InterviewStack.io LogoInterviewStack.io

Application Programming Interface Design and Communication Questions

Test the candidates ability to design clean application programming interfaces that are intuitive for clients and to clearly explain the design and its trade offs. Coverage includes resource and contract design, request and response formats, error handling and status conventions, versioning and backward compatibility, performance considerations, rate limiting and security basics, and selection of synchronous versus asynchronous communication approaches. At senior levels this expands to event driven patterns, message based systems, gateway patterns, and how interface decisions affect downstream systems and reliability.

MediumTechnical
37 practiced
Design a cursor-based pagination scheme for a feed API where new items are frequently inserted. Explain how you would generate stable cursors, ensure monotonic ordering across pages, handle items deleted between requests, and design the response metadata (next cursor, prev cursor, approximate totals).
EasySystem Design
66 practiced
Design a minimal RESTful API contract for a Todo resource. Include: URL paths, HTTP methods, sample request and response field names and types (id: integer, title: string, completed: boolean, due_date: ISO 8601 string), and status codes. Also describe how clients can filter todos by completed status and how you would indicate created resource location.
MediumTechnical
48 practiced
List common API security vulnerabilities such as injection attacks, broken authentication, and excessive data exposure. For each, describe concrete mitigations including parameterized queries, input validation, least privilege, encryption, secrets management, rate limiting, and logging. Reference OWASP API Top 10 where relevant.
MediumTechnical
37 practiced
Explain the semantic differences between PUT and PATCH. Design a PATCH request schema for updating a user profile that includes nested address objects and arrays. Discuss how to validate partial payloads and strategies for concurrent updates, such as using ETag, version fields, or optimistic locking.
EasyTechnical
49 practiced
List and explain the appropriate HTTP status codes for these API outcomes and justify your choices: successful resource creation, validation error with field details, unauthorized access, forbidden action, resource not found, rate limit exceeded, and internal server error. For each, give numeric code and short rationale.

Unlock Full Question Bank

Get access to hundreds of Application Programming Interface Design and Communication interview questions and detailed answers.

Sign in to Continue

Join thousands of developers preparing for their dream job.