A pragmatic approach to QA and OPS

Serialization and De-serialization

Photo by Karolina Grabowska on <a href="https://www.pexels.com/photo/photo-of-a-person-s-hand-plugging-in-a-flash-drive-into-a-laptop-5882582/" rel="nofollow">Pexels.com</a>

Recently I gave an interview for a Systems Engineer post. And one of the questions that the interviewer asked was “What is Deserialisation”.

And although this is a very important concept that should have been answered by me, I was not able to. And that is why I’m going to post about this.

I have this habit of writing down the questions that gets asked in interviews and then if I’m not able to answer that question, I circle back once the call is over and then try to analyse why I was not able to. So I figured that in the process of learning API concepts like API Gateway, Caching, and other stuff, I’ve forgotten one of the basic principles of Java that is being used in API tests – Serialisation and De-serialisation.

Let’s start with some basic definitions that will be required in this post.


POJO or Plain Old Java Objects, as they are called, is nothing but a plain and simple object in Java. For the context of this blog, we will try to see how we can serialise and deserialise a POJO class.

The difference is that POJO is not restricted by anything other than the restrictions imposed by the java language specification. The task of POJO is to increase the reusability of the code. It is also used to improve the readability of the code. One crucial point for POJO is that there is no special naming convention followed in the case of a POJO.

Let’s see an example of a simple POJO class

If you see in this class, there are two private members. – the Badminton Brand and the racket Name. Now to get the values we have getter methods and to set the values in the members we have the setter methods. These getter and setter methods are very important in the context of a POJO class – that we’ll see later.


Serialization is the programming technique where we convert Objects to Byte Streams that can be either stored in a file or transmitted over a network. Serialization is a process of conversion of the Instance of a Class (state of the Java object) to a byte stream. Then, this serialized object or we say this Byte steam can be stored in files or external sources and can be transferred over networks.

So, basically Serialization is the process of Converting a POJO to a JSON object.

In Java, a Serializable object is an object which inherits from either of the two interfaces

Serializable interface is a marker interface. Which means that you do not have to implement any methods if your class derives from this interface. This is just a marker and the Java runtime, when trying to Serialize the class, will just check for the presence of this interface in the class. If Serializable interface is present in the class inheritance hierarchy, Java run time will take care of Serialization of the class.

On the other hand, the Externalizable interface is not a marker interface. If you derive from Externalizable interface you have to implement these two methods

  • readExternal(ObjectInput input)
  • writeExternal(ObjectOutput output)

We should inherit from Externalizable interface only when we want to overtake the Java’s default serialization mechanism. If you want to use the default Java’s serialization mechanism than you should inherit from Serializable interface only.

From the example above, let’s implement the getter and setter methods and then try to print the Serialized data

which outputs


It is just the opposite of Serialization. If you want to convert a byte stream into plain Java objects, then you need to de-serialize the data that you’re recieving.

In the above example, let’s try to de-serialize the data

which outputs

Serialization and De-Serialization in API Testing

In API testing, serialization and deserialization are commonly used for:

  • Request Payloads: [Serialized Data] When sending data to an API endpoint, you often need to serialize the request payload into a format supported by the API (such as JSON or XML) before sending it over the network. In modern day API’s where we have much more complex JSON to send as a payload, sending a serialized data in POJO format allows for more easier access to payloads and well as providing more chances of customisation.

  • Response Validation: [De- Serialized Data]After making an API request, the response payload needs to be deserialized to access and verify specific data elements or perform assertions on the response.

I’ll list some resources below that have properly explained how to use the concept of Serialization and De-serialization in Rest Assured –

So I hope now that I’m familiar with this concept ( I was earlier but now I’ve more clarity on this), so I think I’ll be able to explain this better in subsequent interviews if any. Hope this helps someone who is looking out for such explanation.

%d bloggers like this: