Better Practices
Published in

Better Practices

Reverse engineering an API

Gain a deeper understanding of a public or private API, especially for ones that aren’t well-documented

Photo by from Pexels

Why reverse engineer an API

Reverse engineering, also called back engineering, is the process by which a man-made object is deconstructed to reveal its designs, architecture, or to extract knowledge from the object.

Selfish reasons for reverse engineering an API

What is an HTTP/S proxy?

It’s all there! Black and white, clear as crystal!

— Willy Wonka, The Chocolate Factory

Reasons to use a web proxy

Postman is a proxy that captures the HTTP/S request

Free web proxy tools

A Postman recipe for reverse engineering an API

Import this collection and follow along with these examples
Examples of inspecting HTTP requests

Import a single request

Copy the cURL request from Chrome DevTools
Paste the cURL request as raw text in Postman

Inspect a stream of requests

Postman as a proxy to capture HTTP/S requests from web browser

A final thought about reverse engineering an API

Be excellent to each other.

Bill S. Preston, Esq.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store