Geekflare is supported by our audience. We may earn affiliate commissions from buying links on this site.
In Development Last updated: June 20, 2023
Share on:
Invicti Web Application Security Scanner – the only solution that delivers automatic verification of vulnerabilities with Proof-Based Scanning™.

An API stands for Application Programming Interface. It serves as a gateway for applications to access some resources from other applications.

The advantage of using an API is to provide access to third-party applications so that they can’t access the entire data of your application. They can only access the data which you expose through your API.

The application or a user who wants to access the data is known as a client, and the application which serves the data is known as a server.

APIs are widely used today in every software architecture. If you are applying for a front-end, back-end, full-stack, or network engineering role, then you will be asked a lot of questions regarding APIs.

With that being said, let’s explore some of the most frequently asked interview questions about REST APIs.

What Is REST?

Answer: REST is an architectural design that defines some constraints on the working of APIs. The APIs which follow the principles of REST are known as RESTful APIs. REST stands for Representational State Transfer.

It is not a protocol or a standard; instead, it’s an architecture that can be used to implement APIs in various ways.

It provides high flexibility and freedom to developers, and that’s why it is widely used to develop APIs. Here are some of the principles of a REST architecture:

  • Separation of Client & Server: In a RESTful API, the client should not affect the server in any other way other than requesting data through a URI (Uniform Resource Identifier). In the same way, the server should not modify the content of the client in any way.
  • Statelessness: When two separate requests are made, they don’t know about each other. In other words, the requests are stateless and don’t maintain a state. If a request is fulfilled, it simply terminates. Every request is isolated from other requests.
  • Layered Architecture: The client or the server doesn’t know whether the request is being made directly to the origin or an intermediary application. They only care about the response to the request.
  • Caching: Data or response can be cached on the client as well as server side to improve performance and scalability. If there are frequent requests for a particular resource, then the response to that request can be cached and used when needed.

What Are Some Key Characteristics of REST?

Answer: Key characteristics or features of REST are:

  • Flexibility: You can move from one server to another, and it won’t change anything because the API will send the same response for a particular request. Also, you can add as many endpoints as you want for different types of data.
  • Scalability: Caching improves scalability due to the responses being saved for later use. It decreases the load on the server and also reduces latency.
  • Authorization: With the help of the Authorization Header, you can specify the credentials which the server can use to authorize the request.
  • Statelessness: This is the most important feature of REST because it prevents requests from knowing what’s happening with other requests. Requests are isolated and terminated as soon as they are fulfilled.

What Are Resources in a REST Architecture?

Answer: Resources are entities on which different operations are performed, such as retrieving, updating, or deleting. They are the basic building blocks of REST architecture.

For example, if you consider an online e-commerce store, the products, users as well as metadata are considered resources because they can be operated on. Resources can be transferred to another application through API.

Mention Some Advantages and Disadvantages of a REST API.

Answer: The advantages of REST APIs are as follows:

  • It’s simple to implement.
  • Resources can be easily handled.
  • It’s scalable because of client-server architecture.
  • Supports multiple data transfer media types such as XML and JSON.

Its disadvantages are:

  • You cannot maintain a state between requests.
  • The true origin source of the resource can’t be known because of layered architecture.
  • Not good for complex queries or requests.

Define REST Template.

Answer: A REST template is a utility or a client through which you can access REST APIs in the Spring framework. It basically hides the boilerplate code you may have to write in order to request a resource from a REST API.

What Is RESTful?

Answer: RESTful APIs or services are interfaces that implement the REST (Representational State Transfer) architectural style and work using protocols such as HTTP.

What Are RESTful Web Services?

Answer: RESTful web services are built to work best on the Web. Representational State Transfer (REST) is an architectural style that specifies constraints, such as the uniform interface, layered architecture, and statelessness, if applied to a web service, induce desirable properties, such as performance and scalability, that enable services to work best on the Web.

How Can You Test RESTful Web Services?

