Technical interview Q&A plus 100+ career & HR questions—notice period, salary negotiation, resume, LinkedIn, freelancing, AI careers, and behavioral interviews with detailed, real-world answers.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
A REST (Representational State Transfer) API is an architectural style for designing
networked applications. It uses HTTP methods (GET, POST, PUT, DELETE) to perform
operations on resources identified by URLs (endpoints). Data is usually exchanged in JSON
or XML format.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
logic.
products).
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: Return a structured JSON response with: status → HTTP status code error → Short message details → Optional for debugging Example: "status": 400, "error": "Bad Request", "details": "Email is required"
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Client sends token in Authorization header: Authorization: Bearer <token>
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
uthorization: Bearer <token>
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: REST → Lightweight, uses HTTP, usually JSON, easy to use, stateless. SOAP → Protocol-based, uses XML, more complex, built-in security & transactions. REST is more flexible and widely used for web and mobile apps.
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: HTTP provides the transport mechanism and defines methods: GET → Retrieve data POST → Create resource PUT → Update resource DELETE → Remove resource PATCH → Partial update
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: An endpoint is a specific URL that represents a resource in a REST API. 👉 Example: → Represents user with ID 1.
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Example using ILogger in ASP.NET Core:
private readonly ILogger<MyController> _logger;
public MyController(ILogger<MyController> logger)
_logger = logger;
[HttpGet("{id}")]
public IActionResult GetUser(int id)
_logger.LogInformation("Fetching user with id {UserId}", id);
try
var user = dbContext.Users.Find(id);
if (user == null)
_logger.LogWarning("User with id {UserId} not found",
id);
return NotFound();
return Ok(user);
catch (Exception ex)
_logger.LogError(ex, "Error fetching user with id {UserId}",
id);
return StatusCode(500, "Internal Server Error");
This covers all core aspects of error handling and debugging for REST APIs.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: Stateless means the server does not store client session data. Each request must contain all the necessary information (like authentication tokens). This makes APIs scalable nd reliable.
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: Platform-independent (works across web, mobile, IoT). Simple, flexible, and scalable. Uses existing HTTP infrastructure. Lightweight (JSON/XML). Supports caching for better performance.
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: Easier to learn & implement. Supports multiple formats (JSON, XML, plain text). Faster (less overhead). Works seamlessly with modern web & mobile apps. Better performance due to caching & statelessness.
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Suppose we have a User Service API:
This shows how CRUD operations map directly to HTTP methods.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: In REST, everything is modeled as a resource (users, products, orders). Each resource is identified by a URI and can be manipulated using standard HTTP methods.
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
HATEOAS (Hypermedia As The Engine Of Application State) means responses contain
links to related actions/resources.
👉 Example:
{
"id": 1,
"name": "John",
"links": [
{ "rel": "self", "href": "/users/1" },
{ "rel": "orders", "href": "/users/1/orders" }
}
This helps clients navigate APIs dynamically.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: Common methods: API Keys → Simple tokens. Basic Auth → Username & password (not secure without HTTPS). OAuth 2.0 / OpenID Connect → Standard protocols for secure access. JWT (JSON Web Tokens) → Widely used for stateless authentication.
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: Middleware is software that sits between client requests and server responses. Used for: Logging Authentication & Authorization Request validation Error handling Rate limiting
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: GET → Used to retrieve data, should not modify server state, and can be cached/bookmarked. POST → Used to create new resources or submit data. It modifies server state, is not idempotent, and cannot be cached.
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: 200 OK → If the resource was successfully deleted and a response body is returned. 204 No Content → If the resource was deleted but no body is needed. 404 Not Found → If the resource does not exist.
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: Safe → Because it only retrieves data without modifying server state. Idempotent → Multiple GET requests have the same result; no side effects occur.
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: Yes. If the resource does not exist, PUT can create it at the specified URI. Example: 👉 PUT /users/100 → If user 100 doesn’t exist, it will be created.
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: Idempotency means multiple identical requests have the same effect as one. PUT → Updating a resource with the same data multiple times results in no further change. DELETE → Deleting a resource repeatedly still results in it being deleted.
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
👉 Example:
email.
not included.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: PI? The GET method is used to fetch data because it is safe, idempotent, and optimized for retrieval operations.
