How do I test a REST API in my browser?

Enter the API URL, select the HTTP method, add any headers or body, and click Send. Use Browser mode when the target API already allows CORS. If the browser blocks the request, switch to Proxy mode to route the request through the JSONTech edge worker for testing.

Why am I getting a CORS error?

CORS (Cross-Origin Resource Sharing) errors happen in Browser mode when the target API does not include Access-Control-Allow-Origin headers. Public APIs like JSONPlaceholder usually work. Many private or internal APIs do not. You can either ask the API owner to allow your origin or switch the API Explorer to Proxy mode for testing.

Is my API data sent to your server?

In Browser mode, no — the request goes straight from your browser to the target API. In Proxy mode, the request URL, headers, auth, and body pass through the JSONTech edge worker so it can complete the request on your behalf. We do not store that proxy traffic.

Can I send authenticated API requests?

Yes. Use the Auth tab to configure Bearer token, Basic authentication, or a custom API key header. In Browser mode the credentials stay in your browser. In Proxy mode they are forwarded through JSONTech edge infrastructure for the live request and are not stored.

Can I test AI APIs and tool endpoints here?

Yes. API Explorer works well for OpenAI-compatible APIs, Anthropic endpoints, MCP-over-HTTP gateways, and any JSON-based tool endpoint. You can send auth headers, tweak request bodies, and inspect the structured JSON response without leaving the browser.

Explorador de API

Prueba APIs REST en el navegador con respuestas JSON formateadas

Mode:More private. Requires the target API to allow browser CORS.

Request Headers

Requests are sent directly from your browser using fetch(). The target API must allow CORS (Access-Control-Allow-Origin) for cross-origin requests to succeed. Public APIs like JSONPlaceholder work out of the box.

Test REST requests and inspect responses in one place

API debugging usually breaks across multiple tabs: one place for cURL, another for auth headers, another for JSON formatting. The API Explorer keeps the request, the response, and the formatted payload together, with browser mode for public APIs and proxy mode when CORS gets in the way. That makes it useful for classic REST APIs, AI inference endpoints, and JSON-based tool gateways.

Use the API Explorer when you need to

Replay a request from cURL

Paste a cURL command from docs, logs, or terminal history and import the method, URL, headers, auth, and body.

Inspect a JSON API response

Send the request, then switch between formatted, raw, and tree views without leaving the page.

Quickly debug auth, prompt, and header issues

Adjust bearer, basic, or API key auth alongside headers and resend the request in seconds, even when the body contains structured AI instructions or tool payloads.

How to test an API request quickly

1
Enter the request URL manually or import a cURL command from your terminal or API docs.
2
Choose browser mode for CORS-enabled APIs or proxy mode for blocked endpoints, then set the method, headers, auth, and request body.
3
Inspect status, timing, response headers, and the formatted JSON body to confirm what changed.

Keep going

Read the REST API testing guide

See a fuller workflow for reproducing and debugging API requests.

Format JSON payloads

Clean up copied request and response bodies before sharing or diffing them.

Compare two API responses

Spot structural changes between expected and actual payloads faster.

Inspect JWT tokens

Decode bearer tokens when an auth bug might be caused by claims or expiry.

Common API debugging workflows

Import a failing cURL request from logs

Recreate the request in the browser, tweak one header, token, or JSON body field, and resend immediately.

Check why a response changed between environments

Run the same request twice, then pass both payloads into JSON Compare for structural diffs.

Verify an endpoint before wiring it into your app

Test auth, body shape, and response timing before you start debugging frontend code.

Herramientas relacionadas

LLM JSON Output Validator

Repair and validate model JSON output against a schema

Formateador JSON

Embellece y formatea JSON con sangría configurable

MCP Tool Schema Validator

Validate MCP tool definitions and verify `inputSchema` before deployment

Decodificador JWT

Decodifica tokens JWT: cabecera, payload y caducidad

Preguntas frecuentes

Introduce la URL de la API, elige el método HTTP (GET, POST, PUT, PATCH, DELETE), añade headers y un body si hace falta, y pulsa Send. La herramienta usa fetch() del navegador para hacer la petición directamente: no interviene ningún servidor backend.

Los errores CORS (Cross-Origin Resource Sharing) ocurren cuando el servidor de la API no incluye headers Access-Control-Allow-Origin en la respuesta. Es una medida de seguridad del navegador. APIs públicas como JSONPlaceholder suelen permitir CORS, pero muchas APIs privadas no. En ese caso, necesitarás un proxy CORS o probar desde un entorno server-side.

No. Las peticiones salen directamente desde tu navegador hacia la API objetivo usando fetch(). Nada pasa por nuestros servidores. Puedes comprobarlo en la pestaña Network del navegador: verás la solicitud yendo al endpoint de la API.

Sí. En la pestaña Auth puedes configurar Bearer token, autenticación Basic (usuario/contraseña) o un header personalizado para API key. Las credenciales se añaden automáticamente a los headers y se quedan solo en tu navegador.