For checking the functionality of individual APIs.
For validation of functionality and performance for the system under various levels of user/ transaction load.
Involves various types of security checks like penetration testing, authentication, encryption, and access control.
For testing end to end functionality of the API layer.
Execution of Automated / Manual tests to identify problems, such as exceptions and resource leaks.
End to end testing of the entire system using the APIs.