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: The GET method is used to fetch data because it is safe, idempotent, and optimized for retrieval operations. 🔹 HTTP Status Codes – REST API Interview Q&A
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
PIs?
HTTP status codes are 3-digit numbers returned by the server to indicate the result of a
client request.
They are important because they:
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
HTTP status codes are 3-digit numbers returned by the server to indicate the result of a
client request.
They are important because they:
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: It indicates the request was successful, and the server is returning the expected response body (e.g., GET request returning data).
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: It indicates that a new resource was successfully created. Usually returned after a POST request, along with a Location header pointing to the new resource.
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: Returned when the request is malformed or invalid, such as: Missing required parameters. Invalid JSON format. Wrong data type provided.
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: It means the client is not authenticated (missing/invalid credentials). The request cannot proceed without proper authentication (e.g., missing token).
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: 404 Not Found → The resource does not exist (or the client requested the wrong endpoint). 410 Gone → The resource used to exist but has been permanently removed.
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: It indicates a server-side failure (unexpected error, crash, or unhandled exception). It’s a generic error and should be logged for debugging.
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: It means the client is authenticated but not authorized to access the resource. 👉 Example: A normal user trying to access an admin-only endpoint.
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: It indicates the request was well-formed (valid syntax) but could not be processed due to semantic errors. 👉 Example: Submitting a form where email is valid format but already exists.
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: It means the resource has not changed since the last request. Commonly used with caching to improve performance (client uses cached version).
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: It indicates the server timed out waiting for the client’s request. 👉 Example: Client took too long to send data in a POST request.
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: 503 indicates the server is temporarily unavailable (e.g., maintenance, overload). Best practices: Return a Retry-After header. Use monitoring/alerts to restore service quickly.
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: 401 Unauthorized → Authentication required (client not logged in / invalid token). 403 Forbidden → Authentication is valid, but the user lacks permissions.
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: A redirect tells the client to fetch a resource from a different URL. 301 Moved Permanently → Resource moved permanently (update bookmarks/links). 302 Found → Temporary redirect (use current URL for future requests).
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Statelessness means each client request to the server must contain all the necessary
information to process it (like authentication token, parameters, body). The server does not
store client session state.
👉 Example in ASP.NET Core Web API:
[HttpGet("profile")]
public IActionResult GetProfile([FromHeader] string token)
{
if (string.IsNullOrEmpty(token)) return Unauthorized();
// Token is validated each time (stateless, no session memory)
return Ok(new { Name = "John Doe", Email = "john@example.com"
});
}ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
It means REST APIs separate the client (frontend/UI) and server (backend logic,
database).
This separation improves scalability and flexibility.
👉 Example:
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Responses from the server should indicate whether they are cacheable or not, to improve
performance and scalability. Clients and intermediaries can reuse cached responses.
👉 Example in ASP.NET Core:
[HttpGet("products")]
[ResponseCache(Duration = 60)] // Cache for 60 seconds
public IActionResult GetProducts()
{
return Ok(new[] { "Laptop", "Mouse", "Keyboard" });
}ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
The uniform interface ensures that REST APIs follow consistent conventions for
communication, making them predictable and easy to use.
Key aspects:
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
In REST, resources (like users, products, orders) are identified with URLs instead of
ctions.
👉 Example in ASP.NET Core Web API:
// Instead of action-based
GET /getUser?id=1
// Use resource-based
GET /users/1
This makes APIs cleaner and more intuitive.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
horizontally.
PI.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Each request and response should have enough metadata (headers, content type, status
codes) to describe how to process it, without external context.
👉 Example in ASP.NET Core:
return Ok(new
{
Id = 1,
Name = "John",
Links = new[] { new { Rel = "self", Href = "/users/1" } }
});
Here, the response describes itself (content type = JSON, includes resource links).
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Discoverability means clients can navigate and learn available actions through metadata
or hypermedia links, without hardcoding routes.
👉 Example using HATEOAS in ASP.NET Core Web API:
[HttpGet("users/{id}")]
public IActionResult GetUser(int id)
{
var user = new { Id = id, Name = "Alice" };
var response = new
{
user,
links = new[]
{
new { rel = "self", href = Url.Action("GetUser", new {
id }) },
new { rel = "orders", href = Url.Action("GetUserOrders",
new { id }) }
}
};
return Ok(response);
}
The API response itself guides the client to related resources (user’s orders, profile, etc.).