Answer: To test a RESTful web service, you can use a REST client such as Postman or Thunder Client and query the web service you want to test. Then, when you get a response, understand the response; that’s the key part.

If you want to test a complex API with many endpoints, you may have to break down testing and perform unit testing, integration testing, performance testing, and end-to-end testing.

Mention Some Features of RESTful Web Services.

Answer: Some of the key features of RESTful web services are:

  • Support for multiple media types such as JSON and XML.
  • Scalability
  • Isolation of client & server
  • Flexibility

Define RESTful Root Resource Classes.

Answer: Root resource classes are “plain old Java objects” (POJOs) that are either annotated with @Path or have at least one method annotated with @Path or a request method designator, such as @GET, @POST, @PUT, or @DELETE.

What Is URI?

Answer: URI stands for Uniform Resource Identifier. It is a sequence of characters used to locate or identify resources of an API or a service. It uses the name or location of the resource to identify it, but it doesn’t rely on a particular method or technique.

What Is Statelessness in REST?

Answer: Statelessness refers to one constraint applied to an API in which any two requests can’t know what’s happening with each other. In other words, the state of the requests isn’t maintained. If the request is fulfilled, it simply terminates after getting a response.

What Is JAX-RS?

Answer: JAX-RS is a Java API that enables you to develop applications in Java that use the REST architecture. This API makes it easy to develop REST applications in Java.

What Are the Key Annotations in JAX-RS API?

Answer: Annotations in JAX-RS are used by developers to decorate Java classes in order to define resources and methods that can be performed on those resources. Some key annotations of the JAX-RS API are:

  • @GET: It is used for making GET requests in HTTP.
  • @POST: It is used for making POST requests in HTTP.
  • @Path: It refers to the relative path of a Java class.
  • @QueryParam: It refers to the query parameters of the URI or URL.

What Are Some Key Features ofJAX-RS API?

Answer: Features of JAX-RS are:

  • Client-side caching
  • Server-side caching
  • Query string customization
  • Runtime annotations

How Can the JAX-RS Applications Be Configured?

Answer: A JAX-RS application consists of at least one resource class packaged within a WAR file. The base URI from which an application’s resources respond to requests can be set in one of two ways:

  • Using the @ApplicationPath annotation in a subclass of packaged within the WAR
  • Using the servlet-mapping tag within the WAR’s web.xml deployment descriptor
YouTube video

What Are JAX-WS and JAX-RS?

Answer: JAX-WS is a Jakarta XML Web Services API used for developing APIs using Simple Object Access Protocol (SOAP) – an XML-based messaging protocol.

On the other hand, JAX-RS is a Java API used for creating web services using the REST architecture.

What Are HTTP Status Codes?

Answer: Status codes are nothing but a way to communicate the status of the response sent by the server to the client. They are present in the response headers sent by the server.

The client is able to figure out if the request has failed or been fulfilled or if there is something wrong with the response by using the status codes.

Here are some common status codes of HTTP:-

  • 200 – It stands for “OK” keyword. It means that the request has been fulfilled, and the response is alright.
  • 404 – It stands for “Not Found”. This means a resource isn’t present on the server or an endpoint doesn’t exist.
  • 500 – It stands for “Internal Server Error”. This usually happens when the server cannot generate the correct response, or there is an error that is not explicitly thrown.
  • 503 – It stands for “Service Unavailable”. It means that currently, the server cannot process any requests, probably because it’s dead or isn’t working because of request overload. It can also occur when the server is up for maintenance.

What Are HTTP Methods?

Answer: HTTP methods are used to perform a certain type of action on a particular resource of an API. For example, if you want to fetch a list of movies from a movie collection API, then you can use the GET method provided by HTTP. If you want to update the data, you can use the POST method provided by HTTP.

Frequently used HTTP methods are as follows:

  • GET: Requests using GET should only retrieve data.
  • POST: It updates the resource by sending a newly updated resource to the server.
  • DELETE: It deletes the specified resource.
  • PATCH: It partially modifies the resource.

