MD.

EBRAHIM HOSSAIN

SQA Engineer at

API TESTING INTERVIEW QUESTIONS

What is an application programming interface (API)?

a. API stands for Application Programming Interface, and it is a set of routines, protocols,
and tools for creating software applications. APIs define how one piece of software
should communicate with another.
b. API serves as a connection point between two software applications, allowing them to
communicate. A programming interface (API) is a set of software capabilities that another
application can use.
c. It can be considered as the waiter which acts as the middleman between your requests
and the chef. Similarly, API refers to the middleman between a client and a server.

What are the main differences between API and Web service?

All Web services are APIs but not all APIs are Web services. Web services might not contain
all the specifications and cannot perform all the tasks that APIs would perform.

A Web service uses only three styles of use: SOAP, REST, and XML-RPC for communication
whereas API may be exposed to in multiple ways.

A Web service always needs a network to operate while APIs don’t need a network for operation.

What is API Testing?

API testing is a kind of software testing that determines if the developed APIs meet expectations
regarding the functionality, reliability, performance, and security of the application.

What are the Limits of API Usage?

Many APIs have a certain limit set up by the provider. Thus, try to estimate your usage and
understand how that will impact the overall cost of the offering. Whether this will be a problem
depends in large part on how data is leveraged. Getting caught by a quota and effectively cut off
because of budget limitations will render the service (and any system or process depending on
it) virtually useless. Creating an API.

What are some architectural styles for creating a Web API?

This is one of the fundamental Web API interview questions. Bellows are four common Web API
architectural styles:
1. HTTP for client-server communication
2. XML/JSON as a formatting language
3. Simple URI as the address for the services
4. Stateless communication

Who can use a Web API?

 MD. EBRAHIM HOSSAIN

SQA Engineer at

Web API can be consumed by any clients that support HTTP verbs such as GET, PUT,
DELETE, and POST. Since Web API services do not require configuration, they can be easily
used by any client. In fact, even portable devices such as mobile devices can easily use Web
API, which is undoubtedly the biggest advantage of this technology.

What is API Testing?

API testing is a kind of software testing that determines if the developed APIs meet expectations
regarding the functionality, reliability, performance, and security of the application.

What are the advantages of API Testing?

In an API interview, they are likely to ask about the advantages of API testing. So be prepared
with the significant ones such as:
1. Test for Core Functionality: API testing provides access to the application without a
user interface. The core and code level of functionalities of the application will be tested
and evaluated early before the GUI tests. This will help detect the minor issues which
can become bigger during the GUI testing.
2. Time Effective: API testing usually is less time-consuming than functional GUI testing.
The web elements in GUI testing must be polled, which makes the testing process
slower. Particularly, API test automation requires less code so it can provide better and
faster test coverage compared to GUI test automation. These will result in the cost
savings for the testing project.
3. Language-Independent: In API testing, data is exchanged using XML or JSON. These
transfer modes are completely language-independent, allowing users to select any
coding language when adopting automation testing services for the project. Easy
Integration with GUI: API tests enable highly integrable tests, which is particularly useful
if you want to perform functional GUI tests after API testing. For instance, simple
integration would allow new user accounts to be created within the application before a
GUI test started.

Some common protocols used in API testing?

Many protocols are now available to be used in API testing, such as JMS, REST, HTTP, UDDI,
and SOAP.

What is the test environment of API?

Setting up the API’s test environment is not an easy task, so you should have a ready answer if
your API testing interview is coming. The test environment of API is a bit complete and requires
the configuration of the database and server, depending on the software requirements. No GUI
(Graphical User Interface) is available in this test form. When the installation process is
complete, API is verified for the proper operation. Throughout the process, the API called from
the original environment is set up with different parameters to study the test results.
What are the principles of an API test design?
The five most important principles of an API test design are:
 MD. EBRAHIM HOSSAIN

SQA Engineer at

1. Setup: Create objects, start services, initialize data, etc

2. Execution: Steps to apply API or the scenario, including logging
3. Verification: Oracles to evaluate the result of the execution
4. Reporting: Pass, failed, or blocked
5. Clean up: Pre-test state

What are the common API testing types?

