Explore key concepts of building Web APIs in .NET using REST, gRPC, and GraphQL. This quiz covers API design, protocol choices, serialization, endpoints, and security to help reinforce your foundational knowledge of modern Web API approaches.
Which HTTP verb is typically used in RESTful APIs to retrieve data about a specific resource, such as retrieving a user's details by their ID?
Explanation: GET is the standard HTTP method for retrieving data or resources without modifying them. POST is used to create new resources, PATCH is intended for partial updates, and REMOVE is not a standard HTTP verb. Therefore, GET is the most suitable and widely recognized choice for data retrieval.
Which serialization format does gRPC primarily use for efficient communication between services?
Explanation: Protocol Buffers is a compact, high-performance binary serialization format designed for gRPC, enabling fast communication. JSON and XML are commonly used with REST APIs, while YAML is a human-readable format often used in configuration files. Only Protocol Buffers is natively integrated into the core of gRPC.
In a GraphQL API, how does the client specify exactly which fields of a resource it wants to retrieve, such as requesting only the 'name' of a product?
Explanation: In GraphQL, clients customize their responses by specifying required fields directly within the query body. Custom HTTP headers and URL query strings are typical to REST, not GraphQL, and there is no SELECT verb in HTTP. Thus, providing fields in the query body is unique to GraphQL's flexibility.
What is the main purpose of a Uniform Resource Identifier (URI) in a REST API, for example, /api/books/23?
Explanation: A URI is designed to uniquely identify and locate a resource in REST APIs. The request format and response schema are unrelated to the URI, while authentication is generally managed by headers or tokens. This makes the resource identification function the correct answer.
When should you consider using gRPC instead of REST for your .NET API, given you have multiple microservices communicating within the same data center?
Explanation: gRPC shines in scenarios demanding performance, low latency, and binary protocols, such as microservices in a data center. REST is better for human-readable communication and browser compatibility. REST also fits when JSON is required exclusively. Thus, using gRPC for efficiency is the right context.
Which GraphQL operation should you use to modify or add data, such as creating a new order in an e-commerce system?
Explanation: A Mutation operation in GraphQL handles creating or modifying data. Queries are for retrieving data, Subscriptions are for real-time updates, and 'Action' is not an official GraphQL term. Using Mutations for data changes is the core approach in GraphQL APIs.
Which HTTP status code should a REST API return when a resource is successfully created, such as after registering a new account?
Explanation: 201 Created is the standard code for successful resource creation. 200 OK is used for successful general requests but does not indicate creation. 400 and 404 represent client errors, not success. Therefore, 201 Created is the correct status for new resources.
Which gRPC communication pattern allows both the client and server to send multiple messages as part of a single call, for example, streaming live updates between services?
Explanation: Bidirectional streaming allows messages to flow in both directions throughout the lifetime of a gRPC call. Unary is single request-response, and client streaming is one-way from client to server only. 'JSON polling' is not a gRPC communication pattern. Bidirectional streaming is designed for continuous, two-way communication.
Which technique is commonly used to secure REST, gRPC, and GraphQL APIs by verifying a user's identity?
Explanation: Token-based authentication securely transmits a user's credentials and is widely used across REST, gRPC, and GraphQL APIs. URL query filtering and XML sitemaps serve other purposes, while throttling limits requests but does not verify identities. Thus, tokens are the standard for user verification.
What is a common method for indicating the version of a REST API, for instance, to provide both v1 and v2 endpoints?
Explanation: Including the version directly in the URL path is a clear and common practice for REST API versioning. HTTP methods do not indicate versions, headers may contain version info but are less visible, and changing the HTTP protocol is unrelated. Placing the version in the route helps clients and developers easily track API changes.