Q1. What type of relationship is defined as one resource existing only if another parent resource exist-for example, pages in a book?

Q3. When dealing with JSON web Tokens (JWTs), what is a claim?

Q4. Which REST contraint specifies that knowledge and understanding obtained from one component of the API should be generally applicable elsewhere in the API?

Q5. What would you enable to allow a browser on another site to make an AJAX request to your API?

Q6. APIs commonly use webhooks to **\*\*\*\***\_\_\_\_**\*\*\*\***.

Q7. What is the underlying goal of all APIs?

Q8. Which is a common command-line tool for using or exploring an API?

Q9. What is the modern specification for describing an API?

Q10. Which HTTP verb is normally used to update or create a resource in an API?

Q11. What is one benefit of server-side caching in APIs?

Q12. Your API resource does no allow deletion, and a client application attempted to delete the resource. What HTTP respose code should you return?

Q13. What is OpenID Connect?

Q14. What is one benefit of GraphQl over REST approaches?

Q15. Which REST constraint specifies that there should be no shared context?

Q16. What purpose does a User-Agent serve?

Q17. If you were to add versioning by using the Accept and Content-Type header, what would be the correct format of the header value?

Q18. What is one benefit that OAuth provides over an API key approach?

Q19. The ability to execute the same API request over and over again without changing the resource’s state is an example of ___.

Q20. What component can you use to wrap legacy architectures or protocols into a REST interface for easier consumption and integration?

Q21. What protection does a JSON Web Token (JWT) offer to mitigate tampering with its contents?

Q22. What OAuth term is used to represent permissions?

Q23. What additional type of token would you see when using OpenID Connect?

Q24. What should you add to a Cache-Control response header to specify that a response should not be stored in an intermediary cache?

Q25. Which OAuth grant type can support a refresh token?

Q26. Using OAuth, what scope would you request for write access to the API?

Q27. Which property would you use to include subresources directly into a JSON document?

Q28. What is the best way to track SDK and version usage?

Q29. Which REST constraint allows for the presence of caching, routing, and other systems between the client and server?

Q30. Which content is best to include in your documentation?

Q31. What metric tracks overall availability for your API?

Q34. When building SDKs, which languages should you support?

Q35. Which property would you use to include references to other resources in a JSON document?

Q36. What is OAuth?

Q37. What should your API documentation describe?

Q38. What is the purpose of an OAuth refresh token?

Q39. What is Time to First Hello World?

Q40. Which response header tells the client and intermediaries that the response is not to be cached anywhere?

Q41. What component hides the distinctions or boundaries between various microservices from end-client applications?

Q42. The textbook approach to api versioning is to use _.

Q43. Which is the most secure method to transmit an API key?

Q44. Within Oauth, what component validates the user’s identity?

Q45. API traffic that is entirely internal to your organisation is normally called ____?

Q46. What is the best approach for requesting JSON instead of XML from an API?

Q47. When a user attempts to access a record that is not their own, whitch HTTP response code is the most appropriate?

Q48. Which is a benefit of using an API gateway?

Q49. API testing must be treated as __?

Q50. Which HTTP verb is used in a CORS preflight request?

Q51. Which response header will tell the client that the response is cached for 1 minute ?

Q53. Which HTTP response code describes a new resource as created successfully?