While there are certainly specialty tests, and no list can be asked to be comprehensive in this
realm, most tests fit broadly into the following nine categories that you should remember before
attending an API testing interview.
1. Validation Testing
2. Functional Testing
3. UI testing
4. Load testing
5. Runtime/ Error Detection
6. Security testing
7. Penetration testing
8. Fuzz testing
9. Interoperability
10. WS Compliance testing

What is the procedure to perform API testing?

1. Choose the suite to add the API test case
2. Choose the test development mode
3. Demand the development of test cases for the required API methods
4. Configure the control parameters of the application and then test the conditions
5. Configure method validation
6. Execute the API test
7. Check test reports and filter API test cases
8. Arrange all API test cases

What must be checked when performing API testing?

During the API testing process, a request is raised to the API with the known data. This way you
can analyze the validation response. While testing an API, you should consider:
1. Accuracy of data
2. Schema validation
3. HTTP status codes
4. Data type, validations, order, and completeness
5. Authorization checks
6. Implementation of response timeout
7. Error codes in case
8. API returns
 MD. EBRAHIM HOSSAIN

SQA Engineer at

9. Non-functional testing like performance

10. Security testing

What is the best approach method to perform API testing?

The following factors should be considered when performing API testing:
1. Defining the correct input parameters
2. Verifying the calls of the mixture of two or more added value parameters
3. Defining the basic functionality and scope of the API program
4. Writing appropriate API test cases and making use of testing techniques such as
equivalence class, boundary value, etc. to check the operability Testing case execution
5. Comparing the test result with the expected result
6. Verifying the API behavior under conditions such as connection to files and so on.

What tools could be used for API testing?

There are a myriad of different API testing tools available. A few common tools are Katalon
Studio, Postman, SoapUi Pro, Tricentis Tosca, Apigee, etc.

What are the major challenges faced in API testing?

If you can overcome the challenges in API Testing, you can be confident in the API testing
interview too. They are: Parameter Selection Parameter Combination Call Sequencing Output
verification and validation Another important challenge is providing input values, which is very
difficult as GUI is not available in this case.

What are the testing methods that come under API testing?
One of the most common Web API testing interview questions is about the testing methods.
They are:
1. Unit testing and Functional testing
2. Load testing to test the performance under load
3. Discovery testing to list, create, and delete the number of calls documented in the API
4. Usability and Reliability testing to get consistent results
5. Security and Penetration testing to validate all types of authentication
6. Automation testing to create and run scripts that require regular API calls
7. End to end Integration and Web UI testing to determine its efficiency and effectiveness

Why is API testing considered the most suitable form for Automation testing?
API testing is now preferred over GUI testing and is considered as most suitable because: It
verifies all the functional paths of the system under test very effectively. It provides the most
stable interface. It is easier to maintain and provides fast feedback.

What are common API errors that are often found?

 MD. EBRAHIM HOSSAIN

SQA Engineer at

Not only API fundamental questions, the interviewer also determines your knowledge and
experience by asking about the API errors in a Web API testing interview. So the most common
ones are: Missing module errors Documentation errors Parameter validation errors And some
standard error expectations if the result is not so predicted then the occurrence of errors can be
seen and for the same warnings are specified in the form of a message. There can be one or
more warnings within an individual module.

What kinds of bugs that API testing would often find?

Missing or duplicate functionality Fails to handle error conditions gracefully Stress Reliability
Security Unused flags Not implemented errors Inconsistent error handling Performance Multi-
threading issues Improper errors Documenting the API

What is the API documentation?

The API documentation is a complete, accurate technical writing giving instructions on how to
effectively use and integrate with an API. It is a compact reference manual that has all the
information needed to work with the API and helps you answer all the API testing questions with
details on functions, classes, return types, arguments, and also examples and tutorials.

What are API documentation templates that are commonly used?

There are several available API documentation templates that help to make the entire process
simple and straightforward, which could be answered in your API testing interview, such as
Swagger Miredot Slate FlatDoc API blueprint RestDoc Web service API specification

When writing API documents, what must be considered?

Source of the content Document plan or sketch Delivery layout Information needed for every
function in the document Automatic document creation programs

How often are the APIs changed and, more importantly, deprecated?
APIs, especially modern RESTful APIs, are a nice creation that can certainly simplify and
accelerate integration efforts, which makes it more likely you will benefit from them. But APIs
can and do change for various reasons, sometimes abruptly, and hence REST APIs do not
differ from traditional integration methods in this respect. If an API call is obsolete and
disappears, your procedure will be interrupted and it is important to understand how often the
APIs you depend on change or are deprecated.

What is REST?
REST (Representational State Transfer) is an architectural style for developing web services
that exploit the ubiquity of HTTP protocol and use the HTTP method to define actions. It
revolves around a resource where every component is a resource that can be accessed through
a shared interface using standard HTTP methods. In REST architecture, a REST Server
provides access to resources and REST client accesses and makes these resources available.
Here, each resource is identified by URIs or global IDs, and REST uses multiple ways to
 MD. EBRAHIM HOSSAIN

SQA Engineer at

represent a resource, such as text, JSON, and XML. XML and JSON are the most popular
representations of resources nowadays.

What is a RESTFUL Web Services?

Mostly, there are two kinds of Web Services which should be remembered in your next API
testing interview:
1. SOAP (Simple Object Access Protocol) – an XML-based method to expose web services.
2. Web services developed in the REST style are referred to as RESTful web services.
These web services use HTTP methods to implement the concept of REST architecture. A
RESTful web service usually defines a URI, Uniform Resource Identifier as a service, and
provides resource representation like JSON and a set of HTTP methods.

What is a “Resource” in REST?

REST architecture treats any content as a resource, which can be either text files, HTML pages,
images, videos, or dynamic business information. REST Server gives access to resources and
modifies them, where each resource is identified by URIs/ global IDs.

What is the most popular way to represent a resource in REST?

REST uses different representations to define a resource like text, JSON, and XML. XML and
JSON are the most popular representations of resources.

Which protocol is used by RESTful Web services?

RESTful web services use the HTTP protocol as a medium of communication between the client
and the server.

What are some key characteristics of REST?

Key characteristics of REST are likely asked in a Web API Testing interview. So please get the
answer ready in your mind with these 2 ones:
REST is stateless, therefore the SERVER has no status (or session data) With a well-applied
REST API, the server could be restarted between two calls since all data is transferred to the
server Web service uses the POST method primarily to perform operations, while REST uses
GET for accessing resources.

What is messaging in RESTful Web services?

RESTful web services use the HTTP protocol as a communication tool between the client and
the server. The technique that when the client sends a message in the form of an HTTP
Request, the server sends back the HTTP reply is called Messaging. These messages
comprise message data and metadata, that is, information on the message itself.

What are the core components of an HTTP request?

An HTTP request contains five key elements:
1. An action showing HTTP methods like GET, PUT, POST, and DELETE.
 MD. EBRAHIM HOSSAIN

SQA Engineer at

2. Uniform Resource Identifier (URI), which is the identifier for the resource on the server.
3. HTTP Version, which indicates the HTTP version, for example HTTP v1.1.
4. Request Header, which carries metadata (as key-value pairs) for the HTTP Request
message. Metadata could be a client (or browser) type, format supported by the client, format of
a message body format, cache settings, and so on.
5. Request Body, which indicates the message content or resource representation.

What are the most commonly used HTTP methods supported by REST?
GET is only used to request data from a specified resource. Get requests can be cached and
bookmarked. It remains in the browser history and has length restrictions. GET requests should
never be used when dealing with sensitive data.
POST is used to send data to a server to create/update a resource. POST requests are never
cached and bookmarked and do not remain in the browser history.
PUT replaces all current representations of the target resource with the request payload.
DELETE removes the specified resource.
OPTIONS is used to describe the communication options for the target resource.
HEAD asks for a response identical to that of a GET request but without the response body.

Can GET request to be used instead of PUT to create a resource?

The PUT or POST method should be used to create a resource. GET is only used to request
data from a specified resource.

Is there any difference between PUT and POST operations?

