Here is a list of top 15 REST API interview questions and answers. These questions would provide you with basic information about both simple and advanced topics.
What is REST API ?
REpresentational State Transfer, or REST for short, is an architectural style for building distributed, client-server systems. By providing a small set of useful guidelines and constraints REST makes it easy to build large-scale systems that are loosely coupled, distributed over large internet-scale networks that can be efficient & maintainable while evolving over time.
Which protocol is used by RESTful web services?
A REST API or a RESTFul webservice is a webservice implemented using the REST architectural guidelines, usually on top of HTTP. Unlike the normal HTML content served over HTTP, though, the REST API are designed to be consumed by other pieces of software, referred to as REST Clients. The HTTP verbs and request/ response data structures are leveraged for messaging and communication between the REST API Provider and the REST Client. The term RESTFul webservice is also used to distinguish from the other popular type of webservice, i.e., the SOAP web-service.
How do you address a resource in RESTful web service?
A REST API, essentially, is about exposing Resources. Every end-point in a REST API is a reference to some resource on the server. This resource is identified by the URI (Uniform Resource Identifier).
How is resource represented in a REST API ?
When a REST API request is received by the server, it responds with a representation of the resource. This is usually in XML or JSON format altough other formats are allowed. API endpoints can also specify a list of supported formats from which the client can choose the desired format.
The client can then use this to discover other functionality provided by the API or request other resources – thus using the representation to transfer state.
What are the core components of a HTTP request?
The HTTP verb used to access the resource (GET, PUT, POST, DELETE etc.,.) signifies the action requested. For example, an HTTP GET request on the EmployeeData endpoint would read and return a representation of the EmployeeData while a PUT request may be used to make changes to it.
What is the difference between REST API and the traditional API?
Thus the REST API deals with resources (nouns) rather than actions (verbs), which is a crucial difference. For example, while a traditional API may have an interface named “GetEmployeeData”, in a REST API, this is achieved by requesting the EmployeeData endpoint (presumably using an EmployeeId).
Can there be more than one URI for the same resource?
The same resource can have more than one URI. For example http://example.com/employee/eid/department and http://example.com/departments?name=”finance” could both refer to the same resource.
What are the advantages of a REST API?
The REST architectural style makes it easy and efficient to build scalable web-services and applications. Some of its advantages are:
- Uniform interface: Interface between client and server is defined. Due to this, the architecture of client and server is completely decoupled.
- It also simplifies the client as well as the server design since every end-point of the API implements (a subset of) the same set of methods. These methods are the HTTP verbs (GET, PUT, POST, DELETE, HEAD and OPTIONS).
- REST allows the client and server side to evolve independently. Because the API is made up of resources exposed via end-points, the client can discover any new resources available and start making use of them. REST also allows code to be sent as a response allowing the server to extend the client.
- Due to its growing popularity and adoption, there is a lot of ecosystem support to bootstrap new services easily. Support for creating and consuming RESTFul web-services is available on almost all major technologies and platforms.
- Of course, by its very nature of being based on HTTP, REST is platform agnostic and thus, RESTFul web-services developed using disparate technology stacks can easily interoperate. This is really important for smooth enterprise integration & avoiding lock-in.
- In a REST API, no state is stored on the server. Every request has all the information necessary for the server to respond. Thus, any session state is stored in the client. This makes it easy for the backend to scale.
- In a REST API there is separation of concerns between the client and the server. The presentation and user-interaction is handled by the client while the server deals with data storage and retrieval.
- Cacheable responses and the notion of a layered system between the client and server make a system build on REST API more robust in dealing with network delays and fluctuations in network traffic.
Where is REST API popular?
Due to above advantages it is little wonder that REST has gained widespread adoption and use. Top technology companies and social media giants like Facebook, Google and Twitter provide REST API endpoints to their services for programmatic use of their services apart from using them heavily within their own software stack.
List the points to be remembered while designing a REST API.
Below are the key points to be remembered while designing a REST API.
- In a REST API everything is a resource. Every API request returns a response that is a representation of the resource.
- Representations are not the same as the resource. This maybe obvious at some level but is an important distinction to make.
- Resource representations are typically in XML or JSON format. Client can request the format specifically by setting appropriate request headers.
- No state is stored on the server. Session state is stored entirely on the client. Every request to the server contains all the necessary information the server needs to process it without depending on any context stored on the server.
