Samaya Tech Consultant

APIs

Api aggregation?

API aggregation merges data from multiple APIs into a single response.

Api authentication vs authorization?

Authentication verifies identity; authorization defines access permissions.

Api authentication?

API authentication verifies the identity of the client accessing the API.

Api authorization?

API authorization determines what resources or actions an authenticated client is allowed to access.

Api backward compatibility?

Ensuring that changes in API do not break existing clients using older versions.

Api caching?

API caching stores responses temporarily to reduce load and improve performance.

Api client?

An API client is a program or application that sends requests to an API and processes responses.

Api contract?

An API contract defines the expected request/response format headers status codes and behavior.

Api cors policy?

CORS policy restricts cross-origin requests for security allowing only permitted domains to access the API.

Api deprecation?

API deprecation is the process of marking an API or feature as obsolete and guiding clients to use alternatives.

Api documentation?

API documentation provides instructions endpoints parameters and examples for using an API.

Api endpoint testing?

Endpoint testing verifies that each API endpoint functions correctly and returns expected responses.

Api gateway?

An API gateway is a single entry point for multiple APIs that handles routing authentication and monitoring.

Api health check?

API health check monitors API status to ensure it is up responsive and functioning correctly.

Api idempotency key?

An idempotency key prevents duplicate processing of the same request.

Api latency?

API latency is the time taken for a request to travel from client to server and receive a response.

Api lifecycle?

API lifecycle includes design development testing deployment monitoring versioning and retirement.

Api load balancing?

Load balancing distributes incoming API requests across multiple servers to ensure availability and performance.

Api logging?

API logging records requests responses and events for debugging auditing and analytics.

Api mocking?

API mocking simulates API responses without the actual backend implementation for testing purposes.

Api monitoring tool?

Tools like Postman New Relic or Datadog track API performance uptime and errors.

Api orchestration vs aggregation?

Orchestration coordinates multiple API calls to complete a workflow; aggregation merges multiple API responses into one.

Api orchestration?

API orchestration combines multiple API calls into a single workflow to complete complex tasks.

Api proxy?

An API proxy is an intermediary that forwards API requests to backend services often used for security and routing.

Api rate limiting strategy?

Rate limiting strategies include token bucket fixed window sliding window and leaky bucket algorithms.

Api rate limiting window?

Rate limiting window defines the time interval in which the maximum requests are counted.

Api response time?

API response time is the duration between request submission and response reception.

Api sandbox?

API sandbox is a testing environment that simulates API behavior without affecting production.

Api security?

API security protects APIs from unauthorized access attacks and misuse.

Api server?

An API server handles incoming requests from clients processes them and returns responses.

Api testing?

API testing verifies that APIs work as expected including functionality performance and security.

Api throttling in cloud?

In cloud API throttling prevents excessive requests to ensure fair usage and system stability.

Api throttling limit?

Throttling limit defines the maximum allowed requests per time window.

Api throttling pattern?

The throttling pattern limits excessive API calls to prevent system overload.

Api throttling vs caching?

Throttling limits request rate; caching stores frequent responses to improve performance.

Api throttling vs quota?

Throttling limits request rate; quota defines maximum allowed usage over a longer period.

Api throttling vs rate limiting?

Throttling controls the number of requests over time; rate limiting restricts requests per client or IP.

Api tokens?

API tokens are credentials used to authenticate and authorize API requests.

Api versioning best practice?

Best practice: include version in URL (e.g. /v1/resource) or header to maintain backward compatibility.

Api versioning?

API versioning allows maintaining multiple versions of an API to ensure backward compatibility.

Api?

An API (Application Programming Interface) is a set of rules that allows software applications to communicate with each other.

Cors?

CORS (Cross-Origin Resource Sharing) is a security feature that allows or restricts resource requests from different domains.

Diffbet rest and soap?

REST is lightweight stateless and uses HTTP; SOAP is protocol-based heavier and uses XML messages.

Diffbet synchronous and asynchronous apis?

Synchronous APIs wait for a response immediately; asynchronous APIs return immediately and process in the background.

Endpoint in apis?

An endpoint is a specific URL where an API can access resources or perform operations.

Explain api client sdk.

API client SDK is a prebuilt library that helps developers interact with an API using language-specific methods.

Explain api gateway vs reverse proxy.

API gateway manages routing security and monitoring for APIs; reverse proxy forwards client requests to servers.

Explain api idempotency vs retry.

Idempotency ensures repeated requests have no extra effect; retry may resend requests safely using idempotency keys.

Explain api key authentication.

API key authentication uses a unique key provided to clients to access the API.

Explain api load testing.

