Skip to main content

Interview Scenarios in API Testing

Interview Scenarios in API Testing

API testing interviews often focus on practical scenarios to assess your problem-solving skills, technical knowledge, and hands-on experience.
This section provides real-world interview questions and step-by-step solutions to help you prepare effectively.

1️⃣ Scenario: Handling Authentication

Question

How would you test an API that requires Bearer Token authentication?

Solution

  1. Authenticate to get the token.
  2. Use the token in subsequent requests.
  3. Handle token expiration by refreshing it dynamically.
Code Snippet: Handling Bearer Token
// Step 1: Authenticate to get token
Response loginResponse = given()
    .body("{ \"username\": \"testuser\", \"password\": \"password123\" }")
    .when()
    .post("/login");

String token = loginResponse.jsonPath().getString("token");

// Step 2: Use token in subsequent requests
given()
    .header("Authorization", "Bearer " + token)
    .when()
    .get("/secure-endpoint")
    .then()
    .statusCode(200);

2️⃣ Scenario: Validating JSON Responses

Question

How would you validate that a specific field exists in a JSON response?

Solution

Use JSON path to extract and validate the field.

Code Snippet: Validating JSON Field
// Validate specific field in JSON response
given()
    .when()
    .get("/users/101")
    .then()
    .body("name", equalTo("John"))
    .body("email", equalTo("john@example.com"));

3️⃣ Scenario: Testing Edge Cases

Question

How would you test an API endpoint for invalid inputs?

Solution

Send requests with invalid data and validate error responses.

Code Snippet: Testing Invalid Input
// Test invalid email format
given()
    .body("{ \"name\": \"John\", \"email\": \"invalid-email\" }")
    .when()
    .post("/users")
    .then()
    .statusCode(400)
    .body("error", equalTo("Invalid email format"));

4️⃣ Scenario: Database Validation

Question

How would you verify that an API operation updates the database correctly?

Solution

Query the database after the API operation and compare results.

Code Snippet: Validating Database Update
// Query database
String query = "SELECT email FROM users WHERE id = ?";
int userId = 101;

try (Connection conn = DriverManager.getConnection(DB_URL, DB_USER, DB_PASSWORD);
     PreparedStatement stmt = conn.prepareStatement(query)) {

    stmt.setInt(1, userId);
    ResultSet rs = stmt.executeQuery();

    // Assert email is updated
    assertTrue(rs.next(), "User not found in database");
    assertEquals("john.new@example.com", rs.getString("email"), "Email not updated");
} catch (SQLException e) {
    fail("Database query failed: " + e.getMessage());
}

5️⃣ Scenario: Flaky Tests

Question

How would you handle a flaky API test that fails intermittently?

Solution

  1. Identify the root cause (e.g., race conditions, shared environments).
  2. Use unique test data to avoid conflicts.
  3. Mock external dependencies to stabilize tests.
Code Snippet: Using Unique Test Data
// Generate unique email for each test
String uniqueEmail = "testuser_" + UUID.randomUUID() + "@example.com";

given()
    .body("{ \"name\": \"Test\", \"email\": \"" + uniqueEmail + "\" }")
    .when()
    .post("/users")
    .then()
    .statusCode(201);

6️⃣ Scenario: CI/CD Integration

Question

How would you integrate API tests into a CI/CD pipeline?

Solution

  1. Write automated tests using tools like RestAssured or Postman.
  2. Configure build tools (e.g., Maven, Gradle) to execute tests.
  3. Set up CI/CD platforms (e.g., Jenkins, GitHub Actions) to run tests automatically.
Code Snippet: GitHub Actions Workflow
name: API Test Pipeline

on:
  push:
    branches:
      - main

jobs:
  api-tests:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v3

      - name: Run API tests
        run: mvn clean test

7️⃣ Scenario: Debugging Failures

Question

How would you debug an API test failure?

Solution

  1. Log request and response details.
  2. Validate status codes, headers, and response body.
  3. Check database state if applicable.
Code Snippet: Enabling Logs in RestAssured
// Log request and response details
given()
    .log().all()
    .when()
    .get("/users/101")
    .then()
    .log().all()
    .statusCode(200);

Key Takeaways 🎯

  • Practice real-world scenarios like authentication, JSON validation, and edge case testing.
  • Use tools like RestAssured, Postman, and JDBC for practical solutions.
  • Address common challenges like flaky tests and debugging failures.
  • Integrate API tests into CI/CD pipelines for continuous validation.
  • Prepare step-by-step solutions to demonstrate your problem-solving skills.