How Does HTTP Basic Authentication Work?

Answer: Authentication is a process to verify the authenticity of a client to maintain data security. In HTTP, authentication works through an Authorization Header, which is sent by the client.

Authorization Header consists of the username/id and password of the client, which is then verified by the server, and access is granted.

YouTube video

One important thing to note here is that when using HTTP authentication, the channel through which the credentials pass should be encrypted and secure.

You can secure the channel using the SSL layer, which is integrated into HTTPS. So, it is recommended to use HTTPS instead of simple HTTP when dealing with credentials.

What Are the Core Components of HTTP Request?

Answer: An HTTP request consists of the following components:

  • Request line: It’s the first line in any request and consists of the HTTP method, the path or endpoint, and the HTTP version number.
  • Headers: HTTP headers are used to provide metadata of the request.
  • Body (Optional): This component is only present for some of the request methods. It’s not required for GET requests, but it’s required for POST requests. It is the actual message of the request.

What Are the Core Components of HTTP Response?

Answer: An HTTP response consists of the following components:

  • Status: It refers to the HTTP status code which is sent by the server.
  • Headers: Just like requests, responses also have their respective headers, which provide useful information about the response.
  • Message: This is the actual data that is sent by the server to the client for requesting a particular resource.

What Is the Difference Between REST and AJAX?

Answer: AJAX is a client through which you can access RESTful APIs. It is used to send asynchronous requests using JavaScript.

REST, or Representational State Transfer, is an architecture that can be implemented to create RESTful APIs. In short, to send HTTP requests, you can use AJAX which serves as a client, but if you want to implement RESTful APIs, then you have to use REST architecture.

What Is the Difference Between SOAP and REST?

Answer: Representational State Transfer, or REST, is an architecture with minimal constraints to create APIs. SOAP, or Simple Object Access Protocol, is a protocol with strict requirements to implement an API.

REST is more flexible and easy to use than SOAP. XML-based messaging is used in SOAP, while in REST, you can use many data transfer types such as JSON, XML, etc. As compared to SOAP, REST is more lightweight and fast.

SOAP web services have built-in security, which is one advantage of using SOAP over REST, but the added features also make it complex and heavy to use.

What Is the Difference Between PUT and POST?

Answer: POST is an HTTP request method that sends some data to the server. If you make multiple POST requests for a particular resource, then there can be side effects to your data. For example, if you want to add an article to a collection, if you make multiple POST requests, multiple articles will be added to the collection leading to redundant articles.

PUT is an HTTP request method that sends data to the server for a particular resource but only updates the data once. If you send multiple PUT requests for a particular resource, no side effects will occur, and the data will be added only once. In PUT, if the resource doesn’t exist, it will create a new one, and if it exists, it will update the existing one.

PUT is idempotent, while POST isn’t.

What Is a Payload?

Answer: A payload in a REST API is simply the body of the request sent from the client to the server. It’s the data you want to send to the server and get a response.

What Is the Maximum Payload Size That Can Be Sent in Post Methods?

Answer: There is no default limit set by the HTTP protocol itself. The limit can depend on the maximum limit of the client or the server, whichever is the minimum.

While Creating URI, What Are the Best Practices That Need to Be Followed?

Answer: Some of the key points you need to keep in mind while designing URIs are:

  • Avoid using file extensions
  • Be consistent with all URIs
  • Divide the URIs into domains and subdomains for different sets of resources
  • You should use hyphen or underscore to separate words in sentences embedded in URIs
  • You should use the forward slash to indicate a hierarchy of resources
  • Encode a URI using proper encoding
  • Try to make the URI human-readable
YouTube video

What Are Idempotent Methods?

Answer: Idempotent HTTP methods have the same effect on the server despite sending multiple identical requests. For example, if you send multiple identical DELETE requests for a particular resource, the resource won’t change on every request; it will update as if only one request has been sent.

