How do I test a REST API in my browser?

Enter the API URL, select the HTTP method, add any headers or body, and click Send. Use Browser mode when the target API already allows CORS. If the browser blocks the request, switch to Proxy mode to route the request through the JSONTech edge worker for testing.

Why am I getting a CORS error?

CORS (Cross-Origin Resource Sharing) errors happen in Browser mode when the target API does not include Access-Control-Allow-Origin headers. Public APIs like JSONPlaceholder usually work. Many private or internal APIs do not. You can either ask the API owner to allow your origin or switch the API Explorer to Proxy mode for testing.

Is my API data sent to your server?

In Browser mode, no — the request goes straight from your browser to the target API. In Proxy mode, the request URL, headers, auth, and body pass through the JSONTech edge worker so it can complete the request on your behalf. We do not store that proxy traffic.

Can I send authenticated API requests?

Yes. Use the Auth tab to configure Bearer token, Basic authentication, or a custom API key header. In Browser mode the credentials stay in your browser. In Proxy mode they are forwarded through JSONTech edge infrastructure for the live request and are not stored.

Can I test AI APIs and tool endpoints here?

Yes. API Explorer works well for OpenAI-compatible APIs, Anthropic endpoints, MCP-over-HTTP gateways, and any JSON-based tool endpoint. You can send auth headers, tweak request bodies, and inspect the structured JSON response without leaving the browser.

API-Explorer

REST-APIs im Browser mit formatierten JSON-Antworten testen

Mode:More private. Requires the target API to allow browser CORS.

Request Headers

Requests are sent directly from your browser using fetch(). The target API must allow CORS (Access-Control-Allow-Origin) for cross-origin requests to succeed. Public APIs like JSONPlaceholder work out of the box.

Test REST requests and inspect responses in one place

API debugging usually breaks across multiple tabs: one place for cURL, another for auth headers, another for JSON formatting. The API Explorer keeps the request, the response, and the formatted payload together, with browser mode for public APIs and proxy mode when CORS gets in the way. That makes it useful for classic REST APIs, AI inference endpoints, and JSON-based tool gateways.

Use the API Explorer when you need to

Replay a request from cURL

Paste a cURL command from docs, logs, or terminal history and import the method, URL, headers, auth, and body.

Inspect a JSON API response

Send the request, then switch between formatted, raw, and tree views without leaving the page.

Quickly debug auth, prompt, and header issues

Adjust bearer, basic, or API key auth alongside headers and resend the request in seconds, even when the body contains structured AI instructions or tool payloads.

How to test an API request quickly

1
Enter the request URL manually or import a cURL command from your terminal or API docs.
2
Choose browser mode for CORS-enabled APIs or proxy mode for blocked endpoints, then set the method, headers, auth, and request body.
3
Inspect status, timing, response headers, and the formatted JSON body to confirm what changed.

Keep going

Read the REST API testing guide

See a fuller workflow for reproducing and debugging API requests.

Format JSON payloads

Clean up copied request and response bodies before sharing or diffing them.

Compare two API responses

Spot structural changes between expected and actual payloads faster.

Inspect JWT tokens

Decode bearer tokens when an auth bug might be caused by claims or expiry.

Common API debugging workflows

Import a failing cURL request from logs

Recreate the request in the browser, tweak one header, token, or JSON body field, and resend immediately.

Check why a response changed between environments

Run the same request twice, then pass both payloads into JSON Compare for structural diffs.

Verify an endpoint before wiring it into your app

Test auth, body shape, and response timing before you start debugging frontend code.

Häufig gestellte Fragen

Gib die API-URL ein, wähle die HTTP-Methode (GET, POST, PUT, PATCH, DELETE), füge optional Header und einen Request-Body hinzu und klicke dann auf Send. Das Tool nutzt dafür direkt die fetch()-API deines Browsers — es ist kein Backend-Server beteiligt.

CORS-Fehler (Cross-Origin Resource Sharing) entstehen, wenn der API-Server in der Response keine Access-Control-Allow-Origin-Header setzt. Das ist eine Browser-Sicherheitsfunktion. Öffentliche APIs wie JSONPlaceholder erlauben CORS, viele interne/private APIs jedoch nicht. In dem Fall brauchst du ggf. einen CORS-Proxy oder du testest aus einer Server-Umgebung heraus.

Nein. Alle Requests gehen direkt aus deinem Browser an die Ziel-API (über fetch()). Nichts läuft über unsere Server. Du kannst das im Network-Tab der DevTools prüfen: Der Request geht direkt an den API-Endpoint.

Ja. Im Auth-Tab kannst du Bearer Token, Basic Auth (Username/Passwort) oder einen eigenen API-Key-Header konfigurieren. Die Credentials werden automatisch als Request-Header gesetzt und bleiben nur in deinem Browser.