InterviewStack.io LogoInterviewStack.io

RESTful API Design Questions

Focuses on designing resource oriented web APIs following Representational State Transfer principles and proper use of the Hypertext Transfer Protocol. Core skills include resource modeling and endpoint naming, use of correct Hypertext Transfer Protocol methods and semantics, status code selection and error response structure, idempotency and stateless design, request and response formats such as JavaScript Object Notation, pagination, filtering and sorting strategies, versioning and backward compatibility, authentication and authorization patterns, rate limiting and abuse prevention, caching and performance considerations, API contract testing and documentation, common anti patterns, and designing APIs that balance client usability with backend implementation concerns.

HardTechnical
73 practiced
Discuss PATCH semantics in REST. Compare JSON Merge Patch vs JSON Patch (RFC 7396 vs RFC 6902) and explain when to choose each. Describe server-side validation, partial updates, and how to handle fields that should be unset versus set to null. Include concurrency considerations with conditional headers.
EasyTechnical
83 practiced
Explain HTTP caching fundamentals for APIs: Cache-Control directives, ETag, Last-Modified, and Vary. Give an example Cache-Control header value for a public read-heavy endpoint and explain how conditional requests with ETag reduce load on origin servers.
HardTechnical
73 practiced
Explain how you would implement conditional GET requests using ETags and Last-Modified in an Express or Spring backend backed by PostgreSQL. Provide the sequence of headers exchanged on both cache-hit and cache-miss, and outline how you would generate and validate ETag values efficiently for large, frequently changing resources.
MediumSystem Design
59 practiced
You maintain a microservices architecture where the API Gateway terminates authentication. Discuss the trade-offs of performing authorization checks at the gateway layer versus deferring to each downstream service. Include considerations for least privilege, latency, complexity, and maintaining a central policy.
EasyTechnical
80 practiced
You are designing error handling for an API. For each scenario below, pick the most appropriate HTTP status code and briefly justify your choice: a) malformed JSON in request, b) validation error for a business rule (e.g., date in past), c) authentication failure, d) authorization failure, e) resource not found, f) request accepted for asynchronous processing. Return a consistent JSON error payload example you would use.

Unlock Full Question Bank

Get access to hundreds of RESTful API Design interview questions and detailed answers.

Sign in to Continue

Join thousands of developers preparing for their dream job.