How do I test a REST API in my browser?

Enter the API URL, select the HTTP method, add any headers or body, and click Send. Use Browser mode when the target API already allows CORS. If the browser blocks the request, switch to Proxy mode to route the request through the JSONTech edge worker for testing.

Why am I getting a CORS error?

CORS (Cross-Origin Resource Sharing) errors happen in Browser mode when the target API does not include Access-Control-Allow-Origin headers. Public APIs like JSONPlaceholder usually work. Many private or internal APIs do not. You can either ask the API owner to allow your origin or switch the API Explorer to Proxy mode for testing.

Is my API data sent to your server?

In Browser mode, no — the request goes straight from your browser to the target API. In Proxy mode, the request URL, headers, auth, and body pass through the JSONTech edge worker so it can complete the request on your behalf. We do not store that proxy traffic.

Can I send authenticated API requests?

Yes. Use the Auth tab to configure Bearer token, Basic authentication, or a custom API key header. In Browser mode the credentials stay in your browser. In Proxy mode they are forwarded through JSONTech edge infrastructure for the live request and are not stored.

Can I test AI APIs and tool endpoints here?

Yes. API Explorer works well for OpenAI-compatible APIs, Anthropic endpoints, MCP-over-HTTP gateways, and any JSON-based tool endpoint. You can send auth headers, tweak request bodies, and inspect the structured JSON response without leaving the browser.

API 探索

在浏览器中测试 REST API 并格式化 JSON

Mode:More private. Requires the target API to allow browser CORS.

Request Headers

Requests are sent directly from your browser using fetch(). The target API must allow CORS (Access-Control-Allow-Origin) for cross-origin requests to succeed. Public APIs like JSONPlaceholder work out of the box.

Test REST requests and inspect responses in one place

API debugging usually breaks across multiple tabs: one place for cURL, another for auth headers, another for JSON formatting. The API Explorer keeps the request, the response, and the formatted payload together, with browser mode for public APIs and proxy mode when CORS gets in the way. That makes it useful for classic REST APIs, AI inference endpoints, and JSON-based tool gateways.

Use the API Explorer when you need to

Replay a request from cURL

Paste a cURL command from docs, logs, or terminal history and import the method, URL, headers, auth, and body.

Inspect a JSON API response

Send the request, then switch between formatted, raw, and tree views without leaving the page.

Quickly debug auth, prompt, and header issues

Adjust bearer, basic, or API key auth alongside headers and resend the request in seconds, even when the body contains structured AI instructions or tool payloads.

How to test an API request quickly

1
Enter the request URL manually or import a cURL command from your terminal or API docs.
2
Choose browser mode for CORS-enabled APIs or proxy mode for blocked endpoints, then set the method, headers, auth, and request body.
3
Inspect status, timing, response headers, and the formatted JSON body to confirm what changed.

Keep going

Read the REST API testing guide

See a fuller workflow for reproducing and debugging API requests.

Format JSON payloads

Clean up copied request and response bodies before sharing or diffing them.

Compare two API responses

Spot structural changes between expected and actual payloads faster.

Inspect JWT tokens

Decode bearer tokens when an auth bug might be caused by claims or expiry.

Common API debugging workflows

Import a failing cURL request from logs

Recreate the request in the browser, tweak one header, token, or JSON body field, and resend immediately.

Check why a response changed between environments

Run the same request twice, then pass both payloads into JSON Compare for structural diffs.

Verify an endpoint before wiring it into your app

Test auth, body shape, and response timing before you start debugging frontend code.

常见问题

输入 API URL，选择 HTTP 方法（GET、POST、PUT、PATCH、DELETE），按需添加 headers 和请求体，然后点击 Send。工具直接使用浏览器的 fetch() 发起请求，不经过任何后端服务器。

当 API 响应里没有包含 Access-Control-Allow-Origin 等 CORS 相关 header 时，浏览器会拦截跨域读取，这属于浏览器安全机制。像 JSONPlaceholder 这类公共 API 通常允许 CORS，但很多私有 API 不允许。你可能需要使用 CORS 代理，或在服务端环境里测试。

不会。所有请求都由你的浏览器通过 fetch() 直接发往目标 API，不会经过我们的服务器。你也可以在浏览器 Network 面板里验证：请求会直接指向 API endpoint。

可以。在 Auth 里配置 Bearer token、Basic authentication（用户名/密码）或自定义 API key header。凭据会自动加到请求 headers 中，并且只保留在你的浏览器里。