Most Common Interview Questions for Postmen in 2023 - IQCode

Get to Know Postman

Postman is a collaboration platform designed for the purpose of simplifying the API testing process. It was founded by Abhinav Asthana in 2014 as a side project and later joined by Ankit Sobti and Abhijit Kane. Postman has become the most commonly used platform for designing, developing, and testing APIs.

Below are some interview questions that are frequently asked of new software developers or testers:

1. What is Postman?

Postman is a collaboration platform designed to make it easier to test APIs.

Understanding Collections in Postman

A collection in Postman is a group of related API requests that are organized together for easy management and execution. It allows you to save requests, scripts, tests, and other related API artifacts in a single place. You can also share collections with your team or make them public for external users. Overall, collections are a convenient way to organize and streamline your API workflow in Postman.

Reasons for Using Postman

Postman is an essential tool for developers because it helps with testing, documenting, and sharing APIs. It offers a user-friendly interface for making HTTP requests to test API requests and responses. Postman also allows developers to save their API requests in collections, which can be shared with other parties for testing and collaboration. Additionally, Postman provides advanced features such as test scripts, which can validate API responses and automate the testing process. Overall, Postman saves time and effort in the API development process and facilitates collaboration among team members.

// Example usage of Postman to test API requests

Logging Variable Values in Postman

To log variable values in Postman, you can use the `console.log()` method in the Postman console. You can pass variables or values that you want to log into this method, and it will output them in the console.

Here is an example:

var myVariable = "Hello, world!";
console.log(myVariable); // Output: "Hello, world!"

In this example, the variable `myVariable` is defined and assigned the value `"Hello, world!"`. Then, the `console.log()` method is used to output this value to the Postman console.

You can also log multiple values or variables at once by separating them with a comma:

var myVariable1 = "Hello";
var myVariable2 = "world";
console.log(myVariable1, myVariable2); // Output: "Hello world"

Additionally, you can use string concatenation to create custom log messages:

var myVariable = "Hello, ";
console.log(myVariable + "world!"); // Output: "Hello, world!"

Using these techniques, you can easily log and debug your variables and values in Postman.

Accessing Postman Variables

In Postman, you can access variables in scripts using the 'pm' object. To access variables created in your collection or environment, use 'pm.environment.get' or 'pm.collectionVariables.get'.

For example:

 let variableValue = pm.environment.get("variableKey");

This code will get the value of the environment variable with the key 'variableKey' and store it in the 'variableValue' variable.

To set a variable in Postman, use the 'pm.environment.set' or 'pm.collectionVariables.set' methods.

For example:

pm.environment.set("variableKey", variableValue);

This code will set the value of a variable with the key 'variableKey' to the value stored in the 'variableValue' variable.

Using variables can make your Postman requests more flexible and dynamic, allowing you to reuse and modify them easily.

Postman Authorization Methods

Postman provides several authorization methods that can be used to send authenticated requests. These include:

- Basic Auth: allows you to send a username and password in the header of a request - OAuth 1.0: uses a set of temporary credentials to generate a signature that is included in the header of a request for authentication - OAuth 2.0: allows you to obtain an access token that is sent in the header of a request to authenticate the user - AWS Signature: uses an AWS access key and secret access key to sign a request for authentication - Digest: sends a hashed value of the password along with the request

Using the appropriate authorization method in Postman is essential for ensuring secure and successful API requests.

Types of API Requests Supported in Postman

In Postman, there are several types of API requests that can be made:

- GET Request: This type of request is used to retrieve data from a specified resource.

- POST Request: This type of request is used to submit data to be processed to a specified resource.

- PUT Request: This type of request is used to update an existing resource with new data.

- DELETE Request: This type of request is used to delete a specified resource.

By using different types of requests, developers can interact with APIs in different ways and perform various operations on the resources they manage. Postman makes it easy to test and explore different API requests and responses to ensure they are working correctly.

Understanding the Difference Between Query Parameters and Path Variables

In web development, query parameters and path variables are two ways to pass data in a URL, but they serve different purposes.

Query parameters

are additional data added at the end of a URL with a "?" followed by pairs of key-value pairs separated by "&". They are often used for filtering, sorting and searching data.

Path variables

, on the other hand, are values embedded within the URL itself and are used to identify a specific resource or endpoint. They are separated by slashes and can vary depending on the resource being accessed.

Understanding the difference between these two can help you design better APIs and routes for your web applications.

Explanation of Basic Auth in Postman

Basic Auth is a method of authentication used in Postman to access web resources. It involves sending a username and password with every request sent to the server. This method is widely used to secure APIs that require user authentication.

To use Basic Auth in Postman, follow these steps: 1. Open the Postman application and create a new request. 2. Click on the Authorization tab and select Basic Auth. 3. Enter your username and password in the corresponding fields. 4. Send the request to the server, which will now authenticate the user using the provided credentials.