PUT and POST operations are quite similar, except for the terms of the result generated by
them. PUT operation is idempotent, so you can cache the response while the responses to
POST operation are not cacheable, and if you retry the request N times, you will end up having
N resources with N different URIs created on the server. In a Web API Testing interview, you
should give a specific example for PUT and POST operations to make it crystal clear to the
interviewer. Below is an example: Scenario: Let’s say we are designing a network application.
Let’s list down a few URIs and their purpose to get to know when to use POST and when to use
PUT operations. GET /device-management/devices: Get all devices POST /device-
management/devices: Create a new device GET /device-management/devices/{id}: Get the
device information identified by “id” PUT /device-management/devices/{id}: Update the device
information identified by “id” DELETE /device-management/devices/{id}: Delete device by “id”

Which purpose does the OPTIONS method serve for the RESTful Web services?
The OPTIONS Method lists down all the operations a web service supports. It creates read-only
requests to the server.

What is URI?
 MD. EBRAHIM HOSSAIN

SQA Engineer at

What is the main purpose of REST-based web services and what is its format? URI stands for
Uniform Resource Identifier. It is a string of characters designed for unambiguous identification
of resources and extensibility via the URI scheme. The purpose of a URI is to locate a
resource(s) on the server hosting of the web service.

What is the payload in RESTFul Web services?

The “payload” is the data you are interested in transporting. This is differentiated from the things
that wrap the data for transport like the HTTP/S Request/Response headers, authentication,
etc.

What is the caching mechanism?

Caching is just the practice of storing data temporarily and retrieving data from a high-
performance store (usually memory) either explicitly or implicitly. When a caching mechanism is
in place, it helps improve delivery speed by storing a copy of the asset you requested and later
accessing the cached copy instead of the original.

What are SOAP Web services?

This is one of the fundamental Web services testing questions that you must know the answer
to. The SOAP (Simple Object Access Protocol) is defined as an XML-based protocol. It is
known for designing and developing web services as well as enabling communication between
applications developed on different platforms using various programming languages over the
Internet. It is both platform and language-independent.

How does SOAP work?

SOAP is used to provide a user interface that can be accessed by the client object, and the
request that it sends goes to the server, which can be accessed using the server object. The
user interface creates some files or methods consisting of a server object and the name of the
interface to the server object. It also contains other information such as the name of the
interface and methods. It uses HTTP to send the XML to the server using the POST method,
which analyzes the method and sends the result to the client. The server creates more XML
consisting of responses to the request of the user interface using HTTP. The client can use any
approach to send the XML, like the SMTP server or POP3 protocol to pass the messages or
reply to queries.

What are some tools used for API Testing?

There are many API testing tools. The following six are the top most according to the
users/downloads. These are not the rankings though.
1. Postman
2. SoapUI
3. Katalon Studio
4. Tricentis Tosca
5. Apigee
6. Jmeter
What is Postman?
 MD. EBRAHIM HOSSAIN

SQA Engineer at

1. Postman is an API platform for developers to design, build, test, and iterate their
APIs.
2. We can say Postman is an API platform for building and using APIs.
3. Postman is an API (application programming interface) development tool that helps to
build, test and modify APIs. Almost any functionality that could be needed by any
developer is encapsulated in this tool.
4. It is used by over 5 million developers every month to make their API development
easy and simple.

What is a collection in Postman?

A collection in Postman helps to group similar requests. It helps in systematically arranging the requests
into folders. Consider the Below example -

Why do we use Postman?

We use Postman for the following reasons:

1. It is free: Postman is free software that we can use for API testing. It is free to
download and use for teams of any size.
2. It is easy to use: Postman is an easy-to-use software tool. We can send HTTP
requests of various types (such as GET, POST, PUT, PATCH, etc.). We have to
download it, and we can send our first request in minutes. It also gives us the ability to
save environments for future use.
3. Community & Support: It has a huge community forum for customer support and
extensive documentation.
4. It is extensible: Postman facilitates us customizing it according to our needs with the
Postman API.
5. APIs Support: It facilitates us to make any API call (REST, SOAP, or plain HTTP)
and easily inspect even the largest responses. It also helps manage the end-to-end
 MD. EBRAHIM HOSSAIN

SQA Engineer at

lifecycle of the API - starting from design to mocking to testing and finally
maintaining the APIs.
6. Runtime Services: Postman provides Runtime Services that help us manage API
collections, environments, workspaces, and different examples.
7. Integration: Postman facilitates us to easily integrate test suites into our
preferred CI/CD tools and services, such as Jenkins with Newman(command-
line collection runner).