API load testing evaluates performance under heavy usage to identify bottlenecks and ensure scalability.

Explain api mocking vs stubbing.

Mocking simulates API behavior for testing; stubbing provides fixed responses for predefined inputs.

Explain api monitoring.

API monitoring tracks availability performance errors and usage patterns to ensure reliability.

Explain api pagination.

Pagination splits large API responses into smaller manageable chunks for efficient data transfer.

Explain api request headers.

Request headers carry metadata like authentication tokens content type and caching instructions.

Explain api response codes 2xx

4xx 5xx. 2xx = success 4xx = client error 5xx = server error.

Explain api security best practices.

Use authentication authorization HTTPS input validation rate limiting and logging to secure APIs.

Explain api testing types.

Types include functional performance security integration and contract testing.

Explain api throttling algorithm.

Algorithms include fixed window sliding window token bucket and leaky bucket to control request rates.

Explain api versioning strategies.

Strategies: URI versioning (/v1/resource) request header versioning query parameter versioning (?version=1).

Explain endpoint security.

Endpoint security ensures that each API endpoint is protected using authentication authorization and encryption.

Explain oauth scopes.

OAuth scopes define the permissions and access level granted to a client application.

Explain oauth.

OAuth is an authorization framework that allows third-party applications limited access to user resources without exposing credentials.

Explain rate limit headers.

Rate limit headers indicate remaining requests and reset time to clients for API usage management.

Explain rate-limiting vs throttling.

Rate-limiting controls API usage over time; throttling limits request rate per user or session.

Explain response codes in rest.

Common HTTP response codes include 200 (OK) 201 (Created) 400 (Bad Request) 401 (Unauthorized) 404 (Not Found) 500 (Server Error).

Explain rest api vs graphql.

REST uses multiple endpoints for resources; GraphQL uses a single endpoint allowing flexible queries.

Explain rest api vs rpc.

REST API is resource-based with standard HTTP methods; RPC (Remote Procedure Call) executes functions/methods on a remote server.

Explain rest constraints.

REST constraints include client-server statelessness cacheability layered system code-on-demand (optional) and uniform interface.

Explain restful status codes.

Status codes indicate API response results: 200 (OK) 201 (Created) 400 (Bad Request) 401 (Unauthorized) 404 (Not Found) 500 (Server Error).

Explain the diffbet put and patch.

PUT updates a resource entirely; PATCH updates only specified fields.

Graphql?

GraphQL is a query language for APIs that allows clients to request exactly the data they need.

Hateoas?

HATEOAS (Hypermedia as the Engine of Application State) is a REST principle where responses include links to related actions.

Hmac authentication?

HMAC authentication uses a hash-based message authentication code to verify request integrity and authenticity.

Http methods used in rest?

Common HTTP methods are GET POST PUT DELETE PATCH and OPTIONS.

Idempotency in apis?

Idempotency ensures that multiple identical requests produce the same result without side effects.

Idempotent api method?

An idempotent method (GET PUT DELETE) produces the same result even if called multiple times.

Jwt?

JWT (JSON Web Token) is a compact self-contained token used for securely transmitting information between parties.

Oauth 2.0?

OAuth 2.0 is an authorization framework allowing applications limited access to user resources.

Oauth refresh token?

A refresh token is used to obtain a new access token without re-authentication.

Openid connect?

OpenID Connect is an authentication layer on top of OAuth 2.0 for verifying user identity.

Polling?

Polling repeatedly checks an API at intervals to get updates.

Rate limiting?

Rate limiting restricts the number of API requests a client can make in a given time period to prevent abuse.

Rest api documentation?

REST API documentation explains endpoints methods parameters responses and examples for developers.

Rest client?

A REST client sends HTTP requests to REST APIs and processes responses.

Rest server?

A REST server handles HTTP requests from clients processes them and sends responses.

Rest?

REST (Representational State Transfer) is an architectural style that uses HTTP methods and stateless communication.

Restful api resource?

A RESTful resource is an identifiable object that can be accessed and manipulated via HTTP methods.

Restful resource?

A RESTful resource is an object or entity that can be accessed and manipulated using HTTP methods.

Soap action?

SOAP action specifies the intent of a SOAP HTTP request for proper routing and execution.

Soap envelope?

SOAP envelope wraps the XML message to define structure header and body for SOAP communication.

Soap fault?

SOAP fault is an error message returned by a SOAP API to indicate processing issues.

Soap vs rest?

SOAP is protocol-based and formal with XML; REST is architectural stateless and uses lightweight formats like JSON.

Soap?

SOAP (Simple Object Access Protocol) is a protocol for exchanging structured XML-based messages over a network.

