Integration – REST API Questions

REST API integration is a fundamental skill for connecting Salesforce with external systems and building robust integration solutions. These questions cover REST API fundamentals, HTTP methods, authentication mechanisms, error handling, versioning strategies, and best practices for building secure and scalable APIs. Understanding these concepts is essential for any Salesforce developer working on integration projects.

REST API Integration with Apex - Q&A

Q1. What is REST API and its key characteristics?
Ans: REST (Representational State Transfer) is an architectural style that uses: - HTTP methods (GET, POST, PUT, DELETE) - Stateless communication - JSON/XML payloads - Resource-based URLs (e.g., /accounts/123)

Q2. How do you create a REST endpoint in Apex?
Ans: Use @RestResource annotation:

@RestResource(urlMapping='/contacts/*')
global class ContactAPI {
  @HttpGet
  global static Contact getContact() {
    String contactId = RestContext.request.requestURI.substringAfterLast('/');
    return [SELECT Id, Name FROM Contact WHERE Id = :contactId];
  }
}

Q3. What are the HTTP methods supported in Apex REST?
Ans: Six supported methods: - @HttpGet - @HttpPost - @HttpPut - @HttpDelete - @HttpPatch - @HttpHead

Q4. How do you access request parameters?
Ans: Three ways to access data:

// 1. URL path parameter
String id = RestContext.request.requestURI.substringAfterLast('/');

// 2. Query parameter
String name = RestContext.request.params.get('name');

// 3. Request body (for POST/PUT)
Map body = (Map)JSON.deserializeUntyped(
  RestContext.request.requestBody.toString()
);

Q5. How do you set response headers and status codes?
Ans: Use RestContext.response:

@HttpGet
global static void getData() {
  RestResponse res = RestContext.response;
  res.statusCode = 200;
  res.addHeader('Content-Type', 'application/json');
  res.responseBody = Blob.valueOf(JSON.serialize(myData));
}

Q6. What is the process to expose Apex REST API?
Ans: 3-Step Process: 1. Create class with @RestResource 2. Add methods with HTTP annotations 3. Access via /services/apexrest/urlMapping
Q7. How do you handle authentication in Apex REST APIs?
Ans: Three approaches: 1. Session ID: Use current user's session 2. OAuth: Validate access tokens 3. Custom Token: Implement API keys

Q8. How do you test REST APIs in Apex?
Ans: Test class structure:

@isTest
private class ContactAPITest {
  @isTest
  static void testGetContact() {
    Contact c = new Contact(LastName='Test');
    insert c;
    
    RestRequest req = new RestRequest();
    req.requestURI = '/services/apexrest/contacts/' + c.Id;
    req.httpMethod = 'GET';
    RestContext.request = req;
    
    Test.startTest();
    Contact result = ContactAPI.getContact();
    Test.stopTest();
    
    System.assertEquals('Test', result.LastName);
  }
}

Q9. How do you handle errors in REST APIs?
Ans: Standard error response pattern:

@HttpGet
global static void getData() {
  try {
    // Business logic
    RestContext.response.responseBody = Blob.valueOf(JSON.serialize(data));
  } catch(Exception e) {
    RestContext.response.statusCode = 500;
    RestContext.response.responseBody = Blob.valueOf(JSON.serialize(new Map{
      'error' => e.getMessage(),
      'stackTrace' => e.getStackTraceString()
    }));
  }
}

Q10. How do you implement pagination?
Ans: Use query parameters:

@HttpGet
global static List getAccounts() {
  Integer page = Integer.valueOf(RestContext.request.params.get('page'));
  Integer size = Integer.valueOf(RestContext.request.params.get('size'));
  
  return [SELECT Id, Name FROM Account 
          LIMIT :size OFFSET :(page * size)];
}

Q11. How do you process bulk data in REST APIs?
Ans: Chunking pattern:

@HttpPost
global static void createContacts() {
  List contacts = (List)JSON.deserialize(
    RestContext.request.requestBody.toString(),
    List.class
  );
  
  List results = Database.insert(contacts, false);
  // Process partial successes
}

Q12. How do you version REST APIs?
Ans: URL versioning best practice:

@RestResource(urlMapping='/v1/accounts/*')
global class AccountAPI_V1 { /*...*/ }

@RestResource(urlMapping='/v2/accounts/*')
global class AccountAPI_V2 { /*...*/ }

Q13. How do you secure REST endpoints?
Ans: Security measures:

@HttpGet
global static void getSensitiveData() {
  // 1. Verify session
  if(Test.isRunningTest() == false && 
     RestContext.request.headers.get('Authorization') == null) {
    RestContext.response.statusCode = 401;
    return;
  }
  
  // 2. Check CRUD/FLS
  if(!Schema.sObjectType.Account.isAccessible()) {
    RestContext.response.statusCode = 403;
    return;
  }
}

Q14. How do you document Apex REST APIs?
Ans: Three documentation methods: 1. Apex comments (for Salesforce devs) 2. Swagger/OpenAPI (external consumers) 3. Postman collection (for testing)
Q15. How do you monitor API usage?
Ans: Tracking approaches: - Custom logging object - Platform Events - Streaming API - Setup → API Usage in Salesforce
Q16. Practical Integration Example: Salesforce-to-Salesforce
Ans: Step-by-Step Process: 1. Create Connected App in both orgs 2. Implement OAuth 2.0 flow to get access token 3. Make callout using token:
```
HttpRequest req = new HttpRequest();
req.setEndpoint('callout:ConnectedAppName/services/data/v56.0/query?q=SELECT+Name+FROM+Account');
req.setHeader('Authorization', 'Bearer ' + accessToken);
HttpResponse res = new Http().send(req);
```

Q17. Practical Integration Example: External Payment Gateway
Ans: Step-by-Step Process: 1. Store credentials in Named Credential 2. Create Apex class for payment processing:

public class PaymentProcessor {
  public static Boolean chargePayment(Decimal amount, String cardToken) {
    HttpRequest req = new HttpRequest();
    req.setEndpoint('callout:PaymentGateway/api/charge');
    req.setMethod('POST');
    req.setBody(JSON.serialize(new Map{
      'amount' => amount,
      'token' => cardToken
    }));
    
    HttpResponse res = new Http().send(req);
    return res.getStatusCode() == 200;
  }
}

Back to Integration Home