How will you log variable values in Postman?

We can log the variable values in Postman in the console by using the command:

console.log(pm.variables.get("variable_name"));

How do you access postman variables?

It can be accessed by using the variable name as:{{variable_name}}

What are the various authorization methods provided by Postman?

Postman provides the below API request Authorization Options: API Key Bearer Token, Basic
auth, Digest auth, Oauth 1.0, Oauth 2.0, Hawk Authentication, AWS Signature, NTLM
Authentication

What are the different types of API requests supported in Postman?

Postman supports the following types of requests:

● GET
● POST
● PUT
● PATCH
● DELETE
How are Query Params different from Path Variables?
Path Variables are used for identifying specific resources and Query Parameters are used for sorting or
filtering the resources.
 MD. EBRAHIM HOSSAIN

SQA Engineer at

What is Basic Auth in Postman?

Basic Auth in Postman is a type of authorization technique provided in Postman for HTTP user agents like
web browsers. It provides fields to enter username and password which when entered gets associated
with the request.

What encoding is accepted by Postman in authorization credentials?

Postman accepts authorization credentials in Base64 encoding format only. It is provided in

Postman by default. If we do not want to use an inbuilt encoding system, we can refer to third-
party websites for converting the credentials into base64 format.

Can we have the same names for global variables in Postman?

The scope of global variables is limited to the workspace and is global. Due to this, variables
having global scope cannot have the same names. We can have the same names for local
variables but they need to be part of different variables.

What do you know about the postman monitor?

Monitoring is a method of staying in sync with the health and performance of the APIs. Postman
provides inbuilt monitoring services that help us be in sync with the API development and
performance. The monitors provided by Postman are mainly based on the working of collection
 MD. EBRAHIM HOSSAIN

SQA Engineer at

runners.

What is a binary form in POST methods?

The binary form is designed to help send data in a format that is not possible to be entered
manually. These options are used while sending large files like images, CSV files, etc in the
POST request. Binary representation is the easiest representation for sending complex data
with the request.

What are the limitations of Postman?

1. Postman is not suitable for processing 1000+ API requests.

2. If the project is very large, managing the collections and requests becomes
cumbersome.
3. It is not suitable if we want to manage the workspace in the form of code as there
would be a lot of code duplication for dynamic API requests.
How can you save the responses of an API to a file in Postman?

We can do this in two ways:

1. Click on the Download button in the response section.

2. Click on the arrow beside the send button - There will be an option to send and
download. Clicking on it will prompt Postman to ask the location of saving the
response and post the successful execution of the request.
What are the two types of scripts in Postman

● Tests script
● Pre-request script
 MD. EBRAHIM HOSSAIN

SQA Engineer at

What is the significance of the 301 status code?

The 301 status code represents permanent redirects from one website page to another. It tells the search
engine that the old page is outdated and the engine has to index the new page URL.

What is the History tab in Postman?

All the requests you send in Postman appear under the History tab of the sidebar. It is very
much similar to browser history, which you can clear whenever you want.

How do you access the history of requests in Postman?

The request history can be accessed in the History tab provided on the Postman application. If
we sign into the Postman account, then the history will be synced across the devices where you
are logged in. When you click on any of the requests present in the History tab, the view opens
the request that we saved while we were working on it earlier. History also consists of the
collection runs that were executed as summarized versions.

What is an HTTP request?

An HTTP request is a program that the client makes to a name host located on a server. It
works as a communication interface or a request-response protocol between a client and
server. The primary use of the HTTP request is to access a resource on the server. To initiate
the HTTP request, the client uses components of a URL (Uniform Resource Locator) that also
includes the information needed to access the resource.

State The Core Components of an HTTP Response?

