API Testing
      Back to home
      1. Help Center
      2. Scanning & Testing
      3. API Testing

      How does Edgescan perform Broken function level authorization?

      Edgescan includes Broken object level authorization in all API Testing

      Version Number: v1.0.1

      Published Date: 9 Apr 2024

      ____________________________________________________________________________

      Although commonly mistaken for manual testing, it is still possible to cover some of the surface level with automation such as if user credentials are used, we commonly may see an endpoint in the URL such as /api/user/profile in which case a regex is used to replace /user/ with /admin/ and perform a DIFF but manual intervention is always recommended for a higher level of coverage.