Application Programming Interface (API) is a set of functions and procedures that enables the development of applications that access the features or data of an application or operating system. API describes how particular software components should interact with one another. API testing is the term used to describe testing these functions.

API Testing determines if the developed APIs live up to expectations for the application's functionality, dependability, performance, and security.

Below are the differences between API and web Service:

• Although all APIs are Web services, not all Web services are APIs.
• Web services could not have all the specifications or be able to do everything that APIs can.
• While an API may be exposed in numerous ways, a Web service can only communicate using SOAP, REST, and XML-RPC.
• While APIs can operate without a network, Web services must always be connected to one.

When a REST client wishes to send a message to the server via a REST API web service, the message may be submitted in an HTTP request form, and the server is also able to accept this method of communication.

In REST, this type of communication is known as messaging.

The full form of URI is Uniform Resource Identifier that is used to identify each resource in the REST architecture,  

The format of a URI is:

<protocol>://<service-name>/<ResourceType>/<ResourceID>

There are 2 types of URI:

These are the common codes used to describe the task's predetermined status on the server.

The available status code formats are as follows:

• 1xx - represents informational responses
• 2xx - represents successful responses
• 3xx - represents redirects
• 4xx - represents client errors
• 5xx - represents server errors

Most commonly used status codes are:

• 200 - success/OK
• 201 - CREATED - used in POST or PUT methods.
• 304 - NOT MODIFIED - used in conditional GET requests to lessen the network's bandwidth usage. Here, the body of the response sent should be blank.
• 400 - BAD REQUEST - This may be the result of invalid validation or missing input data.
• 401- UNAUTHORIZED - This is the response given if the request is sent without any valid login credentials.
• 403 - FORBIDDEN - sent when a user cannot access (or is not permitted to access) a resource.
• 404 - NOT FOUND - Resource method is not available.
• 500 - INTERNAL SERVER ERROR - While executing the method, the server threw some exceptions.
• 502 - BAD GATEWAY - The response from a different upstream server could not be obtained by the server.

HTTP Verbs are another name for HTTP Methods. They make up a sizable chunk of the consistent interface constraint, which is followed by the REST, which details the procedure to be followed in order to obtain the requested resource.

Here are a few HTTP Methods examples:

• GET: This generally serves as a read-only operation and is used to retrieve information from the server.
• POST: New resources on the server are created using this method.
• PUT: This method is used to replace the resource or update an existing one on the server.
• DELETE: The resource on the server can be deleted using this method.
• PATCH: This method is used to modify the server resource.
• OPTIONS: This retrieves a list of the server's supported resource options.

Any HTTP Request in REST contains five main components, which are as follows:

• Method/Verb − What methods the request operation represents are described in this section. Some of the examples are Methods like GET, PUT, POST, DELETE, etc.
• URI − This component serves as a unique identifier for the server's resources..
• HTTP Version − What version of the HTTP protocol you are using is indicated in this section. An example is HTTP v1.1.
• Request Header − This component contains information on the request metadata, including the client type, supported content formats, message formats, cache settings, etc.
• Request Body − The actual message content that will be sent to the server is represented in this component.

There are 4 components to an HTTP response:

• Response Status Code − This represents the server response status code for the requested resource. Example: A client-side error is represented by 400, whereas a successful response is represented by 200.
• HTTP Version − This indicates the HTTP protocol version.
• Response Header − The response message's metadata are contained in this section. Data can be used to provide things like content length, type, response date, server type, etc.
• Response Body − The resource or message that the server actually returned is included in this section.

Data passed in the request body is referred to as the Payload. It differs from the request parameters. Only POST methods allow the payload to be sent as part of the request body.

The client state is not kept on the server because of the way the REST architecture is built. This is known called as Statelessness. The server receives the context from the client, which it uses to process the client's request. The session identification given by the client serves to identify the session on the server.