- Cacheable responses. Client cannot assume direct connection to server – there may be intermediaries (which may, for example, cache the response). The system is layered (E.g., a response to a REST API may require the server to invoke another REST API whose response maybe cached by the server) and there could be several layers between the client and the server. This improves scalability of the system (e.g., ability to add a load-balancer).
What are the HTTP Verbs and their common meanings?
Of the 6 HTTP verbs, GET, POST, PUT and DELETE are more commonly used. The primary usage of these verbs are summarized below.
GET – Read resource/ collection of resources. This verb is used to get a representation of a resource or a collection of resources by using an identifier.
PUT – Update or Create a new resource. Usually this is used to update an existing resource and the information to be updated is passed in with the request. In case the identifier is known before-hand then this method can also be used to create a new resource corresponding to the identifier.
POST – Create a new resource. The information necessary to create the resource is passed in with the request. Upon success, the response usually contains the identifier of the resource created. This method is also used for operations that do not fit into any other category.
DELETE – Remove a resource.
HEAD – Returns only the HTTP header and no BODY.
OPTIONS – Return the list of operations supported on this resource.
What is the difference between PUT and POST?
Invoking, “PUT” puts a resource at the URI. If it already exists, PUT changes it. If it doesn’t, then PUT makes one.
On the other hand, POST is used to send data to a URI. The provider of the API can decide what to do with the data (create a resource, store it somewhere, …) in the context of the request and the resource at which the request is made.
PUT is idempotent, i.e., invoking it multiple times will not have any impact (it will put the same resource or make the same change to it). POST is not idempotent. Thus, if invoked multiple times POST will repeat the same operation (creating more resources or storing copies of the data etc).
In REST API, what is separation of concerns between the client and server ?
The presentation and user-interaction is handled by the client while the server deals with data storage and retrieval. This is known as separation of concerns – this helps the client and server focus on doing their respective roles well.
List key differences between SOAP and REST
SOAP is a protocol and SOAP web-services communicate purely by exchanging XML. REST is an architectural style that is built on top of HTTP and REST API can exchange data in multiple formats (including XML and JSON).
A SOAP service has a custom interface defined via WSDL. A REST API has a uniform interface based on HTTP verbs. While SOAP uses HTTP protocol to embed an XML message (which is the API object), REST uses HTTP headers to carry meta information for the request and response.
SOAP vs REST is probably the most common question asked in interviews. It is very important to know when to use any one of them. The most important point to understand is the contract between client and server. For SOAP, if anything changes on server, the client has to adopt. So Client needs to know all the services it will be using before starting any interaction with the server.
One important thing to remember is that SOAP and REST is that it is not actually SOAP vs REST. There are environments where SOAP services make more sense. Like we use SOAP service between two different applications communicating to each other. And we use REST services for our GUI related services. And REST and SOAP can be used also together. Like GUI calling a rest service which internally interacts with a SOAP services. So the complexity of SOAP service is not exposed to web clients.
Remember it is not SOAP vs REST but a good answer would be depends when to use which of them.
Explain how caching in a REST API takes advantage of the layered nature of the internet ?
While creating the response to an API request, the server sets the “cache-control” HTTP header to indicate the cacheability. When cache-control header has the Public directive set the response is cacheable by any component (this means, the same request originating from another REST Client and passing through the same intermediary will receive the cached response, thus saving a call to the server). When it has the Private directive then only the client may cache it (not the intermediaries).
On top of this other HTTP headers like “expires”, “max-age”, “must-revalidate” further provide details about how long the response may be cached and what needs to be done when it is past the expiration time. For more on the semantics of the HTTP cache-control headers see this article.
What is the meaning of popular HTTP Status Codes ?
200 – OK (Success)
201 – CREATED (Usually for PUT or POST when resource is created successfully)
204 – NO CONTENT (Empty body)
400 – BAD REQUEST
401 – FORBIDDEN (Access denied to method requested)
404 – NOT FOUND (resource or method not found)
500 – INTERNAL SERVER ERROR (Generic code returned when server encountered an exception while processing the request)
Enumerate some popular JAX-RS implementations that can be used for developing RESTFul web-services in Java
Head here for a detailed introduction to REST.
Looking for step-by-step instructions ? Read these articles to find out more about creating REST-ful web-services in Java with Jersey, spring, spring-mvc, spring-boot and a REST client. Or, move on to advanced topics such a securing a REST service with authentication.