Some of the idempotent methods include:

  • PUT
  • GET
  • HEAD

What Is Postman?

Answer: Postman is an API development tool to develop, modify, and test APIs. It provides many features to build and test APIs quickly without the need to set up a client.

YouTube video

What Are Cache-Control Headers?

Answer: The Cache-Control header consists of instructions or directives to configure caching in browsers and servers. It tells the browser or the server what to cache and how long it should be cached before being requested through the network request.

The Cache-Control header includes the following directives:-

  • max-age
  • no-cache
  • private
  • public
  • no-store
  • immutable

Define Messaging in RESTful Web Services.

Answer: Messaging in RESTful web services refers to the client sending an HTTP Request to the server, to which the server responds with an HTTP Response. This communication between the client and the server is referred to as messaging.

What Is the Difference Between Monolithic, SOA, and Microservices Architecture?

Answer: In a monolithic architecture, everything is managed in one place. The client side, the server, as well as the database are all managed from a single place. That’s why it’s known as monolithic because the word “monolith” refers to a single block or stone.

SOA stands for Service-Oriented Architecture. In this architecture, different aspects of the application are managed by different services, which are also software. So, it is a combination of multiple service software modules. Integration is the key part of this architecture.

Microservices architecture is similar to SOA, but unlike SOA, it has multiple autonomous software programs which talk to each other using APIs. Unlike monolithic architecture, everything here is autonomous and, to some extent, independent.

How Does Microservice Architecture Work?

Answer: In a microservice architecture, the applications are divided into smaller subunits that are independent of each other and work on their own, but they communicate with each other via a well-defined set of APIs.

Some benefits of microservices architecture include agility, flexibility, scalability, independent technologies, reusable services, and easy deployment.

YouTube video

What Is CRUD?

Answer: CRUD stands for Create, Read, Update, Delete. These are the operations that can be performed on a particular resource. The API which supports all of these operations is known as a CRUD API. These are the most basic operations which can be performed by an API on a resource.

What Is Caching?

Answer: Caching is a technique of storing a response or a request on the client or the server for it to be used again later.

Responses are generally cached on the client because if the client makes the same request several times in a short time interval, then it makes no sense to request the response again over the network and waste the bandwidth.

What Is the Use of @RequestMapping?

Answer: It is an annotation in the spring framework which is used to map web requests onto specific handler classes and/or handler methods.

What Does @PathVariable Do?

Answer: The @PathVariable annotation in the spring framework is used to extract the value of the template variables and assign their value to a method variable.

Define HttpMessageConverter.

Answer: When an HTTP request (or portions of it) needs to be converted into a type needed as an argument for a handler method or when the value returned by a handler method needs to be converted in some way to create an HTTP response, HTTP message converters are used.

What Tools Are Required to Test Your Web API?

Answer: Some tools which can help you in API testing are as follows:

  • Postman
  • Rest Assured
  • Rest Sharp
  • Katalon
  • ReadyAPI
  • Apigee

Final Words

Nowadays, APIs have become extremely popular because of the advent of the internet. Another reason REST APIs are popular is that they are easy to develop and easy to use.

If you are preparing for an interview, consider the above questions about REST APIs that might be asked in your interview.

Next, you can check how to scrape a website using Geekflare’s Web Scraping API.

  • Murtuza Surti
    Software Engineer & Content Creator
Thanks to our Sponsors
More great readings on Development
Power Your Business
Some of the tools and services to help your business grow.
  • Invicti uses the Proof-Based Scanning™ to automatically verify the identified vulnerabilities and generate actionable results within just hours.
    Try Invicti
  • Web scraping, residential proxy, proxy manager, web unlocker, search engine crawler, and all you need to collect web data.
    Try Brightdata
  • is an all-in-one work OS to help you manage projects, tasks, work, sales, CRM, operations, workflows, and more.
    Try Monday
  • Intruder is an online vulnerability scanner that finds cyber security weaknesses in your infrastructure, to avoid costly data breaches.
    Try Intruder