In Postman, every HTTP response contains four key elements.
 MD. EBRAHIM HOSSAIN

SQA Engineer at

1. Response/Status Code- There are response code issues by a server for a

client’s request, as 404 means Page Not Found.
2. HTTP Version- HTTP version name. For example, HTTP v2.2
3. Response Header- It included information for the HTTP response message. For
example, The content length, date, status, server type, etc.
4. Response Body – It contains the data that a client requested from the server.

Does Postman provide a feature to log requests and responses?

Postman does allow viewing of requests and response parameters in the software application
itself. However, it is important to see how the request was sent upon applying the pre-request
scripts. In such cases, Postman has an additional tool called “Postman Console” which is used
for viewing every request and response detail. We can also log the details in the console by
using console.log statements in the scripts.

What is a binary form in POST methods?

Post binary firm is designed to send the information in a format that is impossible to enter manually.
These options are used while sending large files like CSV files, etc.

What is the main difference between Authorization and authentication?

Here are a few differences between authorization and Authentication:

1. Authorization is the act of allowing or permitting someone, whereas

authentication is proving that something is genuine.
2. Authorization always comes first, while authentication comes after
authorization.
3. Authorization is open to anyone with permission, whereas authentication
requires you to have a password.

What is the Payload in Postman?

The Payload of an API Module is the body of your request and response message. When making an API
request, it contains the data you send to the server. You can send and receive Payload in various
formats, for example, JSON or XML.

What is a Pre-Request script?

Pre-request scripts help you to execute JavaScript before a request runs. It allows you to accomplish pre-
processing tasks like setting variable values, parameters, headers, and body data.

What is the meaning of the term environment in Postman?

The environment in Postman is a set of key-value pairs. Postman allows you to build multiple
environments and switch among them with a click of a button.
 MD. EBRAHIM HOSSAIN

SQA Engineer at

Is it possible to import local variables in Postman Monitors?

Postman monitors allow you to import local variables but not global variables.

Can you have two global scope variables with the same name in Postman?

No, the global scope never has duplicate/same names, while variables having local scope can have the
same name in various environments.

How do you remove local variables?

Local variables are automatically removed once the tests have been executed.

What are Postman Collection runners?

Postman contains a collection runner that is useful for automating API testing. It helps
visualize the details of each iteration and test results. A postman collection runner is also
used for Data-driven testing.

Why is saving your work in the Postman cloud is not advisable?

You should not save your work in Postman as your business details do not remain confidential.
Moreover, saving your on-Postman cloud may cause a security breach as it requires sign-in.
Therefore, saving your work in the Postman cloud is not advisable.

What are the standard rules of an API test design?

Here are the key principles of an API test design:

1. Setup: Create objects, start services, and initialize data.

2. Execution: Apply API or the scenario, including logging
3. Verification: It is used for evaluating the result of the execution
4. Reporting: Indicates Pass, failed, or blocked status
5. Clean up: Pre-test state
Which programming language is used for Postman tests?

JavaScript is used for Postman tests.

What are some of the JS libraries available in Postman?

Some JS libraries available in Postman are

1. Lodash
2. Moment
3. GUID

What is GUID?

GUID is short for Global Unique Identifier. It is hexadecimal digits that are separated by hyphens. This
Postman identifier GUID solves the purpose of uniqueness.
 MD. EBRAHIM HOSSAIN

SQA Engineer at

What is the importance of setNextRequest in Postman?

setNextRequest helps you to define the workflow. It is needed to change the order of the
requests being executed.

What test code allows you to check whether the response status is 200 or not?

Following is a test code to check whether the response status is 200 or not: tests

pm.test("Status code is 200", function () {

pm.response.to.have.status(200);

});

Describe any four response things you receive from a response (Correct or Incorrect)

Status Code

1. Response Status
2. Response time
3. Response Size
4. Response Headers
5. Response Cookies
6. Response Date and Time
7. Response Session limit
8. Response Cookies
9. Response Server
10. Response type

How can you iterate a request 100 times in Postman?

You can iterate a request 100 times in Postman by using Collection Runner.
 MD. EBRAHIM HOSSAIN

SQA Engineer at

Can you read the Postman Chrome application to read and write cookies?

