RESTful APIs Questions and Answers for Viva

Answer-1: A RESTful API (Representational State Transfer) is an architectural style for designing networked applications, using HTTP methods to request and manipulate data.

Answer-2: The key principles include statelessness, client-server architecture, uniform interface, scalability, and cacheability.

Answer-3: REST is a lightweight, stateless protocol using HTTP methods, while SOAP is a more complex, XML-based protocol that requires a specific message format and supports multiple transport protocols.

Answer-4: Common HTTP methods used in RESTful APIs include GET, POST, PUT, DELETE, PATCH, and OPTIONS.

Answer-5: The GET method is used to retrieve data from the server, without making any changes to the resource.

Answer-6: The POST method is used to send data to the server to create a new resource or trigger an action.

Answer-7: The PUT method is used to update an existing resource on the server by sending the complete data.

Answer-8: The DELETE method is used to remove a resource from the server.

Answer-9: The PATCH method is used to make partial updates to an existing resource, unlike PUT, which updates the entire resource.

Answer-10: A resource is any object, data, or service that can be accessed and manipulated using the HTTP methods in a RESTful API.

Answer-11: Status codes are part of the HTTP response and indicate the result of the request, such as 200 OK, 404 Not Found, and 500 Internal Server Error.

Answer-12: The status code 200 indicates a successful request, meaning the server has processed the request successfully and returned the response.

Answer-13: The status code 404 indicates that the requested resource could not be found on the server.

Answer-14: The status code 500 indicates an internal server error, meaning something went wrong on the server while processing the request.

Answer-15: A URI is a string that uniquely identifies a resource on the server, such as https://example.com/api/users/1.

Answer-16: HTTP headers contain metadata about the request or response, such as content type, authentication tokens, and caching instructions.

Answer-17: In a stateless API, each request is independent, and the server does not store any client state between requests. In a stateful API, the server stores session data for the client.

Answer-18: HATEOAS (Hypermedia As The Engine Of Application State) is a constraint of REST that allows clients to dynamically discover available actions by using links in the response.

Answer-19: JSON (JavaScript Object Notation) is a lightweight data-interchange format that is easy for humans to read and write and easy for machines to parse and generate. It is commonly used in RESTful APIs due to its simplicity.

Answer-20: XML (Extensible Markup Language) is a markup language for encoding documents in a machine-readable format. It was used in SOAP-based web services, but RESTful APIs prefer JSON due to its simplicity.

Answer-21: Authentication ensures that the API only allows access to authorized users. Common methods include API keys, OAuth, and JWT (JSON Web Tokens).

Answer-22: Authorization defines what actions an authenticated user is allowed to perform. It ensures users can only access resources they have permissions for.

Answer-23: An API key is a unique identifier passed along with requests to authenticate the client and track usage.

Answer-24: OAuth 2.0 is an authorization framework that allows applications to grant limited access to user resources without exposing user credentials. It is commonly used for securing RESTful APIs.

Answer-25: JWT is a compact, URL-safe token used for securely transmitting information between parties. It is often used for authentication in RESTful APIs.

Answer-26: Idempotence means that making the same request multiple times will produce the same result, without unintended side effects. PUT and DELETE methods are typically idempotent.

Answer-27: REST is simple, stateless, lightweight, and supports multiple data formats (such as JSON and XML). It is also widely adopted and easier to scale.

Answer-28: Rate limiting can be implemented by using HTTP headers to track the number of requests per user/IP and restrict access if limits are exceeded.

Answer-29: CORS is a security feature implemented in browsers to allow or block web pages from making requests to a domain different from the one that served the web page.

Answer-30: GET is used to retrieve data without modifying the resource, while POST is used to create new resources or trigger actions that modify the server state.

Answer-31: API versioning ensures that changes in the API do not break existing client applications. It can be achieved through the URL (e.g., /v1/) or headers.

Answer-32: Common strategies include URL versioning (/api/v1/), header versioning, and query parameter versioning.

Answer-33: Caching stores the responses of requests to improve performance. It can be implemented using HTTP headers like Cache-Control and ETag.

Answer-34: The Cache-Control header defines caching policies, such as whether the response can be cached, how long it can be cached, and under what conditions.

Answer-35: Pagination is handled by dividing large datasets into smaller chunks and providing metadata such as next and previous links in the response to navigate through the data.

Answer-36: API documentation is essential for providing clear guidelines on how to use the API, including endpoints, data formats, authentication methods, and error codes.

Answer-37: Swagger, now known as OpenAPI, is a specification for describing RESTful APIs. It includes a standard format for documenting endpoints, request/response types, and authentication.

Answer-38: An API Gateway serves as a single entry point for managing traffic, authentication, load balancing, and monitoring for RESTful APIs.

Answer-39: A RESTful API endpoint is a URL pattern used to interact with a specific resource on the server, such as /users/1 to access a user with ID 1.

Answer-40: Error handling is done using appropriate HTTP status codes and descriptive messages in the response body, indicating the reason for failure.

Answer-41: The Accept header tells the server the format in which the client expects the response, such as application/json or application/xml.

Answer-42: The Content-Type header specifies the format of the data being sent in the request body, such as application/json for JSON payloads.

Answer-43: A RESTful API client is an application or tool that sends HTTP requests to a REST API and processes the response. Examples include Postman or cURL.

Answer-44: Multiple versions can be handled using different strategies, such as including the version number in the URL or via HTTP headers.

Answer-45: The response body contains the data returned by the server in response to the request, often in JSON or XML format.

Answer-46: The ETag header is used to identify a specific version of a resource, helping with caching and conditional requests.

Answer-47: REST API architecture is an approach to building APIs that adhere to the principles of REST, using stateless communication and standard HTTP methods.

Answer-48: Security can be ensured using methods like HTTPS, authentication tokens (JWT, OAuth), API keys, and role-based access control (RBAC).

Answer-49: Logging helps in monitoring API usage, debugging issues, tracking errors, and understanding client behavior.

Answer-50: Testing a RESTful API can be done using tools like Postman, Swagger UI, or writing unit and integration tests with frameworks like JUnit.