Statelessness in rest?

Statelessness means each request from a client to server contains all necessary information without relying on server memory.

Swagger/openapi?

Swagger/OpenAPI is a standard framework for documenting and testing RESTful APIs.

Throttling in apis?

Throttling limits API usage to control traffic and prevent server overload.

Tools are used for api testing?

Common tools include Postman SoapUI JMeter and RestAssured.

Types of apis?

Common types are REST SOAP GraphQL WebSocket and RPC APIs.

Versioning in rest apis?

Versioning ensures backward compatibility when APIs evolve using URLs headers or query parameters.

Webhook?

A webhook is an HTTP callback that notifies a client when an event occurs on the server.

Xml vs json in apis?

XML is verbose and strict; JSON is lightweight human-readable and widely used in REST APIs.

Web API

.net framework supports asp.net web api

Web API is supported in .NET Framework 4.0 and above., Also supported in .NET Core / .NET 5+ with ASP.NET Core Web API.

.net framework supports web api?

Web API is supported in .NET Framework 4.0+, .NET Core, and ASP.NET MVC., It is also part of ASP.NET Core as minimal APIs., It is widely used for building RESTful applications.

“api/” segment used in web api routing

It distinguishes Web API routes from MVC routes., Helps routing engine send requests to ApiController instead of MVC controller.

Advantages of using asp.net web api

Web API allows building RESTful services accessible via HTTP., Supports multiple formats like JSON and XML., Lightweight, easy to consume, and platform-independent., Integrates easily with clients like browsers, mobile apps, and IoT devices.

Advantages of using rest in web api

Stateless and lightweight, Uses standard HTTP methods, Easy to consume by multiple clients, Scalable and platform-independent

Advantages of web api:

Supports REST and standard HTTP verbs (GET, POST, PUT, DELETE)., Lightweight compared to WCF., Supports JSON/XML formatting automatically., Works easily with multiple platforms and devices.

Api filters?

Filters are attributes that allow you to run code before or after an action., Types: Authorization filters, Action filters, Exception filters, Result filters., Used for logging, caching, authentication, and error handling.

Asp.net web api routing

Routing maps URLs to controller actions., Supports convention-based (default) and attribute-based routing., Helps Web API respond correctly to HTTP requests.

Asp.net web api?

ASP.NET Web API is a framework to build HTTP services., It allows clients to communicate via HTTP using RESTful principles., Supports JSON, XML, and multiple platforms.

Benefit of using rest in web api?

REST is lightweight, fast, and easy to implement., It supports multiple data formats like JSON and XML., It is scalable and suited for distributed systems.

Benefit of web api over wcf?

Web API is lightweight, REST-based, and easy to use with HTTP., It supports browsers, mobile apps, and IoT more naturally., WCF is more complex and suited for SOAP-based enterprise systems., Web API is easier to extend and supports modern architectures.

Biggest disadvantage of “other return types” in web api?

They don’t give full control over the response format., Developers cannot easily set status codes, headers, or content negotiation., This limits flexibility in REST design.

Caching and its types

Caching stores frequently accessed data to improve performance., Types:, Output Caching: Stores generated responses., Data Caching: Stores data objects in memory., Distributed Caching: Shared across servers.

Can a web api return an html view?

By default, Web API returns data, not HTML views., Returning HTML is possible, but not recommended., It is designed for RESTful services to serve JSON/XML.

Can we register an exception filter from the action?

You can register an exception filter by using the [OverrideExceptionFilters] or custom attribute on an action., Apply it directly above the action method., Example: [CustomExceptionFilter] before the action., This applies filtering only to that specific method.

Can we return view from asp.net web api method?

No, Web API is meant for data responses, not views., Controllers return JSON, XML, or HTTP status codes., For views, use MVC controllers instead.

Can we use web api 2 in a console app?

Yes, Web API 2 can be self-hosted in a console application., It uses OWIN or SelfHost packages., It allows API hosting without IIS., Useful for microservices, embedded services, and background apps.

Can we use web api with asp.net web form?

You can host Web API in the same project., Configure routing in Global.asax., Web Forms can call API endpoints using AJAX or HTTP clients.

Can you use web api with asp.net web form?

Yes, Web API can coexist with Web Forms., Routing must be configured to avoid conflicts., Useful for gradual migration.

Choose web api over wcf

Simpler to develop RESTful services., Supports multiple clients natively., Lightweight and easier to maintain than WCF.

Code for passing arraylist in web api:

public HttpResponseMessage Post([FromBody] List data), {, return Request.CreateResponse(HttpStatusCode.OK, data);, }

Code snippet to register exception filters in a controller:

[CustomExceptionFilter], public class HomeController : ApiController, {, }, This applies the exception filter across all actions within that controller., Useful for consistent error handling.

