What is the difference between PUT and POST methods?
A POST request creates a new object on the server whereas, a PUT request replaces an object by another object.
POST should be used when the client sends the page to the server and then the server lets the client know where it put it. PUT should be used when the client specifies the location of the page
What are the most commonly used HTTP methods supported by REST?
- GET is only used to request data from a specified resource. Get requests can be cached and bookmarked. It remains in the browser history and haS length restrictions. GET requests should never be used when dealing with sensitive data.
- POST is used to send data to a server to create/update a resource. POST requests are never cached and bookmarked and do not remain in the browser history.
- PUT replaces all current representations of the target resource with the request payload.
- DELETE removes the specified resource.
- OPTIONS is used to describe the communication options for the target resource.
- HEAD asks for a response identical to that of a GET request, but without the response body.
What are the core components of an HTTP response?
Every HTTP response includes four key elements.
- Status/Response Code – Indicates Server status for the resource present in the HTTP request. For example, 404 means resource not found, and 200 means response is ok.
- HTTP Version – Indicates HTTP version, for example-HTTP v1.1.
- Response Header – Contains metadata for the HTTP response message stored in the form of key-value pairs. For example, content length, content type, response date, and server type.
- Response Body – Indicates response message content or resource representation.
In which type of encoding does postman accept authorization credentials? Why?
Postman accepts authorization in Base64 encoding only. This is provided inbuilt in Postman or else you can also refer third party websites to convert the credentials in base64.
We use base64 particularly because it transmits the data into a textual form and sends it in an easier form such as HTML form data. We use Base64 particularly because we can rely on the same 64 characters in any encoding language that we use.
What are the common protocols that are used in API testing?
What are Collections in Postman? And what can they contain?
Collections are lists of predefined HTTP requests. When you create an HTTP request, it always belongs to some collection.
Once you start having many HTTP requests in your collection, it becomes chaotic. So to allow for further categorization of your requests, you can create folders and put your requests to a folder structure.
So a collection can contain
What are the main differences between API and Web Service?
- All Web services are APIs but not all APIs are Web services.
- Web services might not contain all the specifications and cannot perform all the tasks that APIs would perform.
- A Web service uses only three styles of use: SOAP, REST and XML-RPC for communication whereas API may be exposed to in multiple ways.
- A Web service always needs a network to operate while APIs don’t need a network for operation.
What are the core components of an HTTP request?
An HTTP request contains five key elements:
- An action showing HTTP methods like GET, PUT, POST, DELETE.
- Uniform Resource Identifier (URI), which is the identifier for the resource on the server.
- HTTP Version, which indicates HTTP version, for example-HTTP v1.1.
- Request Header, which carries metadata (as key-value pairs) for the HTTP Request message. Metadata could be a client (or browser) type, format supported by the client, format of a message body format, cache settings, and so on.
- Request Body, which indicates the message content or resource representation.
Mention, whether you can use GET request instead of PUT, to create a resource?
Ans. No, you shouldn’t use a PUT or POST method. Instead, apply the GET operation which has view-only rights.
Can we have two global scope variables with the same name in Postman?
Since global variables are global i.e. without any environment, they cannot have duplicate names as it creates confusion for the software. Local variables can have the same name but in different environments.
What are the principles of an API test design?
The five most important principles of an API test design are:
- Setup : Create objects, start services, initialize data, etc
- Execution : Steps to apply API or the scenario, including logging
- Verification : Oracles to evaluate the result of the execution
- Reporting : Pass, failed or blocked
- Clean up : Pre-test state
Which purpose does the OPTIONS method serve for the RESTful Web services?
The OPTIONS Method lists down all the operations of a web service supports. It creates read-only requests to the server.
What are the areas that need to be taken care of while writing an API document?
The main areas that need your concentration while writing the API documents are as follows:
- You need to check the source of the content
- Plan or sketch of your document
- The delivery layout of the same
- Information needed for each of the function available in the document
- Lastly, automatic document creation programs
Can we import local variables in Postman Monitors?
Yes. Postman monitors allow to import local variables but it does not allow importing global variables.
Difference between API testing and Unit Testing?
UNIT testing :
- Unit testing is conducted by the Development Team
- Unit testing is a form of White box testing
- Unit testing is conducted prior to the process of including the code in the build
- Source code is involved in Unit testing
- In unit testing, the scope of testing is limited, so only basic functionalities are considered for testing
API testing :
- API testing is conducted by QA Team
- API testing is a form of Black box testing
- API testing is conducted after the build is ready for testing
- Source code is not involved in API testing
- In API testing, the scope of testing is wide, so all the issues that are functional are considered for testing
What is status code 401 and when does it occur?
Status code 401 is referred for an unauthorized request. An unauthorized request is a request for which you are not authorized. We can incur such a status code when you are not authorized to access the server or you have entered wrong credentials.
Write test code to check whether the response status is 200 or not?
A test code to check whether the response status is 200 or not is as follows
tests["Status Code is 200"] = responseCode.code === 200;