By using Basic Auth, you can ensure that only authorized users can access protected resources on the server. This method is simple to implement and widely supported across different web technologies.

Understanding Digest Authentication in Postman

Digest Authentication is a method of authentication in Postman that allows safe transfer of sensitive information between a client and a server. In this authentication method, the client sends a request to the server which includes a hashed password. The server generates a challenge which the client uses to create a hashed response that is then sent back to the server. The server then evaluates the response and grants or denies access to the client based on it. This process helps prevent unauthorized access and safeguards sensitive information being transferred.

Accepted Encoding for Authorization Credentials in Postman

In Postman, the encoding standard for Authorization Credentials is usually Basic Auth encoding. This encoding standard is widely used in HTTP-based authentication systems and processes. It involves the base64 encoding of the username and password. Other encoding standards may also be accepted, depending on the specific application or API being used.

Can Global Variables Have the Same Name in Postman?

In Postman, global variables are unique identifiers, and it is highly recommended that you use different names for global variables to avoid conflicts between them. Using identical names for global variables can lead to unexpected behavior and make it difficult to maintain and troubleshoot your requests. Therefore, it is best to use unique and descriptive names for your global variables.

What is Postman Monitor?

Postman Monitor is a testing tool that allows you to schedule and run test suites to test APIs on a regular basis. It helps to monitor the endpoints and identify any performance issues before they become critical. It also provides real-time feedback on the health of APIs.

Understanding Binary Form in POST Requests

In HTTP POST requests, data can be sent to a server in different formats, including binary form. Binary form is a way of representing data using a combination of 1s and 0s, which is suitable for encoding any type of data.

When sending binary data in a POST request, the data must be encoded as binary and sent in the request body. To do this, one can use the `fetch()` function in JavaScript and set the `body` property to a `Blob` object that contains the binary data.

On the server-side, the binary data can be decoded and processed using various libraries and tools, depending on the programming language and framework being used. Once the binary data is processed, a response can be sent back to the client.

It's essential to ensure that the data is correctly encoded and decoded to prevent any errors or security vulnerabilities in the request and response handling.

Limitations of Postman

While Postman is a powerful tool for RESTful API testing, there are some limitations to its functionality:

- Postman cannot generate test data.<br>
- It does not have version control.<br>
- It cannot execute load or performance testing.<br>
- Automation can be time-consuming to set up.<br>
- It doesn't support writing tests in languages other than JavaScript.<br>
- Certain features are only available in the paid version.<br>

Despite these limitations, Postman remains an essential tool for developers and testers alike.

Saving API Responses to a File in Postman

To save the responses of an API request to a file in Postman, follow these steps:

1. Send an API request in Postman. 2. Click on the 'Save Response' button located at the top-right corner of the response section. 3. Choose the file format you want to save the response in (CSV, JSON, XML, etc.). 4. Choose the location in which you want to save the file. 5. Click on the 'Save' button to save the response to the selected file.

Alternatively, you can also use the Postman Collection Runner to run a collection of API requests and save their responses to a file in one go. To do this, follow these steps:

1. Click on the 'Runner' button located at the top-left corner of the Postman window. 2. Select the collection you want to run from the left-hand side panel. 3. Click on the 'Run' button to start running the collection. 4. Once the collection has finished running, click on the 'Export Results' button located at the top-right corner of the Run Results window. 5. Choose the format you want to save the results in (CSV, JSON, HTML, etc.). 6. Choose the location in which you want to save the file. 7. Click on the 'Save' button to save the response to the selected file.

By following these simple steps, you can easily save the responses of API requests to a file in Postman. This feature can be quite useful when you need to share your API responses with team members or review the data later.

Understanding the Significance of the 301 Status Code

The 301 status code is a type of HTTP response code that indicates a permanent redirect for a URL. It is significant because it can help website owners and SEO experts to ensure that their website visitors and search engines are directed to the correct version of a URL. This status code tells search engines that a URL has been permanently moved to a new location and that the old URL should no longer be used or indexed.

In terms of website traffic, a 301 redirect is important because it ensures that visitors are directed to the correct page and don't end up on a broken link or error page. This can help to improve user experience and prevent visitors from leaving your site.

Implementing a 301 redirect is relatively simple and can be done through the website's server configuration. It involves setting up a permanent redirect from the old URL to the new one using a redirection header. With a 301 redirect in place, website owners can maintain their search engine rankings and ensure that visitors are seamlessly directed to the right page.

How to Access Request History in Postman?

To access the history of requests in Postman, follow these steps:

1. Open Postman. 2. Click on the "History" tab located in the top-left corner of the screen. 3. You will now be able to view a list of all the requests that have been sent using Postman. 4. Click on any of the requests to view its details including the headers and body. 5. You can also re-send the request by clicking on the "Send" button or save it as a new request for later use.

