Why you need the source xml files for SOAP API security testing?

Good day!
I hope all in good health in this not easy time.

I was faced with the following situation. The guys on my team made a SOAP API penetration testing for one of our clients. Now is the time for re-testing, and the colleague who conducted the initial testing is now on vacation. After talking to him he told me that you need the customer to ask for the XML (WSDL etc) files for the full testing of that API since otherwise not be able to generate requests to the API or response will not be correct.
The first hearing that need the original XML files to the API for testing. Perhaps if the use of such tools as SOAP UI , it is not enough only the API URL (example: https://api.my.com/test/proxyservice/getdata?wsdl) ?
April 19th 20 at 12:27
1 answer
April 19th 20 at 12:29
do you have the address of the endpoint and then what?

what to send? how to send? how to handle? you know it from grandma Wang and her followers?
read what is wsdl, and the questions themselves will disappear.

although, if you have detailed documentation for API, they are not needed.
so what files then need to ask the client?

For example, even here they specify a URL to request
https://www.soapui.org/soap-and-wsdl/working-with-... (Section: Create Project From WSDL) - Aimee.Fritsch commented on April 19th 20 at 12:32
@Aimee.Fritsch, at least the wsdl (if they don't give it out in the open).
and the test endpoint, if possible.
you can also ask about the xml examples of responses and queries.

in principle, any public API, even closed, as the rule has it all. - Arjun commented on April 19th 20 at 12:35
@Arjun, what do you mean test the endpoint? access to the machine with the API? - Aimee.Fritsch commented on April 19th 20 at 12:38
@Aimee.Fritsch, is a fictitious API specifically for the tests.
the functionality is similar to the real, but not working with real data. - Arjun commented on April 19th 20 at 12:41

Find more questions by tags SOAPAPI