# 4.12 API Testing

## [API Testing](https://owasp.org/www-project-web-security-testing-guide/stable/4-Web_Application_Security_Testing/12-API_Testing/README)

## 4.12.1 [Testing GraphQL](https://owasp.org/www-project-web-security-testing-guide/stable/4-Web_Application_Security_Testing/12-API_Testing/01-Testing_GraphQL)

* [ ] Assess that a secure and production-ready configuration is deployed.
* [ ] Validate all input fields against generic attacks.
* [ ] Ensure that proper access controls are applied.

**Evidence**:

```
```