REST Assured interview questions
// 40 QUESTIONS Β· UPDATED MAY 2026
REST Assured interview questions covering the BDD-style given/when/then syntax, RequestSpecBuilder, ResponseSpecBuilder, JSON schema validation, authentication, filter chains, and integration with TestNG and JUnit 5.
Showing 40 of 40 questions
- How does RequestSpecBuilder reduce duplication in REST Assured tests?Mid
RequestSpecBuilder lets you define a reusable base configuration β base URI, auth headers, content type, logging β once, then share it acβ¦
- How would you validate a JSON response against a schema in REST Assured?Mid
Add the rest-assured-json-schema-validator dependency and call .body(matchesJsonSchemaInClasspath('schema.json')) in the then() block. Scβ¦
- What is REST Assured and what makes it different from a plain HTTP client?Junior
REST Assured is a Java DSL that wraps HTTP in a fluent given/when/then chain and bundles JsonPath querying, schema validation, and auth hβ¦
- Walk through the basic given/when/then syntax of a REST Assured test.Junior
given() sets up the request (base URI, headers, auth, body); when() fires the HTTP method and path; then() holds assertions. Each methodβ¦
- How do you send a GET request with query parameters in REST Assured?Junior
Use .queryParam("key", value) in given() β REST Assured URL-encodes the values and appends them to the request URL. Chain multiple callsβ¦
- How do you assert the status code and a JSON field in a single chain?Junior
.statusCode() and .body() both live inside then() and chain on ValidatableResponse β add as many as needed. The first argument to .body()β¦
- What's the difference between body() and extract() in a REST Assured chain?Junior
.body(path, matcher) asserts a value and stays in the chain β it returns ValidatableResponse. .extract() ends the chain and returns a typβ¦
- How do you set headers and content type in a REST Assured request?Junior
Use .header("Name", "value") for individual headers or .headers(map) for multiple. .contentType(ContentType.JSON) is a typed shorthand thβ¦
- How do you handle authentication (basic auth, bearer token) in REST Assured?Junior
For basic auth use .auth().preemptive().basic(user, pass) β preemptive skips the 401 challenge round-trip. For bearer tokens use .header(β¦
- What's the simplest way to log a failing request in REST Assured for debugging?Junior
.log().ifValidationFails() on both given() and then() logs the full request and response only when an assertion fails β zero noise on pasβ¦
- How does ResponseSpecBuilder work? When do you use it over inline assertions?Mid
ResponseSpecBuilder defines a reusable response contract β expected status codes, content type, max response time, invariant body fieldsβ¦
- Explain JsonPath in REST Assured with a nested-object example.Mid
REST Assured's JsonPath uses dot notation for nested objects, bracket notation for arrays, and Groovy GPath for collection operations. Paβ¦
- How do you deserialise a JSON response into a POJO with REST Assured?Mid
Call .extract().as(MyClass.class) at the end of the assertion chain β REST Assured uses Jackson (or Gson) to map the JSON to the POJO autβ¦
- How would you write a generic helper that accepts a path and returns a typed response?Mid
Define a method that accepts a String path and a TypeRef<T> and calls extract().as(typeRef). The caller passes new TypeRef<User>(){} or nβ¦
- How do you handle file uploads in REST Assured (multipart)?Mid
Use .multiPart("file", new File(path)) in the given() block β REST Assured sets Content-Type: multipart/form-data automatically. Add .mulβ¦
- How does REST Assured handle redirects, and where do you configure that?Mid
REST Assured follows redirects automatically by default (inherited from Apache HttpClient). Disable with .redirects().follow(false) to asβ¦
- Explain filters in REST Assured. Give an example of a custom filter.Mid
Filters are pre/post-request interceptors β they implement the Filter interface and receive the FilterableRequestSpecification and Filterβ¦
- How would you integrate REST Assured tests with TestNG vs JUnit 5? What changes?Mid
With JUnit 5, use @BeforeAll/@Test from org.junit.jupiter.api β no REST Assured config needed. TestNG uses @BeforeClass/@Test from org.teβ¦
- How do you handle SSL/TLS issues (self-signed certs) in REST Assured for testing?Mid
.relaxedHTTPSValidation() in given() (or on RequestSpecBuilder) disables SSL certificate verification β use it for self-signed certs in tβ¦
- How would you parametrise the same REST Assured test across multiple datasets?Mid