Code snippet to return 404 using httperror:

return Request.CreateErrorResponse(HttpStatusCode.NotFound, "Resource not found");, This creates an HttpError message with a 404 status and sends it back to the client., It is useful when the requested resource does not exist.

Consume web api?

Any client that supports HTTP can consume Web API., This includes browsers, mobile apps, IoT devices, desktop apps, and third-party systems., It supports cross-platform communication using JSON/XML., It is ideal for distributed applications.

Consume web api?

Any client that can make HTTP requests., Examples: Browsers, mobile apps, desktop apps, other servers., No dependency on .NET; supports cross-platform access.

Content negotiation in asp.net web api

It selects the best response format based on client request., Supports JSON, XML, or custom media types., Determined via HTTP Accept header., Helps APIs serve multiple clients seamlessly.

Cors in web api?

CORS (Cross-Origin Resource Sharing) allows Web APIs to be accessed from different domains., It prevents security errors when browsers request resources from another domain., Configured via headers or EnableCors attribute in Web API., Helps in building APIs for web and mobile clients.

Default http response for uncaught exceptions?

Web API returns 500 Internal Server Error for unhandled exceptions., This indicates a server-side failure., It is recommended to use Exception Filters for custom handling.

Default status code for uncaught exceptions in web api?

By default, Web API sends 500 Internal Server Error for unhandled exceptions., This indicates a server-side processing failure., Exception filters can customize error output., It ensures standard error reporting.

Diffbet apicontroller and controller

Controller is used in MVC to return Views (HTML)., ApiController is used in Web API to return data (JSON/XML)., ApiController automatically handles HTTP status codes., Controller supports View rendering and model binding.

Diffbet apicontroller and controller

ApiController is for Web APIs, returning data (JSON/XML)., Controller is for MVC, returning views (HTML)., ApiController doesn’t support View rendering or session state by default., Action methods in ApiController respond to HTTP verbs automatically.

Diffbet http get vs http post

GET: Retrieves data, idempotent, parameters in URL, limited size., POST: Sends data, not idempotent, parameters in body, supports large payloads., GET can be cached; POST is usually not cached.

Diffbet mvc and web api:

MVC is used for building server-side rendered web applications., Web API is used for building HTTP-based services returning JSON/XML., MVC returns Views, while Web API returns data., Web API is optimized for REST communication.

Diffbet rest api and restful api

REST API: Any API following REST principles., RESTful API: Strictly adheres to REST constraints (stateless, resource-based, uses HTTP verbs).

Diffbet web api and wcf

Web API: Lightweight, HTTP/REST, JSON/XML, stateless., WCF: SOAP-based, supports multiple protocols, heavier., Web API is simpler for web/mobile services.

Diffbet xml and json

XML: Verbose, supports attributes and complex schemas., JSON: Lightweight, easier to parse, widely used in REST APIs., JSON is preferred in modern web applications for speed and simplicity.

Exception filters in asp.net web api

Filters handle unhandled exceptions globally or per-controller., They help in logging errors and returning meaningful responses., Implemented via IExceptionFilter or [ExceptionFilter] attributes., Ensures consistent error handling across the API.

Explain different http methods:

GET: Fetches data from the server., POST: Creates a new resource., PUT: Updates an existing resource fully., DELETE: Removes a resource., Other methods include PATCH (partial update), HEAD (headers only), and OPTIONS (capabilities query).

Explain error handling in web api.

Handled using Exception Filters, Try-Catch blocks, and custom middleware., Can log errors and send meaningful HTTP responses., Ensures better debugging and user experience.

Explain exception filters.

Exception filters handle unhandled errors centrally., They allow logging and returning custom error responses., Applied globally or per controller.

Explain media type formatters

Media type formatters serialize and deserialize data in Web API., Examples: JsonMediaTypeFormatter, XmlMediaTypeFormatter., They convert objects to JSON/XML or vice versa depending on request headers.

Explain rest and restful.

REST is an architectural style using HTTP principles., RESTful services implement REST rules like statelessness and resource-based URIs., They use standard HTTP verbs.

Explain web api routing.

Routing maps URL patterns to controller actions., Supports two types: convention-based and attribute routing., Attribute routing gives more flexibility.

Frameworks are compatible for building web api services?

Web API can be built using ASP.NET Framework, .NET Core, and .NET 5/6+., It works with MVC, Entity Framework, and OWIN., It can also integrate with cross-platform frameworks., Supports deployment in cloud, containers, and IIS environments.

