Schema validation questions come up in mid-level and senior QA interviews. They want to know if you can go beyond basic status code and field value checks. Here are the questions that keep coming up.
Q: What is JSON Schema and why is it important in API testing?
A: JSON Schema is a vocabulary for annotating and validating JSON documents. It defines the expected structure — field names, data types, required fields, and constraints. In API testing, it is important because it validates the entire response structure in a single assertion, catching issues like missing fields, type changes, and unexpected properties. Without schema validation, you are checking fields individually and can miss structural regressions that break consumers.
Q: What is the difference between "type": "integer" and "type": "number" in JSON Schema?
A: "integer" validates whole numbers only — 1, 42, -5 are valid but 1.5 is not. "number" validates any numeric value including decimals — 1, 42, 1.5, -5.7 are all valid. Use "integer" for IDs, counts, and quantities. Use "number" for prices, ratings, and measurements. This is a common source of schema validation failures when a backend change causes a field to return 100.0 instead of 100.
Q: What does "additionalProperties": false do? When would you use it?
A: "additionalProperties": false rejects any field in the response that is not explicitly defined in the schema's "properties" section. I use it for strict contract testing where both producer and consumer must agree on the exact response structure. It catches cases where the API accidentally exposes internal fields like "internalId" or "debugInfo." However, it can break tests when the API team intentionally adds new fields. The decision to use it depends on the team — strict is better for contract testing, permissive is better for forward-compatible testing.
Q: How do you handle nullable fields in JSON Schema?
A: Use an array for the type: "type": ["string", "null"]. This allows the field to be either a string or null. For example, a "middleName" field that might not exist for all users would have "type": ["string", "null"]. Do not confuse nullable with optional — a field can be required AND nullable. "required" means the field must exist in the response. The type array controls what values it can have. So required + ["string", "null"] means the field must be present, but its value can be null.
Q: What is the difference between schema validation and contract testing?
A: Schema validation checks if an API response matches a predefined structure. It is a unilateral check — one side validates against a schema. Contract testing is bilateral — both the producer and consumer agree on a contract, and both sides validate against it. Schema validation is a form of contract testing, but contract testing tools like Pact go further. Pact records consumer expectations, sends them to the producer, and the producer verifies it can fulfill them. Schema validation catches structural drift. Contract testing catches behavioral mismatches too.
Q: How would you set up schema validation in a CI/CD pipeline?
A: I add schema validation as a separate stage in the CI/CD pipeline, between unit tests and integration tests. For REST Assured, it is a Maven test execution targeting the SchemaValidationTest class. For Postman, it is a Newman run against the schema validation collection. The pipeline is configured to fail the build and send alerts if schema validation fails. I run it on every PR, after staging deployments, and as a nightly scheduled job for third-party APIs. Schema files are committed to version control alongside the test code, so changes are tracked and reviewed in PRs.
Q: A developer says "we do not need schema validation because we already check status codes and response fields." How do you respond?
A: Status code checks only verify the API did not crash — a 200 does not mean the response is correct. Individual field checks verify specific values but miss structural changes. Imagine checking that "name" equals "Rahul" — this passes even if the API removed the "email" field, changed "age" from integer to string, or added an "internalDebugId" field. Schema validation catches ALL of these in one assertion. It is not a replacement for field checks — it is a complement. Field checks verify correctness. Schema validation verifies structure. You need both.
| Question | Quick Answer |
|---|---|
| Which JSON Schema draft should I use? | Draft-07. It is the most widely supported and stable. |
| tv4 or Ajv for Postman? | Ajv. It is modern, follows the spec, and checks required by default. |
| Where do schema files go in REST Assured? | src/test/resources/schemas/ — anywhere on the test classpath. |
| Can I validate XML responses with JSON Schema? | No. JSON Schema is for JSON only. Use XSD for XML responses. |
| What is $ref used for? | Referencing reusable sub-schemas defined in "definitions" to avoid duplication. |
| How to handle optional fields? | Simply do not include them in the "required" array. Define them in "properties" so their type is validated IF they appear. |
Key Point: In interviews, always explain schema validation as a structural check that complements value-based assertions. Mention the tools (Ajv, REST Assured json-schema-validator), the CI/CD integration, and the concept of API contracts. Show you understand WHEN and WHY to use it, not just HOW.
Key Point: Schema validation interview questions test whether you understand structural testing beyond basic assertions. Know the tools, the CI/CD integration, and the contract testing concept.
Answer all 5 questions, then submit to see your score.
1. What does the "required" keyword in JSON Schema enforce?
2. In Postman, what is the main gotcha when using tv4 for schema validation?
3. Where should JSON Schema files be placed for REST Assured to find them using matchesJsonSchemaInClasspath()?
4. What does "additionalProperties": false do in a JSON Schema?
5. Which approach is recommended for creating JSON Schemas for a large API?