With JUnit 5, use @ParameterizedTest with @MethodSource or @CsvSource β the test method receives dataset values and builds the REST Assurβ¦
- How do you organise REST Assured tests in a Maven project for parallel execution?Mid
Enable parallel execution via maven-surefire-plugin config (JUnit Platform provider for JUnit 5, or testng.xml for TestNG). Use local Reqβ¦
- How would you debug a test where a real cURL works but REST Assured fails?Mid
Enable .log().all() on both given() and then() to see the exact request REST Assured sends. Compare URI, headers, body, and content-typeβ¦
- Explain how you'd test pagination with REST Assured.Mid
Fetch the first page, assert page metadata (size, total, hasNext), extract items, then loop through remaining pages. Accumulate results aβ¦
- How do you mock external APIs that your service calls during a REST Assured test?Mid
Start a WireMock (or MockServer) instance before the suite and configure the service under test to call the mock's URL instead of the reaβ¦
- How does REST Assured handle cookies across requests?Mid
Use .cookie(name, value) to send cookies and .then().cookie(name, matcher) to assert response cookies. To persist cookies across requestsβ¦
- How would you build a REST Assured framework from scratch for a 100-engineer team?Senior
Layer a BaseApiTest with RequestSpecBuilder and ResponseSpecBuilder, env-config loaded from properties or a config library, a token-refreβ¦
- How do you handle environment-specific configuration (dev/staging/prod) in REST Assured?Senior
Load base URIs and credentials from environment variables resolved at suite startup in @BeforeAll, then inject into RequestSpecBuilder. Uβ¦
- What's your approach to handling test data setup/teardown in REST Assured?Senior
Use @BeforeEach to POST test resources via REST Assured, capture their IDs, and clean up in @AfterEach via DELETE. For expensive shared dβ¦
- How would you integrate REST Assured with Allure for rich reporting?Senior
Add the allure-rest-assured dependency and register AllureRestAssured as a filter in RequestSpecBuilder. It captures every request and reβ¦
- How do you handle OAuth 2.0 client credentials flow in REST Assured?Senior
POST to the token endpoint with client_id, client_secret, and grant_type=client_credentials in @BeforeAll. Cache the token and its expiryβ¦
- How would you test idempotency keys with REST Assured?Senior
Send the same request twice with identical X-Idempotency-Key headers and assert both responses are identical in status and payload. Thenβ¦
- How do you handle long-polling or async API responses in REST Assured?Senior
Poll the status endpoint with Awaitility β define a condition (statusEquals("COMPLETE")), a poll interval, and a timeout. REST Assured fiβ¦
- How would you parallelise REST Assured tests safely? What can break?Senior
REST Assured itself is thread-safe when you use local RequestSpecification instances β the thread-safety risk is static RestAssured.* fieβ¦
- How do you avoid flakiness in REST Assured tests that depend on shared state?Senior
Root causes: shared mutable data (test A creates; test B deletes before A reads), time-dependent assertions, and implicit ordering. Fix wβ¦
- How would you migrate from a Postman/Newman test suite to REST Assured incrementally?Senior
Run both suites against the same environment in parallel β they must agree on every endpoint before any deletion. Port collection by collβ¦
- How do you measure and optimise REST Assured test execution time?Senior
Profile first: most suites are I/O-bound and parallelise well. Reduce redundant auth-token fetches with @BeforeAll caching. Use responseβ¦
- How would you handle backwards-compatible API changes that require gradual test updates?Senior
Maintain versioned ResponseSpecifications (v1ResSpec, v2ResSpec) and run both against the live API during the migration window. Tag v1 teβ¦
- Compare REST Assured to Karate, Playwright APIRequestContext, and Postman. When would you choose each?Senior
REST Assured fits Java teams with existing JUnit/TestNG suites and shared data setup. Karate suits cross-functional teams wanting DSL-basβ¦
- How would you justify investment in a REST Assured framework over a SaaS solution (Postman+Newman+Cloud)?Lead
SaaS costs scale with team size and add a vendor dependency on core infrastructure. REST Assured lives in source control alongside the coβ¦
- How do you structure mentoring for engineers new to REST Assured on a Java team?Lead
Start with the given/when/then mental model and have engineers convert existing cURL commands into REST Assured chains as their first exeβ¦