When you think about reverse engineering an API, perhaps corporate espionage or something legally or ethically questionable comes to mind. Hackers ...
For further actions, you may consider blocking this person and/or reporting abuse
Sometimes docs are not good enough. If you are testing getting at the real payload is valuable, and if you are poxying through wiremock then faking the service for testing.