Q&A
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
(/getUserOrders).
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: Use nouns, not verbs → GET /users (not /getUsers). Use plural form → /users, /orders. Nested resources for relationships → /users/1/orders. Consistent naming conventions. Avoid exposing internal DB structure.
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: Versioning ensures backward compatibility when APIs change. Common approaches: URI versioning → /api/v1/users Header-based versioning → Accept: application/vnd.myapi.v1+json Query parameter → /users?version=1
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: Lightweight and easy to parse. Language independent. Human-readable. Supported natively by JavaScript and most frameworks.
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: Consistency in naming and responses. Error handling with meaningful messages. Security (HTTPS, JWT, OAuth2). Scalability (statelessness, caching). Performance (pagination, filtering). Documentation (Swagger/OpenAPI).
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: Return proper status codes and a structured error object: 👉 Example in ASP.NET Core: { "status": 400, "error": "Invalid Request", "details": "Email field is required" }
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: Prevents large payloads. Improves performance and response times. Reduces server and network load. 👉 Example: GET /users?page=2&limit=20.
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: Use throttling to limit requests per minute/hour per client. Return 429 Too Many Requests. Provide Retry-After header. Tools: API Gateway, NGINX, Middleware.
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: Authentication → API Keys, JWT, OAuth2. Authorization → Role-based access control. Always use HTTPS. Validate input & sanitize data. Prevent SQL injection, XSS, CSRF.
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: Provide versioning. Send Deprecation warning headers. Maintain old versions temporarily. Give developers migration guides.
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: An API key is a unique token used to authenticate requests. 👉 Example: GET /users?apikey=12345 Best practice: Send in headers → Authorization: ApiKey 12345.
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: uthentication? Pros: Secure delegated access. Widely adopted (Google, Facebook, GitHub). Works well for 3rd-party apps. Cons: Complex implementation. Requires token management. Overhead for small/simple APIs.
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: Pros: Secure delegated access. Widely adopted (Google, Facebook, GitHub). Works well for 3rd-party apps. Cons: Complex implementation. Requires token management. Overhead for small/simple APIs.
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: GET, PUT, DELETE → Ensure repeated requests produce the same result. Avoid side effects on repeated requests. Use unique request IDs for POST (to prevent duplicate creation).
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: SQL Injection Cross-Site Scripting (XSS) Cross-Site Request Forgery (CSRF) Broken Authentication Insecure Direct Object References (IDOR) Unencrypted data transmission
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: Always use parameterized queries / ORM (EF Core). Validate and sanitize input. Apply least privilege on DB users. 👉 Example in EF Core: var user = db.Users.FirstOrDefault(u => u.Email == email);
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: Malicious sites could misuse APIs if CORS is too permissive. Always restrict origins (Access-Control-Allow-Origin). Avoid * in production. Use tokens for security.
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: Use structured logging (Serilog, NLog). Log important events (auth failures, errors, requests). Implement monitoring tools (Application Insights, ELK Stack). Add correlation IDs for tracing requests.
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: URI Versioning → /api/v1/users Header Versioning → Accept: application/vnd.myapi.v2+json Best practice: URI versioning for clarity.
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
XML YAML CSV Protocol Buffers (gRPC) Plain text
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: Synchronous → Client waits until the server responds (blocking). Asynchronous → Server processes request in background and may send response later (via polling, callbacks, or webhooks).
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: Webhooks are server-to-server callbacks triggered by events. 👉 Example: Stripe API calls your endpoint /payment/confirmed when a payment succeeds.
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: Used for CORS preflight requests. Tells the client which HTTP methods and headers are allowed. 👉 Example Response: llow: GET, POST, PUT, DELETE ccess-Control-Allow-Origin: *
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: Always return limited results (avoid huge payloads). Provide page and limit parameters → /users?page=2&limit=20. Return metadata → { "page": 2, "totalPages": 10 }. Support cursor-based pagination for large datasets.
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
👉 Tools: Swagger (OpenAPI), Postman, Redoc.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
(Node.js), xUnit/NUnit (C#).
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: Async Processing → Return 202 Accepted with a status URL (/jobs/{id}). Client polls the status endpoint until job is complete. Optionally use Webhooks for notifying clients. 👉 Example: File processing, report generation.
