Notes By: Kapil Sir

1. what are the different methods/operations present in api?

There are four different methods present in api:

GET

POST

PUT

DELETE

PATCH

2. What are diff operations performed in Api?

Below are the operations performed in Api

GET- used to fetch the data

POST- Used to create data

PUT- Used to update data

DELETE- used to delete data

3. What is difference between PUT and PATCH?

PUT- we can update all the fields as well as single field

PATCH- we can update single/ partial fields

4. What are main differences between API and Web Service?

-Api call internally and webservices call over the internet

- The only difference is that a Web service facilitates interaction between two machines over a
network. An API acts as an interface between two different applications so that they can communicate
with each other.. Web service also uses SOAP, REST, and XML-RPC as a means of communication.

5. What are the advantages of API Testing?

 a) Api provides the security

b) API checks the authentication and the data that we are passing

c) API can transfer the load to diff microservices

d) API helps to avoid data breaching

e) Test for Core Functionality

f) Time Effective- we can hit lots of apis within less time

g) Language-Independent- like json,XML, html, text

h) Easy Integration with GUI

6. What are different Test Environment in project?

- Generally we will have below four test Enviornments:

DEV- where developers works

SIT/QA- where Testers works

UAT- where Testers and Client works

PROD- it’s a live env.

7. What are the test environment of API?

Global- Global has large scope (used to pass variables between diff collections)

Local – Local has small scope (Used to pass variable from one request to another)

-we are using QA/UAT enviornment in which we are using Global and Local enviornmrnt for api
methods

8. What must be checked when performing API testing?

Error codes, data which are coming (Retrieval data), Time

9. What are tools could be used for API testing?

Postman

Swagger

SoapUI

Etc.

10. What are differences between API Testing and UI Testing?

Api dosent provide the GUI( Graphical User interface) but UI provides.

11. What are common API errors that often founded?

This are the common error getting during api testing

201-created

200-ok

400-Bad request

401-Unauthorised

403- forbidden

404- page not found

500- Internal server error

503-service not available

12. Any examples why error code generates?

200- when we get succesfull data

201- when we create data into database

400- URI wrong or end point missing

401- when session got expired, passing invalid token/ username/pass

404- when we are trying to access the URL but URL not present
 405- Method not allowed

500- any server down or network issue

13. what are the collections?

Collections are used to store the services(api methods)

By using collection we can run all the methods at the same time.

We can Import/Export Collection.

14. what is mean bearer token?

Bearer token is one of the Authentication pass in headers

Bearer means identification for the token.

15. where we pass the data in post?

We pass the data in Body-> Raw-> in the form of json, XML. Html, text

16. can we run collection?

Yes, we can run the collection and collection methods at the same time, but before we run the
previous or old collection we have to update the authentication.

17. what is mean end points/service url?

End points are the different service urls which are used to hit the URL with domain uri.

18. what is mean API ?-Application programming interface

Api stands for Application programming interface.

- used to communicate between two system

-it simply knows as sending the request and getting the response.

19. what are headers?

Headers is nothing but the what kind of request it is

{content-type= application json/

application xml/

application text }

20. what is bearer?

Bearer is the indentifier for perticular token used for the Authentication.

21. Difference between SOAP and REST

SOAP REST

1. soap is protocol [Link] is architecture

2. uses XML format only 2. uses XML,JSON,HTML,TEXT,JAVASCRIPT

3. soap need WSDL file 3. rest need API only

4. type of security provided by soap: 4. type of security provided by rest

SOAP ENVIORNMENT AUTH TOKEN, HEADER, PARAMS

5. Heavy in weight API's 5. Light in weight API's

6 .Response time is more 6. Response time is less

7. Not best for CRUD operation 7. Best for CRUD operation

22. Types of API

REST API- uses Postman tool (Representational state transfer)

SOAP API- Uses SOAPUI tool (simple object access protocol)

23. Concept under REST:

REST- REST is an architecture used to create rest api.

REST Assured- To automate rest api we need rest assured libraries.

RESTFUL- when we automate rest api it called as restful services.

24. What is the difference between / and ?.

/- Path parameter

?- Query parameter

25. What is producer and consumer?

Producer- who produce the data

Consumer- who consumes the data

26. What is URI?

URI- Unique resourse identifier

URI= URL+ENDPOINT

Eg. [Link]

27. What are diff ways to pass the data/ scripting languages?

a) JSON:

"name": "Suraj ",

"email": "Suraj123@[Link]",

"gender": "Male",

"status": "Active"
 }

b) XML:

<name>suraj</name>

<email>suraj@[Link]</email>

c) String

d) Text

e) Html

f) Javascript

Etc.

