How do you structure your API testing, including which HTTP methods you test and how you validate response codes and payloads?