Has web api replaced wcf?

Yes, for REST services, Web API is preferred., WCF is still used for SOAP, duplex, and enterprise applications., Web API is simpler and aligned with web standards., Both may still coexist depending on use case.

Http status codes categorized

1xx: informational, 2xx: success, 3xx: redirection, 4xx: client error, 5xx: server error

Httpconfiguration in web api

HttpConfiguration defines routing, formatters, message handlers, and filters., It is used to configure the Web API pipeline at startup., Example: GlobalConfiguration.Configure(WebApiConfig.Register);

Internet media types?

Also called MIME types, they specify the format of data sent over HTTP., Examples: application/json, text/html, image/png., Helps client and server understand how to process data.

Main return types in web api

IHttpActionResult (Web API 2), HttpResponseMessage, POCO objects (automatically serialized to JSON/XML)

Main return types supported in asp.net web api

IHttpActionResult, HttpResponseMessage, Strongly-typed objects (serialized automatically), string or primitive types, These are converted to proper HTTP responses.

Main return types supported in web api?

Web API supports return types like HttpResponseMessage, IHttpActionResult, and simple CLR objects., It can also return void or custom models., The response is automatically serialized based on content negotiation., These return types provide flexibility in handling API responses.

Meaning of testapi?

TestApi is used to test Web API endpoints., Tools like Postman or Swagger enable testing., It validates functionality, performance, and security.

Method that validates all controls on a page

Page.Validate() validates all server controls on the page., After that, Page.IsValid checks whether validation passed.

Method to handle error using httperror in web api

HttpError is used with HttpResponseException or Request.CreateErrorResponse()., Example: return Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Invalid input");, It sends structured error details to the client.

Mvc? diffbet mvc and web api

MVC: Builds web apps with Views (HTML), Controller, Model., Web API: Builds services to expose data via HTTP., MVC returns Views, Web API returns data., MVC supports full-page rendering; Web API supports client-server communication.

Name method that validates all controls on a page

Page.Validate() validates all validation controls on a page., Page.IsValid property checks if all validations succeeded., Commonly used in ASP.NET Web Forms before saving data.

New features in asp.net web api 2.0

Attribute routing for better URL control., Support for OData queries and CORS., Exception filters and IHttpActionResult for flexible responses., Improved tracing, message handlers, and content negotiation.

New features in web api 2.0?

Includes Attribute Routing, OData support, CORS support, and IHttpActionResult return type., It improves flexibility and testability.

Open-source library used by web api for json serialization

Newtonsoft.Json (Json.NET) is the commonly used library for JSON.

Parameters can be passed in the url of api

Query parameters: ?id=1&name=John, Route parameters: /api/users/1, Optional parameters: Defined in routing templates., Parameters help filter, sort, or fetch specific data.

Parameters get value in web api

From URL path: via route parameters., From query string: ?id=1, From body: in POST/PUT requests., Model binding automatically maps values.

Pass multiple complex types in web api?

Use FromBody with a wrapper model or JSON object., Web API binds data to model automatically.

Use attribute [HandleError] or custom filter., Apply directly to action method., Provides localized exception handling.

Rest vs soap

REST: Lightweight, uses HTTP, JSON/XML, stateless., SOAP: Protocol-based, uses XML, heavier, supports WS-* standards.

Rest?

REST is an architectural style using HTTP for communication., It uses stateless requests and resource-based URIs., Supports CRUD operations.

Restrict access to specific http verbs?

Use attributes like [HttpGet], [HttpDelete]., These enforce HTTP method rules on actions.

Skills required for asp.net developer

Strong knowledge of C#, .NET, MVC, Web API., Database skills (SQL Server, Entity Framework)., Frontend skills: HTML, CSS, JavaScript, jQuery., Understanding RESTful services, AJAX, authentication, and debugging.

Soap?

SOAP stands for Simple Object Access Protocol., It is XML-based and used for secure message exchange., SOAP supports strict rules, contracts, and WS-Security.

Status code for “empty return type” in web api

If a Web API method returns nothing, the default status code is 204 No Content., It indicates the request succeeded but no data is returned.

To assign alias name for web api action?

Use [ActionName("aliasName")] attribute., Requests can use the alias instead of method name., Improves readability.

To handle errors in web api

Use Exception Filters, try-catch blocks, or HttpResponseException., You can return proper HTTP status codes with error messages., Helps clients handle errors gracefully.

To handle errors in web api?

Errors can be handled using try-catch blocks, Exception Filters, or Global Exception Handling., Another approach is custom HttpResponseMessage or HttpError., Logging and middleware pipelines also help track issues., This ensures clean error responses to clients.

