Yes, interesting what happens when a noobie assumes something can be done, has time available, and is motivated. Usually the interesting thing turns out badly but in this rare exception, all the experiments have lead to a good payoff.
Here's a really easy way to inspect realtime web API traffic. It works for both HTTP and HTTPS (decrypted) traffic. There's no hassling with device proxies. It works with all sorts of client devices including Android, iOS. Linux and Windows. You'll need to setup a router and install transparent proxy software. Specifically, I use dd-wrt router software, and installed mitmproxy.org's transparent proxy on a Mac OS/X system. Probably any router's software will do. There's other choices for transparent proxy software (squid), and other hosting system choices such as Linux. There's articles on the internet which explain, in uber-guru terms, how to install mitmproxy on a dd-wrt router so a host system isn't needed. There's also articles about using a Raspberry PI to as both a router and mitmproxy host.
Client Device Enabling
First, connect your client device to your private proxy network (192.168.3.x) -- just select your wireless SSID. Second, to enable HTTPS decryption, follow your proxy provider's instructions for storing their SSL certificate.
Let's assume your LAN is 192.168.1.x (usually having a gateway of 192.168.1.1), your transparent proxy host is 192.168.1.2, and you've chosen to create a new LAN (named PROXY) of 192.168.3.x for your client devices. Note that the attached image uses a somewhat unusual gateway of 192.168.1.254 because that's my internet provider's default.
You need to configure the router so that the gateway value points to the transparent router host ip (192.168.1.2). To do so, assign a static IP address for the WAN. Use an ip which is outside of the LAN's DHCP range, often 192.168.1.201 is good. Router's WAN automatic DHCP assignment can't be used because it will also assign the default gateway (usually 192.168.1.1), which in this case won't be the desired proxy host address (192.168.1.2). Hence we are using the router's static IP WAN option to assign a WAN address. Attached is a screen shot image of my dd-wrt setup. The image shows a static IP of 192.168.1.201, a gateway of 192.168.1.2, some google DNS addresses. The router will use a private network of 192.168.3.1.
Transparent Proxy Installation
I chose to install mitmproxy, a transparent proxy, on an OS/X system. There are other choices for proxy and system. You must use a proxy that has a transparent mode, otherwise this configuration won't work. Charles and Fiddler offer reverse proxy but NOT transparent proxy. Follow your proxy provider's installation instructions.
How to Execute mitmproxy on OS/X
# Mac OS/X shell script to start up mitmproxy transparent proxy.
# sudo enables the subsequent command to run in root. You may need to enter the root password.
# Enable packet forwarding
sudo sysctl -w net.inet.ip.forwarding=1
# create a file, pf.conf, to contain firewall rules. Be sure the interface name is the correct one (en0? en2?). My en0 interface handles the 192.168.1.x network.
echo 'rdr on en0 inet proto tcp to any port 80 -> 127.0.0.1 port 8080' > pf.conf
echo 'rdr on en0 inet proto tcp to any port 443 -> 127.0.0.1 port 8080' >> pf.conf
# Execute commands to setup mitmproxy execution environment
sudo pfctl -f pf.conf
sudo pfctl -e
# Specify the path to mitmproxy. In my case the path is ~/Downloads/osx-mitmproxy-0.12.1
# Note Bene: On first execution of mitmproxy, it will create a .mitmproxy directory containing configuration settings.
~/Downloads/osx-mitmproxy-0.12.1/mitmproxy -T --host