You configure your traffic to get routed through a man in the middle proxy. If you get certificate errors you can’t ignore, you need to use something like Frida to remove the certificate checks/pinning.

After that you look at the plaintext requests. Odds are that there is an authorization system you need to figure out. Again jadx/Frida is your friend.

deleted by creator

First, if you don’t have a rootable Android phone, you need to get one. An API is an API for the most part, so any cheap throwaway phone will probably work as long as it is sufficient to run the app and rootable

Basically: you need to MITM yourself (Or at least your phone), you’re going to need to generate a SSL certificate and install it to your phone and “pin” it (Basically, make your phone use it for everything, the end all be all certificate.) Then route your phones connection through a proxy that will capture the traffic and then decrypt it using the same cert. Don’t forget to do stuff on the target app, I would start it fresh to capture any authentication stuffs.

There’s an app that can do it all on the device (save for the decryption and parsing, you have to export the capture and cert to a computer for that) called Draeneg iirc