Rest questions I ask in an interview

  • Java

Most often developers encounter Put, Post, Get, Delete method interview question around Rest over Http. But there are some more hidden gems in HTTP methods those are relevant to understand depth of person’s knowledge getting interviewed.

Here are some of my favorites that I ask to gauge their understanding around rest.

Head

Imagine a situation where you have a resource and you want to check if resource exist on or not ? Which method you will use ?

Most often folks answer Get, but it is not the most appropriate one, why ?

This is because Get returns you a resource which in unnecessary in this case as use case only wants to check if resource exist. This can be done easily with Head as it does not return any payload in response, thus it is a wise choice to have.

Patch

Imagine a situation where I just want to update only one field in the entire resource having 200 fields. Which method is useful, and why ?

Person getting interviewed usually answer it is Put as this is the method someone will use to update or replace a resource. This is partially true but not apt for above use case, why ?

As you have to update only one of the fields in entire resource, you don’t have to send entire object sending only relevant field(s) is enough thus solving the purpose. Many time folks argue this can be done with Put as well but if we go by the specs, Put is more preferred for full object replacement vs Patch for partial replacements.

Options

Do you know which method browser calls before making an actual http method call to an endpoint ?

Usually answer is bit fuzzy but Options is the method that browser hits to find out on client (usually a web browser) about the communication options and security policies for a given resource. This method returns capability of the server and methods it support, based on this evaluation browser actually makes an endpoint call for Put, Post, Patch, Head and Delete. There is no body for options but just headers.

Typical request and response that you get in options is something like below.

OPTIONS /api/users/123 HTTP/1.1
Host: api.example.com
Origin: https://www.my-website.com
Access-Control-Request-Method: DELETE
Access-Control-Request-Headers: Content-Type, Authorization
HTTP/1.1 204 No Content
Date: Tue, 23 Sep 2025 08:15:00 GMT
Connection: keep-alive

Access-Control-Allow-Origin: https://www.my-website.com
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, PATCH
Access-Control-Allow-Headers: Content-Type, Authorization
Access-Control-Max-Age: 86400
Allow: GET, POST, PUT, DELETE, PATCH
Vary: Origin, Access-Control-Request-Headers

Some more follow up questions around the response to understand if person has done real world work could be ?

What this header mean ?

Access-Control-Allow-Origin: https://www.my-website.com:

This is the most crucial CORS header. It tells the browser that requests from the https://www.my-website.com origin are permitted.

What if * is returned the response ?

if * is used it means any one can make a call to this endpoint not only.

What this response header mean ?

Access-Control-Allow-Methods: GET, POST, PUT, DELETE, PATCH

This header explicitly lists all the HTTP methods that the server is willing to accept for the requested URL from the client’s origin. The browser will check this to see if the DELETE method is allowed.

What this header response mean ?

Access-Control-Allow-Headers: Content-Type, Authorization

This lists the specific non-standard headers that the client is allowed to send. In this case, the Authorization header is often included for token-based authentication.

There are some specific cases in spring security you need to understand to make this Options method work, especially if you are exposing an API that will be consumed from APP or a Webapp served from other context.

Connect with us on LinkedIn and follow us on Instagram to stay in the loop with the latest insights on skills, hiring, and workforce transformation.

Subscribe to our Newsletter and YouTube Channel to stay updated with fresh perspectives on GenAI-driven talent evaluation.

🌐 Explore more at thinkhumble.in

Rest questions I ask in an interview was originally published in Javarevisited on Medium, where people are continuing the conversation by highlighting and responding to this story.

This post first appeared on Read More

Related Posts