Techniques are provided to implement application programming interface (API) security validation testing for system integration testing (SIT) in a continuous integration environment. For example, a SIT tool detects a change in master code associated with an application comprising a plurality of microservices and an API gateway to route client API requests to the microservices of the application. The SIT tool obtains a listing of API endpoints exposed by the microservices of the application. The SIT tool performs an automated API security test validation process to determine whether an API security test file has been created for each API endpoint in the listing of API endpoints. The SIT tool fails the API security test validation process in response to determining that an API security test file has not be created for one or more API endpoints in the listing of API endpoints.