To handle errors using httperror in web api?

Use HttpError with HttpResponseMessage to return structured error details., It allows adding messages, validation errors, or custom error objects., Example: Request.CreateErrorResponse(HttpStatusCode.BadRequest, new HttpError("Invalid data"))., Useful for client-friendly error communication.

To limit access to web api to a specific http verb?

Use attributes like [HttpGet], [HttpPost], [HttpPut]., These restrict methods to the corresponding HTTP request., Ensures proper REST compliance.

To register an exception filter globally

In WebApiConfig.cs (or FilterConfig.cs for MVC):, config.Filters.Add(new MyExceptionFilter());, This applies the filter to all controllers and actions.

To register exception filter globally?

Add filter in WebApiConfig.Register()., Example: config.Filters.Add(new CustomExceptionFilter());., Makes filter apply to all controllers.

To restrict access to methods with http verbs?

Use declarative attributes like [HttpPost], [HttpGet]., Ensures only the intended request type triggers the method., Supports correct REST design.

To return view from web api?

Web API doesn't directly return a View., Instead, use MVC Controller or return HTML string., Better separation of concerns is recommended.

To secure asp.net web api

Use authentication and authorization (JWT, OAuth, Basic)., Enable HTTPS to encrypt communication., Validate inputs and use CORS carefully., Role-based or policy-based access ensures secure endpoints.

To unit test web api

Use mock frameworks (like Moq) to simulate dependencies., Call controller actions with fake HttpRequestMessage., Check returned HttpResponseMessage or IHttpActionResult., Helps ensure API logic works independently of the host environment.

To unit test web api?

Use testing frameworks like MSTest, NUnit, or xUnit., Mock dependencies using Moq., Test methods and responses independently.

Tools for testing web api?

Examples: Postman, Swagger, Fiddler, SoapUI, JMeter., They help simulate HTTP calls and validate API behavior.

Usage of delegatinghandler?

DelegatingHandler is used in Web API to create custom message handlers., It allows interception of HTTP requests and responses before reaching the controller., Common uses include logging, authentication, encryption, and caching., Multiple handlers can be chained for layered processing.

Use of delegatinghandler?

DelegatingHandler is used to process HTTP requests/responses., Acts as a middleware in the message pipeline., Can implement logging, authentication, or request modification., Supports chaining multiple handlers.

Use of httpresponsemessage

HttpResponseMessage allows sending custom HTTP responses., You can set status codes, headers, and content explicitly., It gives more control than returning simple objects., Useful for detailed API responses.

Wcf is replaced by asp.net web api. true/false?

False., WCF is still used for SOAP-based services, secure and transactional services., Web API is preferred for RESTful HTTP services, but WCF is not fully replaced.

Web api and why we use it?

Web API is a framework for building HTTP services., It is used to expose data (JSON/XML) to clients like browsers, mobile apps, or other services., Supports REST architecture for lightweight communication.

Web api is important

Allows building RESTful services for multiple clients., Lightweight, scalable, and platform-independent., Supports HTTP methods and status codes for better control.

Web api is required?

To expose data and services over HTTP protocols., Supports multiple clients like mobile, IoT, and web apps., Allows building REST services easily., Good for loosely-coupled architecture.

Web api routing?

Routing maps incoming HTTP requests to controller actions., It uses patterns defined in WebApiConfig.cs., Supports both conventional and attribute routing.

Web api supports which protocol

HTTP/HTTPS protocol for communication.

Web api supports which protocol?

Web API primarily supports HTTP protocol., It also supports RESTful communication., It can handle HTTP verbs like GET, POST, PUT, and DELETE., Suitable for web and mobile applications.

Web api supports which protocol?

Web API supports HTTP as its primary protocol., It also supports RESTful communication patterns., Other protocols like HTTPS, WebSockets can also be integrated., It is mainly designed for web and distributed systems.

Web api uses which library for json serialization?

Web API uses Newtonsoft.Json by default in older versions., In .NET Core and later, it uses System.Text.Json., Both handle JSON conversion for request and response objects., Custom converters can be configured if needed.

Web api uses which library for json serialization?

ASP.NET Web API uses Newtonsoft.Json (Json.NET) by default., In ASP.NET Core, System.Text.Json can also be used., Serializes objects to JSON and parses JSON to objects.

Web api uses which open-source library for json serialization?

Web API originally used Newtonsoft.Json (JSON.NET)., In ASP.NET Core, it uses System.Text.Json by default., Both libraries convert objects to JSON and back.

Web api?

Web API is a framework to build HTTP-based RESTful services., It supports JSON, XML, and multiple platforms., Used for mobile apps, browsers, and external integrations., Lightweight and flexible.

