treated as resources, each one represented by a unique uniform resource identifier (URI). For example, the Twitter API makes each tweet an available resource that can be retrieved by clients. Clients can also use Twitter’s API to post tweets and perform other actions on the site. For a more detailed explanation, check out this video from IBM: Answer: REST APIs must adhere to five requirements: Additionally, REST includes one optional condition: Answer: Statelessness is one of the key principles of REST architecture. In stateless communication, the server does not store any information about previous communications. In other words, the client and server do not know each other’s state. Every request and response is a new interaction, and each request includes everything the server needs to give a successful response. Statelessness simplifies client-server interactions because the server does not rely on past requests to process future requests, and thus does not need to consume space and resources storing data from these requests. Answer: REST APIs use the HTTP protocol to communicate with clients. This allows REST APIs to be easily deployed over the internet, since HTTP is the same protocol that is used to deliver web pages to client browsers. Answer: In REST APIs, XML (extensible markup language) and JSON (JavaScript Object Notation) are the two most common languages for representing resources. Answer: An HTTP request method indicates which action the client wants the API to perform on a resource. The four primary HTTP request methods in REST are: Additionally, two less common HTTP requests you should also know are: Answer: POST and PUT are similar, but not exactly the same. POST is for creating a resource on the server, whereas PUT is for replacing a resource at a specific URI with another resource. If you use PUT at a URI that already has an associated resource, PUT will replace that resource. If there is no resource at the specified URI, PUT creates one. Additionally, PUT is idempotent, which means that calling it multiple times will only result in one resource. This is because each call replaces the existing resource (or creates a new one if there is nothing to replace). POST is not idempotent. If you call POST 10 times, you’ll end up with 10 different resources on the server, each with its own URI. This also means that POST responses are cacheable, whereas PUT responses are not. Answer: CRUD stands for “Create, Read, Update, Delete.” These are the four basic actions that can be performed on databases through a REST API. Each action corresponds to an HTTP request method: It’s not the most elegant of acronyms, but it works. Answer: In REST, messaging refers to the back-and-forth communication between the client and API. An interaction always starts with the client messaging the API with an HTTP request. The API processes this request, then sends back an HTTP response that gives the status of the request and any resources the client asked for. Answer: HTTP requests are sent by the client to the API. They request data or perform some action on the server. There are five main components of an HTTP request in REST: Answer: HTTP responses are sent by the API to the client. They inform the client that the requested action was (or was not) completed and to deliver any requested resources. There are four main components of an HTTP response: Answer: HTTP response status codes tell the client the result of the requested action (GET, POST, etc.). Some common codes you’ll see in HTTP responses are: Answer: In REST, every accessible piece of content on the server is labeled as a resource. A resource is an object with a type, associated data, a relationship with other resources on the server, and a list of methods that can be used with it. For example, a resource could be an HTML or text file, a data file, an image or video, or an executable code file. A resource is identified with a uniform resource identifier, or URI. Clients access resources by including their URIs in HTTP requests. Answer: URI stands for uniform resource identifier. In REST, a URI is a string that identifies a resource on a web server. Each resource has its own unique URI which, when included in an HTTP request, allows clients to target that resource and perform actions on it. The process of targeting a resource with its URI is called “addressing.” The format of a URI is as follows: Answer: Caching is the method of temporarily storing a copy of a server response in a location (like computer memory) in order to retrieve it more quickly in the future. When working with REST APIs, Caching improves server performance by reducing the work the server has to do to fulfill the request. Caching also makes applications that use the API run faster since they don’t need to send a new request every time they need a resource. Cache duration of a resource (i.e., how long the resource can be cached by the client before the resource is retrieved again) is specified in the HTTP response header with the Cache-Control field. Answer: “Payload” refers to the data in the body of the HTTP request and/or response messages in GET or POST requests. For example, if you request a specific tweet from the Twitter API, the payload comprises the document containing the tweet text and any associated files for rendering the tweet on a page. Payload can also be included in the HTTP request with the POST method. If you want to post a tweet through Twitter's API, the tweet text that you send in your POST request is the payload. Answer: Here are some examples of REST APIs in use: Answer: REST and SOAP (Simple Object Access Protocol) are two different approaches to building APIs. Here are the key differences between them: Answer: Asynchronous JavaScript, or AJAX, is a set of web development techniques used in web applications. At its core, AJAX allows a web page to make requests to a server and update the page interface without needing to refresh. An AJAX client might utilize REST APIs with its requests, but AJAX doesn’t have to work with REST APIs exclusively. REST APIs can communicate with any client, whether the client uses AJAX or not. Also, unlike REST which uses HTTP requests and responses for messaging, AJAX sends its requests to the server with the XMLHttpRequest object that is built into JavaScript. Server responses are executed by the page’s JavaScript code to alter the page content. Answer: REST is by far the most common method for building web APIs. Here are some reasons why: Answer: While statelessness is a benefit of REST, it can sometimes be a disadvantage too. REST does not preserve state. In other words, the server does not keep records of past interactions. If preserving state is necessary, that responsibility falls on the client. Additionally, REST is less strict with its security measures than SOAP, so developers need to be cautious and only work with APIs from legitimate, reputable providers. It also makes REST a poor choice for sending confidential information between servers and clients. Answer: There are many software tools designed for testing RESTful APIs — Postman, JMeter, and Katalon Studio are a few. The testing process usually involves sending various requests from your testing tool and monitoring how your API responds. Many testing tools also support automated testing, allowing you to run many different scenarios quickly. To learn more about how API testing works and what kinds of tests you can run, see our guide to API testing. Answer: REST APIs do not employ as strict security measures as SOAP APIs, and therefore should not be used to send or retrieve sensitive information. However, good REST APIs still implement safety measures for secure and reliable data transfers. For more in-depth explanations, see our post on API security. Answer: If you’re asked to point out the main features that distinguish REST APIs from others, here are some points to touch on: REST APIs are so common today that any software developer should be at least familiar with their concepts, and ideally have some experience coding applications with them. If you can, strengthen your responses by recounting times when you’ve worked with a REST API — it shows that you not only have the knowledge, but you also have real-world familiarity with this powerful technology. Good luck! REST API Interview Questions
1. What is REST?
2. What is a REST API?
3. What are the principles of REST?
4. What does it mean for an API to be stateless?
5. Which protocol do REST APIs use?
6. Which markup languages are primarily used to represent resources in REST APIs?
7. Which HTTP request methods are supported by REST?
8. What is the difference between the POST method and the PUT method?
9. What is CRUD?
10. What is messaging in the context of REST?
11. What are the main parts of an HTTP request?
12. What are the main parts of an HTTP response?
13. What are some common HTTP response status codes you might see when working with a REST API?
14. What is a resource?
15. What is a URI?
<protocol>://<service-name>/<ResourceType>/<ResourceID>16. What is caching?
17. What is payload?
18. What’s a real-world example of a REST API?
19. What is the difference between REST and SOAP?
20. What is the difference between REST and AJAX?
21. What are some benefits of REST?
22. What are some drawbacks of REST?
23. How do you test APIs?
24. How do you keep REST APIs secure?
25. What are some main characteristics of REST?
Now you do the REST.
Topics: Application Programming Interface (API)