POC with
POC setup:
6 repositories
{…}
Swagger
App Sentinel
Kong
Results:
560
APIs discovered by p0

Check dashboard Tab #1
APIs in Swagger vs. p0
103
APIs are undocumented
43%
of documented APIs have parameter difference

Check "Compare Data" dashboard's tab #3
273
Total external APIs

Check dashboard Tab #3
140
External APIs in
App Sentinel
133
External APIs NOT in
App Sentinel
but found by p0
// Sample APIs from the list:
POST
/v1/giftcard/apply
Response:
400 "Invalid parameter received in request"
Show curl
DELETE
v1/reward/remove
Response:
400 "Invalid parameter received in request"
Show curl
24
Zombies not in
App Sentinel
but found by p0
30
External APIs by p0 in
App Sentinel
but not coming from FE-API
103
External APIs in
Kong
170
External APIs NOT in
Kong
but found by p0
// Sample APIs from the list:
GET
v1/shipping/pakkapromise
Response:
400 "Invalid parameter received in request"
Show curl
GET
user/getRetailerCreditInfo
Response:
401 "Unauthorized"
Show curl
158 (28%)
Zombie APIs found
32 (20%)
Zombie APIs with PII

Check dashboard Tab #2
// Sample APIs from the list:
GET
/fe-api/cartapi/test
Response:
200 "All is well for now"
Show curl
POST
/fe-api/cartapi/addSample
Response:
500 "INTERNAL_SERVER_ERROR"
Show curl
POST
/fe-api/cartapi/addSample/v2
Response:
500 "INTERNAL_SERVER_ERROR"
Show curl
GET
/fe-api/credit/history/all
Response:
200 "Loan not found"
Show curl