By default, Postman stores up to 1000 requests in the history. However, you can increase or decrease this limit by going to the "Settings" option in the top-right corner.

Postman Interview Questions for Experienced:

One of the commonly asked questions in Postman interviews is:

19. What is the primary use of Base64 encoding in Postman?

Base64 encoding is primarily used in Postman for data transmission. It converts binary data to ASCII text format which can be easily transmitted over HTTP. This encoding technique is widely used as it is reliable, efficient, and easy to implement. In Postman, Base64 encoding is often used to authenticate the user's credentials and to send data in a secure and efficient manner.

//Example of Base64 encoding in Postman
const username = 'my_username';
const password = 'my_password';

const auth = btoa(username + ':' + password);

fetch('https://api.example.com/data', {
   headers: {
      'Authorization': 'Basic ' + auth
   }
});

Purpose of the 304 Status Code

The 304 status code is used in HTTP protocol to indicate to the client that a requested resource has not been modified since the last time it was accessed. This is achieved by including an "If-Modified-Since" header in the request, which contains a timestamp of the last modification date of the resource. If the server determines that the resource has not been modified since that time, it will return a 304 status code to indicate that the client should use its cached version of the resource. This can help to reduce network traffic and improve page load times.

Should we save our work on Postman Cloud?

As a native English speaker from the US, I believe that it is a matter of personal preference whether one chooses to save their work on Postman Cloud. However, there are some advantages to using the Postman Cloud, such as having the ability to access your saved work from any device with an internet connection, or easily share your collections and environments with teammates or collaborators. Ultimately, the decision to use Postman Cloud should be based on individual needs and preferences.

Variable Scopes in Postman

Postman provides three types of variable scopes - Global, Collection, and Environment.

1. Global variables are available throughout all requests in any Postman collection or environment, and can be accessed using the syntax `{{variable_name}}`.

2. Collection variables are available to all requests within a specific collection, and can be accessed using the syntax `{{collection_variable_name}}`. These variables can also be overridden by environment variables of the same name.

3. Environment variables are specific to a particular environment, and can be accessed using the syntax `{{environment_variable_name}}`. They are also prioritized over global or collection variables of the same name within that environment.

Variable scopes allow for dynamic and flexible API testing, enabling testers to switch between environments and collections while maintaining consistent testing parameters.

Is it Possible to Reuse the Authentication Token for Multiple Requests?

Yes, it is possible to reuse the authentication token for multiple requests. You can include the token in the headers of each request to authenticate yourself with the API server. Just make sure the token has not expired, otherwise, you will need to obtain a new one. Additionally, some APIs may have a limit on the number of requests that can be made with a single token, so it's always best to check the API documentation for any specific guidelines or limitations.

How to Write Test Cases for Basic Authentication in Postman

To write test cases for basic authentication in Postman, follow these steps:

1. Create a new Postman request and add the necessary authentication credentials.
2. Write test cases for your request in the "Tests" tab of Postman.
3. Include tests to verify that the authentication was successful and that your request returned the expected results.
4. Use the following code snippet as a starting point for your authentication tests:

pm.test("Status code is 200", function () {
    pm.response.to.have.status(200);
});

pm.test("Authentication was successful", function () {
    pm.expect(pm.response.headers.get("Authorization")).to.exist;
});

These test cases will check that the response status code is 200 and that the Authorization header exists in the response headers, indicating that the authentication was successful.

Make sure to also include tests for any error scenarios, such as when invalid credentials are provided. By thoroughly testing your requests, you can ensure that your application is secure and functioning as expected.

Setting Same Headers for All Requests in a Postman Collection

In Postman, you can set the same headers for all requests in a collection by following these simple steps:

1. Open the Postman application and go to the Collections tab. 2. Select the collection for which you want to set the headers. 3. Click on the ellipsis (...) icon next to the collection name and select Edit. 4. In the Edit Collection dialog box, go to the Headers tab. 5. Add the headers you want to set for all requests and click Save. 6. Now all requests in the selected collection will have the same headers.

This is a handy feature for saving time and ensuring consistency in testing API requests.

Understanding Workspaces in Postman

Workspaces in Postman are like containers for your API projects, collections and environments. They allow you to organize and manage your API development work through a single interface.

The workspace feature in Postman offers different types of workspaces that cater to different purposes, including:

1. Personal Workspace - Created for personal projects where you can store your personal collections, mock servers, and environments.

2. Team Workspace - Created for collaborative efforts within a team. This workspace allows for sharing of collections, mock servers, and environments within a group of developers.

3. Client Workspace - Created for API service clients who need to test and integrate APIs into their software applications.

4. Vendor Workspace - Created for vendors who provide an API to their clients. In this workspace, vendors can define contracts and monitor compliance to ensure clients are following the guidelines.

Workspaces in Postman allow you to collaborate with team members, set up multiple environments for testing different scenarios, and increase efficiency in API development by organizing your work into manageable and specific areas.

Can Postman Log Requests and Responses?

Yes, Postman offers a feature to log requests and responses. This is particularly useful for debugging and troubleshooting during API development. The log records every detail of each request and response, including status codes, headers, and response times. You can access the logs by clicking on the "History" tab in the left pane of the Postman app. From there, you can view the logs for each request, filter them by status code, and export them as a CSV or JSON file for further analysis.

How to stop execution of upcoming requests or collections?

To stop the execution of upcoming requests or collections, you can use the following steps:

1. Click on the "Cancel" button that appears on the right side of the currently running request.

2. Alternatively, you can stop the execution of the entire collection by clicking on the "Stop" button that is located at the top-right corner of the Postman interface.

3. You can also use the keyboard shortcut "Ctrl + Alt + X" (Windows) or "Cmd + Option + X" (Mac) to stop the execution of the entire collection.

By using these methods, you can stop the execution of any upcoming requests or collections in the Postman API.

Understanding the Pre-Request Script

The Pre-Request Script is a feature in API development that allows developers to execute scripts before an actual API request is sent. This script can be used to set environment variables, authenticate requests, manipulate request parameters, or perform any other action that is required before sending the request. Essentially, this script acts as a middleware between the client and the server. It is written using JavaScript and can be run in various API development tools such as Postman and Insomnia. Overall, the Pre-Request Script is a powerful feature that can significantly enhance the functionality of an API.

Using Custom JavaScript Libraries in Your Scripts with an Example

You can use custom JavaScript libraries in your scripts by including the library file in your HTML code. Here's an example:

Suppose you have a custom library called "myLibrary.js" that contains a function called "myFunction".

You can include the library in your HTML code like this:

html
<script src="myLibrary.js"></script>

Once you have included the library, you can use its functions in your own scripts. Here's how you can use the "myFunction" function from the "myLibrary" library:

javascript
// Call myFunction from myLibrary
myFunction();

This is just a simple example, but you can use this same technique to include any custom JavaScript library in your scripts. Just make sure to include the library file in your HTML code before you try to use it in your scripts.

Preference of Global vs Local Variables in Postman

In Postman, if both a global and a local variable have the same name, the local variable will be given preference over the global variable. This means the value of the local variable will be used instead of the global variable in the specific scope it is being used in.

Can Postman be Used with Command Line and How?

Yes, Postman allows flexibility to use the command-line interface. Postman provides API endpoints that can be used to run collections from the command line. This can be done by exporting the Postman collection as a JSON file and then using the Newman command-line tool to execute the collection. Newman is a command-line collection runner for Postman, which helps to run and test a Postman collection through CLI. By using Newman, developers can easily integrate Postman collections with their continuous integration and deployment processes.

Generating Random Numbers within a Given Range in Postman

To generate a random number within a given range in Postman, you can make use of the `Random` module.

Here is an example code snippet that generates a random number between 1 and 10:

var min = 1;
var max = 10;
var randomNumber = Math.floor(Math.random() * (max - min + 1)) + min;
console.log(randomNumber);

You can modify the values of `min` and `max` as per your requirement. The `Math.random()` method generates a random number between 0 and 1. Multiplying this value with the range (i.e., `max - min + 1`) and adding the minimum value (`min`) ensures that the generated number is within the given range.

To incorporate this code into your Postman request, you can use the Pre-request Script or Tests tab. For example, to set the value for a request parameter named `randomNumber`, you can use the following code in the Pre-request Script tab:

pm.globals.set("randomNumber", randomNumber);

And then, in the request URL, use `{{randomNumber}}` wherever you want the generated random number to appear.

Understanding Scratch Pad

A scratch pad is a temporary storage area in a computer's memory or a software application that allows users to quickly jot down notes, ideas, or calculations. It is similar to a physical notepad where one can write and erase multiple times. In the context of programming, a scratch pad can refer to a variable or a data structure used for temporary storage before the final calculation or processing. The data stored in a scratch pad is usually not critical and can be discarded when no longer needed.

Generating a cURL Command from Postman's REST API Details

To generate a cURL command based on the REST API details obtained from Postman, follow these steps:

1. Open the Postman application and import the API request you want to generate a cURL command for. 2. Once you have the request loaded, click on the "Code" button in the top right corner of the screen. 3. In the "Code" modal that appears, select "cURL" from the drop-down menu. 4. Copy the generated cURL command and use it in your terminal or code.

Note: The generated cURL command may require some modifications depending on the specific use case and authentication requirements of the API.