No, it is impossible to read and write cookies using the app.

Postman is available as a native desktop app for?

The Postman API testing tool is currently available for Mac, Windows (32-bit / 64-bit), and Linux
(32-bit / 64-bit).

What is status code 201?

Status code 201 is created only when a resource is successfully created using a PUT or POST
request. It returns a link to a newly created one with the help of the location header.

What are the different types by which we can see the response body in Postman?
Explain.
 MD. EBRAHIM HOSSAIN

SQA Engineer at

In Postman, a response body can be seen in three different types.

1. Pretty
2. Raw
3. Preview
Although all three have their own importance and value in Postman, the most commonly used is Pretty as
it shows the response code in different formats and colors which makes it easy to read and analyze the
response. It is just like any good text editor used for coding

What is the "Bulk Edit" feature of Postman used for?

The Bulk Edit feature of Postman is used for the convenience of adding parameters to a new
request from the previous request. Since a request can have many parameters and it is very
difficult to copy and paste one by one, the bulk edit feature helps us copy all the keys and their
respective values at once and paste them.

Why do we group requests under collections when collection is already a grouping of requests?

A collection may have hundreds of requests under it. We need to subcategorize the requests according to
a more specific category so that it is easier for us to find them, edit them, or modify them. For this, we use
folders in collections. A collection may have many folders inside it and a folder may have many requests.
This way we can generalize the types of requests to a deeper level than the collections which are already
generalized. For ease, a collection can be considered a folder "Movies" in your system which has all the
movies. A folder can be considered as different folders inside "Movies" like Hollywood, Bollywood, etc
which have respective types of movies.

Which method should you prefer? Javascript or Functional to write the tests?

It is advised and recommended to use the functional method while writing tests in Postman. Although
there has been no notice of ending the support for the JS method.

What is the need to monitor the collections in Postman?

It is very important that your API’s responses and performance remain up to the mark
throughout the day. Monitors can help you schedule a collection of test runs to monitor the
performance and response of your APIs even if you are not available or not handling them.

Can we run monitors in Postman without Signing in?

No, monitors cannot be run without signing in because monitors run your collection even if
your system is shut down. So, you need a place to store the collection and let it run
automatically. You also need a place to store the reports so that you can look at them when
 MD. EBRAHIM HOSSAIN

SQA Engineer at

you are free. This all needs to be saved into your Postman account and hence you need to
sign in

What is the Chai Assertion Library?

Chai assertion library is an assertion library that is installed beforehand to use in Postman. This is used to
write assertions in Postman which is very beneficial. Chai assertion helps us write many lines of test code
in a few lines which is both understandable and readable. Chai uses the BDD approach which means that
the Chai library has codes that are more user-friendly.

A simple code is written in the chai library which tests if number 3 is already in the array or not.

pm.test(“Number included”, function(){ pm.expect([1,2,3]).to.include(3); });

In a Collection Run, what will execute first?

In a Collection run, pre-request scripts at the Collection level are executed first.

What is "x-www-urlencoded" in the Post method in Postman?

Form data and x-www-form-urlencoded are very similar. They both are used for almost the same
purposes. But the difference between the form data and x-www-form-urlencoded is that the URL will be
encoded when sent through x-www-form-urlencoded. Encoded means the data that is sent will be
encoded to different characters so that it is unrecognizable even if it is under attack.

What command line interface is used with Postman normally to serve continuous integration.
Newman is used with Postman normally as a command line interface to serve continuous
integration.

Write the command for running a folder in Newman.

In Newman, it is not necessary to run the complete collection to check just a bunch of requests. This is
obviously time-consuming and not recommended. We can also run just a folder located inside a collection
in the Newman. For running a folder in Newman, the following command is used

newman run <collection_name> –folder <folder name>

How can Postman collections run through the command line?

Postman has a command-line integration tool called Newman with which you can run any existing
Postman collection.

Newman is a node js-based package, which requires just a node environment to execute the collection
and has full parity with the Postman collection runner i.e. the Newman collection runner supports the
Postman capabilities like Running assertions, Pre-request scripts or any other scripts that are associated
with the requests that are a part of the collection.

