← API Tester

API Tester – User Guide

Free online API tester - Test REST APIs with GET, POST, PUT, DELETE, PATCH methods. No registration Postman alternative for developers. Debug HTTP requests and responses instantly in your browser.

Overview

API Tester is a free online API testing tool that runs in your browser.

Free online API tester - Test REST APIs with GET, POST, PUT, DELETE, PATCH methods. No registration Postman alternative for developers. Debug HTTP requests and responses instantly in your browser.

Use it to send HTTP requests, inspect responses, and quickly debug REST APIs without installing software.

When to use it

Smoke-test an endpoint after deployment (status code, JSON fields, headers).

Debug authentication by trying Bearer token, Basic Auth, or API Key headers.

Verify request headers/body are correct (Content-Type, Accept, payload).

Share a reproducible request setup with teammates by copying the cURL command.

Step-by-step

1) Select an HTTP method (GET/POST/PUT/DELETE/PATCH/…).

2) Enter the full URL (including query parameters).

3) Add headers you need (e.g., Accept, Content-Type, Authorization).

4) If needed, choose a body type and paste the payload.

5) Click Send, then review status, time, headers, and body.

6) Use Copy cURL to share or record the exact request.

Auth & headers

Bearer Token: Authorization: Bearer <token>.

Basic Auth: username + password.

API Key: put it in a header (e.g., X-API-Key) or in the query string if your API requires it.

Tip: confirm your API’s required header names and token format.

Body types

JSON: most common; use “Format JSON” to validate and pretty-print.

XML/Text: for APIs expecting raw XML or text.

Form Data: for x-www-form-urlencoded style payloads.

Tip: make sure Content-Type matches your body format.

Reading the response

Status code: 2xx usually success; 4xx client error; 5xx server error.

Headers: check Content-Type, cache headers, rate limits, etc.

Body: JSON is formatted for readability; other text is shown as-is.

Raw view: helpful when copying a full response for bug reports.

Examples

Example GET (public JSON):

GET https://jsonplaceholder.typicode.com/users/1

Example POST (JSON):

Header: Content-Type: application/json

Body: {"name":"Alice","email":"alice@example.com"}

Example Bearer token:

Header: Authorization: Bearer <token>

Troubleshooting

CORS blocked: browsers restrict cross-origin calls. If it works in curl/Postman but fails here, your API likely needs CORS configuration.

401/403: auth is missing/invalid or lacks permission. Re-check token, header name, and scope.

415 Unsupported Media Type: Content-Type does not match the body.

Timeout: increase timeout or check network/server performance.

Privacy & safety

Requests are sent from your browser directly to the target API.

Do not paste long-lived production secrets; prefer short-lived tokens or test credentials.

Before sharing output or cURL commands, redact sensitive headers/tokens.