1. What are the key principles of REST architecture?
REST (Representational State Transfer) follows these principles:
- Statelessness: Each request must contain all the necessary information.
- Client-Server Architecture: Separation between client and server.
- Uniform Interface: Standardized URIs and HTTP methods.
- Cacheability: Responses can be cached.
- Layered System: Supports intermediaries like proxies.
- Code on Demand (optional): Server can return executable code.
2. How do you differentiate between PUT and PATCH methods?
- PUT: Replaces the entire resource. Idempotent.
- PATCH: Partially updates a resource. May not be idempotent.
3. What is idempotency in REST APIs? Why is it important?
Idempotency means multiple identical requests have the same effect as a single one.
Ensures safe retries, especially with PUT and DELETE methods.
4. What are status codes in REST APIs?
- 200 OK: Request successful.
- 201 Created: Resource created.
- 204 No Content: Success, no body.
- 400 Bad Request: Client-side error.
- 401 Unauthorized: Auth failure.
- 403 Forbidden: No permission.
- 500 Internal Server Error: Server-side error.
5. How do you handle versioning in REST APIs?
Common strategies:
- URI Versioning: /api/v1/resource
- Header Versioning: Accept: application/vnd.api.v1+json
- Query Parameters: ?version=1
6. What are some common security mechanisms you can apply to REST APIs?
- HTTPS
- JWT/OAuth2/API Keys
- Rate limiting
- CORS
- Input validation
7. Explain the difference between request parameters, query parameters, and path variables.
- Path Variables: Identify specific resources (/users/123).
- Query Params: Filter or sort data (/users?sort=name).
- Request Params: Includes all parameters in request.
8. How would you handle large file uploads via a REST API?
- Chunked uploads
- Presigned URLs
�- Streaming
- Multipart/form-data
9. How do you ensure backward compatibility in RESTful services?
- Avoid removing fields
- Add non-breaking fields
- Use versioning
- Contract testing
10. What tools do you use to test and document REST APIs?
- Testing: Postman, Curl, Swagger UI
- Documentation: Swagger/OpenAPI, ReDoc, Postman