To use Newman:
 MD. EBRAHIM HOSSAIN

SQA Engineer at

● You need to have a node installed.

● Now the Newman package needs to be installed through npm using the command.
○ npm install -g newman
● The collection needs to be executed and the associated environment
configuration should be first exported to its JSON form through the Postman
application
● Now run the below command to run the Postman collection through Newman.
○ newman run {{path to collection json}} -e {{path to environment json if any}}

How can you generate HTML based reports running tests through the Postman?

Newman uses the concept of reporters and templates to generate HTML reports for the executed
collection. Hence, to generate HTML reports, you first need to install a reporter. You can install any of the
available HTML reporters like Newman-reporter-html as a node package through the below command.

npm install -g newman-reporter-html

Once the HTML reporter is installed, we can use the Newman command to run the collection with -r flag
i.e. the reporter flag, and specify the reporter name as HTML.

The below command is used:

newman run {{path to collection json}} -e {{path to environment json if any}} -r html

Why is Base64 encoding primarily used in Postman?

Base64 encoding is primarily used because it does the task of data transmission in a textual
format that is easier to send in the requests in HTML form statistics format.

Another reason why we use this is that using identical 64 characters for encoding is heavily
reliable in any language we use.

Why does Postman never accept any other encoding apart from Base64?

You can use base64 as it helps us transmit the data into the textual form and send it as HTML form data.
Moreover, we must rely upon the same 64 characters in any encoding language.

Is it preferable to save our work on Postman Cloud?

When working on enterprise-level applications for organizations, it is not preferred to store
our work on the Postman cloud because of the required privacy and security. In the
Postman cloud, there are chances of security breaches by a skilled hacker.

What are the various variable scopes provided by Postman?

Postman has the following variable scopes:

1. Global Variables
 MD. EBRAHIM HOSSAIN

SQA Engineer at

2. Local Variables
3. Environment Variables
4. Collection Variables
5. Data Variables

Is it possible to reuse the authentication token for multiple requests?

You can indeed use the authentication token more than once. To do this, create a collection,
add all requests with the same authentication token, and then assign the Collection with the
auth token to the Collection. By choosing "Inherit auth from parent" under the Authorization tab,
we may apply it to each request separately.

What do you understand about ScratchPad?

Scratch Pad is a space provided by Postman that helps us to work without being connected to
Postman servers. It provides the flexibility of utilizing some of the features of Postman offline.
The features include- collection creation, creating requests, and the ability to send requests.
These are stored locally and once logged in, the work is saved into the workspace.

What is the Postman execution order for a collection?

For all the requests in a collection, the scripts will execute in the following order:

Step 1) A pre-request script associated with a collection will run before every
request.

Step 2) A pre-request script associated with a folder will run before every request in a specific
folder.

Step 3) A test script associated with a collection will run after every request.

Step 4) A test script associated with a folder will run after the request in the specific folder.

How will you stop the execution of upcoming requests or Stop the execution of the
collections?
A:- We can use the below code to stop the execution of the next request:
pm.setNextRequest(null);

What do you understand by the pre-request script?

Pre-request scripts are those scripts that are used for executing Javascript code before a
request is run. It is used for performing pre-processing tasks like setting variables, parameters,
headers, body data, etc., are performed using it.

How can we use Custom Javascript libraries in our scripts with an example?
 MD. EBRAHIM HOSSAIN

SQA Engineer at

Postman provides a lot of built-in tools and libraries that we can use to add in our pre-request
or post-request scripts or test cases. Let us take the example of using the moment.js library. It
provides a lot of useful functions to format data around time. Consider that we have a POST
request that needs to specify the created date to the user which expects the format
“DD/MM/YYYY”. We can use the moment library to perform this using a single line of code. In
our pre-request script, we need to add the below lines of code to get the correctly formatted
data and then store that in an environment variable:

var moment = require('moment');

pm.environment.set('createdDate',moment().format('DD/MM/YYYY'));

If we have a global and a local variable of the same name, which one will be given the
most preference in Postman?

In such cases, the higher precedence is given to the local variable by overwriting the value of
the global variable.