Web api?

Web API is lightweight, fast, and easy to use., Supports REST standards and multiple data formats., Highly scalable and testable., Better suited for modern distributed applications.

Website owners avoid http status codes

They don’t “avoid” them; they handle or redirect errors using custom error pages., Example: 404.html for Page Not Found, 500.html for server errors., Status codes still get sent, but users see friendly pages.

What is web api 2.0

Enhanced version of Web API with features like, Attribute routing, OWIN hosting, CORS support, and IHttpActionResult.

Xml and json?

XML: Extensible markup language, verbose, supports attributes., JSON: JavaScript Object Notation, lightweight, easier to parse., Both are used to exchange data between client and server.

You construct html response message?

Use HttpResponseMessage with content type "text/html"., Example:, return new HttpResponseMessage() { , Content = new StringContent("

Hello

", Encoding.UTF8, "text/html") , };

Api Gateways Explained

What an API Gateway?

Entry point backend APIs Think of it as a reverse proxy added features

API Gateway Authentication Token-based authentication

API Gateway Authentication Token-based authentication Cookie-based authentication YARP integrates with the ASP.NET Core authN & authZ mechanism. You can specify the auth policy for each route. There are two premade policies: anonymous and default Custom policies are also >supported. Popular API Gateways Reverse proxying Request routing Load balancing AuthN + AuthZ Popular tools that can serve as API >Gateways YARP OCELOT TRAEFIK

RESTful APIs

Api versioning?

API versioning allows changes without breaking existing clients. Versions may appear in headers, URLs, or query parameters. It helps manage updates and backward compatibility.

Authentication in rest?

Authentication verifies user identity before accessing protected resources. Methods include OAuth, JWT, and Basic Authentication. It ensures only authorized users access the API.

Authorization in rest?

Authorization determines what resources an authenticated user can access. it controls permissions and roles. it works after successful authentication.

Crud?

CRUD stands for Create, Read, Update, and Delete. These operations map to HTTP methods in REST. CRUD is fundamental for resource management in APIs.

Endpoint?

An endpoint is a specific URL where a resource can be accessed. Each endpoint corresponds to an operation on a resource. It defines how the client interacts with the server.

Http status code 200?

HTTP 200 means the request was successful. It typically accompanies GET requests. The response usually contains the requested resource.

Http status code 201?

201 means a resource has been successfully created. it is commonly returned after post requests. the response may include the newly created resource or a location header.

Http status code 404?

404 means the requested resource is not found. it indicates an invalid endpoint or missing data. it is part of rest error handling.

Http status code 500?

500 indicates a server error. it means the server failed to process the request due to an internal issue. it signals the need for debugging and error handling.

Idempotency?

Idempotency means repeated requests produce the same result. HTTP methods like GET, PUT, and DELETE are idempotent, while POST is not. It prevents unintended duplicate operations.

JSON (JavaScript Object Notation) is a lightweight format for data exchange. It is human-readable and easy for machines to parse. REST APIs commonly use JSON due to simplicity and speed.

Jwt?

JSON Web Token (JWT) is a secure token used for authentication and authorization. It contains encoded claims digitally signed using a secret or certificate. The server does not store session state.

Main http methods used in rest?

REST commonly uses GET, POST, PUT, PATCH, and DELETE. GET retrieves data, POST creates, PUT updates fully, PATCH updates partially, and DELETE removes a resource. These methods align with CRUD operations.

Oauth2?

OAuth2 is an authorization framework that allows delegated access. It enables third-party apps to access APIs securely without sharing passwords. It is widely used by Google, Facebook, and Microsoft services.

Pagination?

Pagination splits large datasets into smaller chunks. REST APIs use parameters like limit and page to fetch data efficiently. It improves performance and user experience.

Rate limiting in rest apis?

Rate limiting restricts the number of requests allowed within a time window. It prevents abuse, protects servers, and ensures fair usage. Often implemented with tokens or throttling rules.

Resource in rest?

A resource represents data or an entity exposed via an endpoint. Each resource is identified by a unique URI. Resources are usually represented in formats like JSON or XML.

Rest api?

A REST API is an architectural style that uses HTTP methods to perform CRUD operations. It follows stateless communication and represents resources using URIs. REST relies on representations like JSON or XML. It is widely used for web and mobile services.

Stateless mean in rest?

Stateless means each request contains all necessary information to process it. The server does not store client session data between requests. This improves scalability and simplifies server architecture.

Xml in rest?

XML is a markup language used for structured data representation. It was widely used before JSON gained popularity. REST can still support XML when needed for legacy systems.

GraphQL

graphql best used?

