How do I test a REST API in my browser?

Enter the API URL, select the HTTP method, add any headers or body, and click Send. Use Browser mode when the target API already allows CORS. If the browser blocks the request, switch to Proxy mode to route the request through the JSONTech edge worker for testing.

Why am I getting a CORS error?

CORS (Cross-Origin Resource Sharing) errors happen in Browser mode when the target API does not include Access-Control-Allow-Origin headers. Public APIs like JSONPlaceholder usually work. Many private or internal APIs do not. You can either ask the API owner to allow your origin or switch the API Explorer to Proxy mode for testing.

Is my API data sent to your server?

In Browser mode, no — the request goes straight from your browser to the target API. In Proxy mode, the request URL, headers, auth, and body pass through the JSONTech edge worker so it can complete the request on your behalf. We do not store that proxy traffic.

Can I send authenticated API requests?

Yes. Use the Auth tab to configure Bearer token, Basic authentication, or a custom API key header. In Browser mode the credentials stay in your browser. In Proxy mode they are forwarded through JSONTech edge infrastructure for the live request and are not stored.

Can I test AI APIs and tool endpoints here?

Yes. API Explorer works well for OpenAI-compatible APIs, Anthropic endpoints, MCP-over-HTTP gateways, and any JSON-based tool endpoint. You can send auth headers, tweak request bodies, and inspect the structured JSON response without leaving the browser.

Explorador de API

Teste APIs REST no navegador com respostas JSON formatadas

Mode:More private. Requires the target API to allow browser CORS.

Request Headers

Requests are sent directly from your browser using fetch(). The target API must allow CORS (Access-Control-Allow-Origin) for cross-origin requests to succeed. Public APIs like JSONPlaceholder work out of the box.

Test REST requests and inspect responses in one place

API debugging usually breaks across multiple tabs: one place for cURL, another for auth headers, another for JSON formatting. The API Explorer keeps the request, the response, and the formatted payload together, with browser mode for public APIs and proxy mode when CORS gets in the way. That makes it useful for classic REST APIs, AI inference endpoints, and JSON-based tool gateways.

Use the API Explorer when you need to

Replay a request from cURL

Paste a cURL command from docs, logs, or terminal history and import the method, URL, headers, auth, and body.

Inspect a JSON API response

Send the request, then switch between formatted, raw, and tree views without leaving the page.

Quickly debug auth, prompt, and header issues

Adjust bearer, basic, or API key auth alongside headers and resend the request in seconds, even when the body contains structured AI instructions or tool payloads.

How to test an API request quickly

1
Enter the request URL manually or import a cURL command from your terminal or API docs.
2
Choose browser mode for CORS-enabled APIs or proxy mode for blocked endpoints, then set the method, headers, auth, and request body.
3
Inspect status, timing, response headers, and the formatted JSON body to confirm what changed.

Keep going

Read the REST API testing guide

See a fuller workflow for reproducing and debugging API requests.

Format JSON payloads

Clean up copied request and response bodies before sharing or diffing them.

Compare two API responses

Spot structural changes between expected and actual payloads faster.

Inspect JWT tokens

Decode bearer tokens when an auth bug might be caused by claims or expiry.

Common API debugging workflows

Import a failing cURL request from logs

Recreate the request in the browser, tweak one header, token, or JSON body field, and resend immediately.

Check why a response changed between environments

Run the same request twice, then pass both payloads into JSON Compare for structural diffs.

Verify an endpoint before wiring it into your app

Test auth, body shape, and response timing before you start debugging frontend code.

Ferramentas relacionadas

LLM JSON Output Validator

Repair and validate model JSON output against a schema

Formatador JSON

Embeleza e formata JSON com recuo configurável

MCP Tool Schema Validator

Validate MCP tool definitions and verify `inputSchema` before deployment

Decodificador JWT

Decodifica tokens JWT: cabeçalho, payload e expiração

Perguntas frequentes

Informe a URL da API, escolha o método HTTP (GET, POST, PUT, PATCH, DELETE), adicione headers e um body se precisar, e clique em Send. A ferramenta faz a chamada direto do seu navegador usando a API fetch() — não existe servidor intermediário.

Erros de CORS (Cross-Origin Resource Sharing) acontecem quando o servidor da API não inclui headers Access-Control-Allow-Origin na resposta. Isso é uma proteção do navegador. APIs públicas como JSONPlaceholder costumam permitir CORS, mas muitas APIs privadas não. Nesse caso, você pode precisar de um proxy de CORS ou testar em um ambiente server-side.

Não. As requisições saem diretamente do seu navegador para a API de destino via fetch(). Nada passa pelos nossos servidores. Você pode confirmar na aba Network do DevTools: a request vai direto para o endpoint da API.

Sim. Use a aba Auth para configurar Bearer token, Basic authentication (usuário/senha) ou um header customizado de API key. As credenciais são adicionadas automaticamente nos headers e ficam apenas no seu navegador.