How do I test a REST API in my browser?

Enter the API URL, select the HTTP method, add any headers or body, and click Send. Use Browser mode when the target API already allows CORS. If the browser blocks the request, switch to Proxy mode to route the request through the JSONTech edge worker for testing.

Why am I getting a CORS error?

CORS (Cross-Origin Resource Sharing) errors happen in Browser mode when the target API does not include Access-Control-Allow-Origin headers. Public APIs like JSONPlaceholder usually work. Many private or internal APIs do not. You can either ask the API owner to allow your origin or switch the API Explorer to Proxy mode for testing.

Is my API data sent to your server?

In Browser mode, no — the request goes straight from your browser to the target API. In Proxy mode, the request URL, headers, auth, and body pass through the JSONTech edge worker so it can complete the request on your behalf. We do not store that proxy traffic.

Can I send authenticated API requests?

Yes. Use the Auth tab to configure Bearer token, Basic authentication, or a custom API key header. In Browser mode the credentials stay in your browser. In Proxy mode they are forwarded through JSONTech edge infrastructure for the live request and are not stored.

Can I test AI APIs and tool endpoints here?

Yes. API Explorer works well for OpenAI-compatible APIs, Anthropic endpoints, MCP-over-HTTP gateways, and any JSON-based tool endpoint. You can send auth headers, tweak request bodies, and inspect the structured JSON response without leaving the browser.

API エクスプローラー

ブラウザで REST API を試す

Mode:More private. Requires the target API to allow browser CORS.

Request Headers

Requests are sent directly from your browser using fetch(). The target API must allow CORS (Access-Control-Allow-Origin) for cross-origin requests to succeed. Public APIs like JSONPlaceholder work out of the box.

Test REST requests and inspect responses in one place

API debugging usually breaks across multiple tabs: one place for cURL, another for auth headers, another for JSON formatting. The API Explorer keeps the request, the response, and the formatted payload together, with browser mode for public APIs and proxy mode when CORS gets in the way. That makes it useful for classic REST APIs, AI inference endpoints, and JSON-based tool gateways.

Use the API Explorer when you need to

Replay a request from cURL

Paste a cURL command from docs, logs, or terminal history and import the method, URL, headers, auth, and body.

Inspect a JSON API response

Send the request, then switch between formatted, raw, and tree views without leaving the page.

Quickly debug auth, prompt, and header issues

Adjust bearer, basic, or API key auth alongside headers and resend the request in seconds, even when the body contains structured AI instructions or tool payloads.

How to test an API request quickly

1
Enter the request URL manually or import a cURL command from your terminal or API docs.
2
Choose browser mode for CORS-enabled APIs or proxy mode for blocked endpoints, then set the method, headers, auth, and request body.
3
Inspect status, timing, response headers, and the formatted JSON body to confirm what changed.

Keep going

Read the REST API testing guide

See a fuller workflow for reproducing and debugging API requests.

Format JSON payloads

Clean up copied request and response bodies before sharing or diffing them.

Compare two API responses

Spot structural changes between expected and actual payloads faster.

Inspect JWT tokens

Decode bearer tokens when an auth bug might be caused by claims or expiry.

Common API debugging workflows

Import a failing cURL request from logs

Recreate the request in the browser, tweak one header, token, or JSON body field, and resend immediately.

Check why a response changed between environments

Run the same request twice, then pass both payloads into JSON Compare for structural diffs.

Verify an endpoint before wiring it into your app

Test auth, body shape, and response timing before you start debugging frontend code.

よくある質問

APIのURLを入力し、HTTPメソッド（GET, POST, PUT, PATCH, DELETE）を選び、必要に応じてヘッダーやリクエストボディを追加して「Send」を押します。このツールはブラウザのfetch() APIで直接リクエストを送るため、バックエンドサーバーは介在しません。

CORS（Cross-Origin Resource Sharing）エラーは、APIサーバーがレスポンスにAccess-Control-Allow-Originヘッダーを付けていない場合に発生します。これはブラウザのセキュリティ機能です。JSONPlaceholderのようにCORSを許可している公開APIもありますが、社内/プライベートAPIでは許可されていないことが多いです。必要ならCORSプロキシを使うか、サーバーサイド環境からテストしてください。

いいえ。リクエストはfetch() APIであなたのブラウザから対象APIへ直接送信され、当社サーバーを経由しません。ブラウザのNetworkタブで確認すると、APIエンドポイントへ直接リクエストが飛んでいるのが分かります。

はい。AuthタブでBearer token、Basic認証（ユーザー名/パスワード）、または任意のAPIキー用ヘッダーを設定できます。認証情報はリクエストヘッダーに自動で付与され、ブラウザ内にのみ保持されます。