GraphQL is ideal for applications needing flexible data fetching, real-time updates, and complex relationships. Popular in mobile apps, dashboards, and microservices.

Apollo client?

Apollo Client is a popular GraphQL client for fetching and caching data. It simplifies state management and GraphQL API communication. Often used with React.

Apollo server?

Apollo Server is a GraphQL server implementation for Node.js. It allows building schemas, resolvers, and handling API execution. It integrates well with Express and microservices.

Can graphql be used with microservices?

Yes, GraphQL is often used as a gateway for microservices. Federation and stitching combine multiple services seamlessly into one schema.

Developed graphql?

GraphQL was developed by Meta (Facebook) in 2012 and open-sourced in 2015. It helps handle complex data structures efficiently. Today, it is widely used in modern web applications.

Diffbet rest & graphql?

REST uses multiple endpoints while GraphQL uses a single endpoint. REST may overfetch or underfetch, while GraphQL returns only requested fields. GraphQL offers real-time subscriptions; REST usually doesn’t.

Does graphql support caching?

GraphQL itself doesn't provide caching, but clients like Apollo and Relay support it. Caching reduces unnecessary network calls. Server-side caching can also be applied.

Does graphql support file uploads?

GraphQL supports uploads using multipart requests or libraries such as Apollo Upload. It requires additional handling since it's not built-in natively.

Does graphql work over http?

Yes, GraphQL works over HTTP POST or GET. It is protocol-agnostic and can also run over WebSockets. It integrates easily with existing HTTP infrastructure.

Graphiql?

GraphiQL is an IDE for building and testing GraphQL queries. It provides a playground-like environment. It automatically provides schema documentation.

Graphql batch requesting?

Batch requesting allows sending multiple queries in a single network request. This reduces overhead and improves performance. Useful in microservices and mobile apps.

Graphql federation?

Federation enables multiple GraphQL services to work as one unified graph. It supports distributed data ownership and scalability. Useful in microservice architecture.

Graphql gateway?

A gateway orchestrates and aggregates multiple GraphQL services behind one endpoint. It handles authentication, routing, and caching. Often used with microservices.

Graphql n+1 problem?

It occurs when resolvers make repeated database calls for nested fields. Tools like DataLoader help batch requests and prevent inefficiency.

Graphql validations?

Validation ensures correct syntax, field existence, and type matching before execution. It prevents runtime errors and improves API stability. It is handled automatically by schema rules.

Graphql?

GraphQL is a query language for APIs that allows clients to request only required data. It serves as an alternative to REST. It reduces overfetching and underfetching issues.

Introspection in graphql?

Introspection enables clients to query schema metadata. It helps tools auto-generate documentation. It makes GraphQL self-descriptive.

Is graphql replacing rest?

GraphQL does not replace REST entirely but complements it. REST works well for simple and public APIs. GraphQL is preferred for complex and data-driven applications.

Is graphql strongly typed?

Yes, GraphQL uses a strongly typed schema. Each field must have a defined type, ensuring predictable responses and validation.

Is versioning handled in graphql?

GraphQL typically avoids versioning by evolving schemas gradually. Fields can be deprecated without breaking clients. This reduces version overhead.

Mutation in graphql?

Mutations are used for creating, updating, or deleting data. They change server-side state. Mutations are similar to POST, PUT, or DELETE in REST.

Overfetching?

Overfetching occurs when an API returns more data than needed. It is common in REST fixed endpoints. GraphQL prevents overfetching by targeting specific fields.

Query in graphql?

Query fetches data from a graphql server. it allows clients to specify exactly what fields they need. the response matches the query structure.

Relay?

Relay is a GraphQL client developed by Meta. It focuses on performance and caching with strict conventions. Appears mostly in large-scale apps.

Resolver in graphql?

Resolvers are functions that handle requests and return data for a specific field. They act like controllers in REST. Each field in a schema can have its own resolver.

Scalars?

Scalars represent primitive data types like String, Int, Boolean, and Float. They are the base building blocks of a schema. Custom scalars can also be created.

Schema in graphql?

A schema defines the structure of data and operations available in GraphQL. It includes types, queries, and mutations. It acts as a contract between client and server.

Subscriptions in graphql?

Subscriptions enable real-time communication using WebSockets. They push updates automatically when data changes. Useful for chat apps and live notifications.

Type in graphql?

Types define the shape of objects in GraphQL. Examples include scalar types like Int and String, or custom object types. They help ensure strong typing.

Underfetching?

Underfetching means an API returns insufficient data, requiring multiple calls. REST often suffers from this issue in nested data. GraphQL eliminates underfetching via flexible queries.