28. What are headers?

Headers means what kind of data we are passing.

a. Authorization

b. Content Type

c. Language

d. Etc.

29. What we pass in http request?

a. URI

b. Headers

c. Payload

30. What are different authorization?

a. Basic Auth

pass the username and pass.

b. Digest

whenever we are passing username and pass it will get convert in # keys.

It means your username/pass will secured get server side too.

c. Oauth1

Oauth1 required below things:

1. Consumer Key

2. Consumer Secret

3. Access Token

4. Secret Token

Above info will get from developers.

e. Oauth2

Oauth2 required below things:

1. Client Id

2. Client Secret

3. Grant type

Above info will get from developers.

f. Bearer Token

g. NoAuth

31. What are Oauth1 and Oauth2?

Oauth1- this auth uses when we need third party logins.

Oauth2- this auth uses when we have single url and different enpoints
Types of status code:

 1xx: Informational – Communicates transfer protocol-

level information.

 2xx: Success – Indicates that the client’s request was

accepted successfully.

 3xx: Redirection – Indicates that the client must take

some additional action in order to complete their request.

 4xx: Client Error – This category of error status codes

points the finger at clients.

 5xx: Server Error – The server takes responsibility for

these error status codes.

32. How to pass the Pre-requisite in postman?

We can pass Pre-requisite as pre- request data in many ways.

Like we can pass pre-request as authorization, content type, name, user details etc.

Eg. Passing Content-type as pre-request script

[Link]({
key:'Content-Type',
value: 'application/json'
});

33. What are different assertion/ validations in Postman.

Assertions are apply in Tests tab.

a. Validate response body contains String

tests["Body matches string"] = [Link]("string_you_want_to_search");

 b. Validate response time

tests["Response time is less than 200ms"] = responseTime < 200;

c. Validate response body has data

var jsonData = [Link](responseBody);

tests["Your test name"] = [Link] === 100;

d. Validate status code

tests["Status code is 200"] = [Link] === 200;

etc.

34. what are different environment variable in Postman?

a. Global variable

b. Collection variables

c. Environmental variables

d. Local variables

35. What is the scope for postman variables?

a. Global variable

-Allow you to access data between collections.

-Global variable are available throughout workspace.

-Since global variables can create confusion, you should only use them sparingly—for
example to quickly test something or when your project is at a very early prototyping stage.

Snippet: [Link]("variable_key", "variable_value");

 b. Collection Variables

-Collection variables are available throughout the requests in a collection and are
independent of environments, so do not change based on the selected environment.

- Collection variables are suitable if you are only using a single environment, for example
for auth / URL details.

Snippet: [Link]("variable_key", "variable_value");

c. Environment variables

- Environment variables allow you to tailor your processing to different environments, for
example local development vs testing or production. Only one environment can be active at a
time

-Snippet: [Link]("variable_key", "variable_value");

d. Local Variables

- Local variables are temporary, and only accessible in your request scripts. Local variable values
are scoped to a single request or collection run, and are no longer available when the run is
complete

Snippet: [Link]("variable_key");

36. What is WSDL file

WSDL basically an XML document contains all the details about web service and all api request

37. What is Webservice?

Whenever we are hitting any service over the internet it known as webservice.

Webservice is any piece of software that makes itself available over the internet and
 uses a standardized XML messaging system.

38. What is UDDI?

- universal description discovery integration

-UDDI is an XML based standard for describing , publishing and finding the webservices.

39. What are diff soap elements/components

a. Envelop – It is beginning and end of message

b. Header – Header elements contain header information

c. Body – body element contains call and response information

d. Fault – Fault contain error and status information

40. What are diff WSDL element/component

a. Type- Define the data types used by the webservices

b. Message – Define the data element for each operation

c. Port Type- Describe the operation that can be performed and message involve

d. Binding- Defines the protocol and data format for each port type

41. What are different assertions present in SoapUI?

Below are the different assertion present in soapui:

a. Contains - checks for the existence of a specified string

b. Not Contains - checks for the non-existence of a specified string

c. Response SLA - validates that the last received response time was within the defined limit.
Applicable to Script TestSteps and TestSteps that send requests and receive responses.

d. Invalid HTTP Status Codes - checks that the target TestStep received an HTTP result with a
status code not in the list of defined codes. Applicable to any TestStep that receives HTTP
messages

e. Valid HTTP Status Codes - checks that the target TestStep received an HTTP result with a
 status code in the list of defined codes. Applicable to any TestStep that receives HTTP
messages.
Etc.

42. What are different Api gatways.

a. SSL certificate

b. Routing

c. Adapter

d. Cache

e. Load balancer

43. Difference between monolithic and miscroservice?

Monolethic - all api available under one service

Microservice- for api have different microservice.