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
rchitecture?
monitoring.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
monitoring.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
👉 Example in ASP.NET Core:
services.AddCors(options =>
{
options.AddPolicy("MyPolicy",
builder => builder.WithOrigins("
.AllowAnyHeader()
.AllowAnyMethod());
});
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
👉 Example: 100 requests/minute per API key.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: Idempotent = multiple identical requests have the same effect as one request. Important for reliability and safe retries. HTTP Methods: GET, PUT, DELETE → Idempotent. POST → Not idempotent (creates new resource each time).
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
{
"status": 400,
"error": "Invalid Data",
"details": "Email is required"
}ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
SDKs.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Caching is storing frequently used data temporarily to reduce server load and improve
response time.
Implementation methods:
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
issues.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
👉 Example in ASP.NET Core: Add XML formatter with
services.AddControllers()
.AddXmlSerializerFormatters();
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
REST API?
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
PI performance?
users.
👉 Example: Cloudflare, Akamai, AWS CloudFront.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
users.
👉 Example: Cloudflare, Akamai, AWS CloudFront.
🔹 API Documentation & Tools – Interview Q&A
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: Contains all endpoints, request/response formats, parameters, headers, and security details. Acts as a contract between client and server. Used for auto-generating documentation, client SDKs, and mock servers.
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
controllers and annotations.
services.AddSwaggerGen(c =>
{
c.SwaggerDoc("v1", new OpenApiInfo { Title = "My API", Version =
"v1" });
});
pp.UseSwagger();
pp.UseSwaggerUI(c => c.SwaggerEndpoint("/swagger/v1/swagger.json",
"My API v1"));
lso support annotations and automatic documentation.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: Postman is a GUI tool for testing REST APIs. Features: Send HTTP requests (GET, POST, PUT, DELETE). Automate tests using Postman Collections. Generate documentation and mock servers. Supports environment variables and CI/CD integration.
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
exceptions.
Example in ASP.NET Core:
pp.UseExceptionHandler(appError =>
{
ppError.Run(async context =>
{
context.Response.StatusCode = 500; // Internal Server Error
context.Response.ContentType = "application/json";
var contextFeature =
context.Features.Get<IExceptionHandlerFeature>();
if(contextFeature != null)
{
// Log exception (use ILogger)
wait context.Response.WriteAsync(new
{
StatusCode = context.Response.StatusCode,
Message = "Internal Server Error.",
Detail = contextFeature.Error.Message
}.ToString());
}
});
});
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Answer: PIs? Return a structured JSON response with: status → HTTP status code error → Short message details → Optional for debugging Example: { "status": 400, "error": "Bad Request", "details": "Email is required" }
In a production ASP.NET Web API application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Example in ASP.NET Core:
var user = dbContext.Users.Find(id);
if (user == null)
{
return NotFound(new { status = 404, error = "User not found" });
}ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
Example:
public class UserModel
{
[Required(ErrorMessage = "Email is required")]
[EmailAddress(ErrorMessage = "Invalid email format")]
public string Email { get; set; }
[Required]
[MinLength(6, ErrorMessage = "Password must be at least 6
characters")]
public string Password { get; set; }
}
// Controller action
[HttpPost("register")]
public IActionResult Register([FromBody] UserModel model)
{
if (!ModelState.IsValid)
{
var errors = ModelState.Values.SelectMany(v =>
v.Errors).Select(e => e.ErrorMessage);
return BadRequest(new { status = 400, error = "Validation
Failed", details = errors });
}
return Ok("User registered successfully");
}ASP.NET Web API ASP.NET Core Web API Tutorial · REST API
PI?
Example using ILogger in ASP.NET Core:
private readonly ILogger<MyController> _logger;
public MyController(ILogger<MyController> logger)
{
_logger = logger;
}
[HttpGet("{id}")]
public IActionResult GetUser(int id)
{
_logger.LogInformation("Fetching user with id {UserId}", id);
try
{
var user = dbContext.Users.Find(id);
if (user == null)
{
_logger.LogWarning("User with id {UserId} not found",
id);
return NotFound();
}
return Ok(user);
}
catch (Exception ex)
{
_logger.LogError(ex, "Error fetching user with id {UserId}",
id);
return StatusCode(500, "Internal Server Error");
}
}
This covers all core aspects of error handling and debugging for REST APIs.