liminfo

API Tester

Free web tool: API Tester

Some external API requests may be blocked due to browser CORS policy.

About API Tester

The API Tester is a lightweight REST client that runs entirely in your browser. Select an HTTP method (GET, POST, PUT, PATCH, or DELETE), enter the target URL, add any number of custom request headers as key-value pairs, and optionally provide a JSON request body for POST, PUT, and PATCH requests. Hit Send and the response status code, elapsed time in milliseconds, response headers, and formatted body appear instantly.

Developers use this tool to quickly verify that an API endpoint is responding correctly, inspect response payloads during development, or debug authentication headers without leaving the browser tab. The response body is automatically pretty-printed when it contains valid JSON, making nested objects and arrays easy to read. Non-JSON responses such as HTML or plain text are displayed as-is.

Because the tool uses the browser's native fetch API, it is subject to the same Cross-Origin Resource Sharing (CORS) restrictions as any JavaScript code running in a browser. APIs that include the appropriate Access-Control-Allow-Origin headers will work without issues. For APIs that do not allow CORS, consider running a local proxy or using a browser extension that disables CORS restrictions for development.

Key Features

  • Supports GET, POST, PUT, PATCH, and DELETE HTTP methods with color-coded labels
  • Add unlimited custom request headers as editable key-value pairs
  • JSON request body editor for POST, PUT, and PATCH requests
  • Displays response status code, status text, and elapsed time in milliseconds
  • Tabbed view separating Response Body and Response Headers
  • Automatic JSON pretty-printing for formatted, readable output
  • Inline CORS error explanation with actionable guidance
  • One-click copy of the response body to the clipboard

Frequently Asked Questions

What HTTP methods does the API Tester support?

The tool supports GET, POST, PUT, PATCH, and DELETE — the five most common RESTful HTTP methods. Each method is color-coded in the response view (green for GET, blue for POST, orange for PUT, yellow for PATCH, red for DELETE) to make it easy to distinguish requests at a glance.

How do I add an Authorization header for a protected API?

Click the + Add button in the Headers section and enter Authorization as the key. For Bearer token authentication enter Bearer your_token_here as the value. For Basic auth you can enter Basic base64encodedcredentials. The tool sends the headers exactly as you enter them.

Why is my request blocked by CORS?

CORS (Cross-Origin Resource Sharing) is a browser security policy that prevents JavaScript from making requests to a different domain unless the server explicitly allows it via the Access-Control-Allow-Origin response header. APIs designed for server-to-server communication typically do not include this header. To test such APIs, use a tool like Postman, curl, or a local CORS proxy.

Can I send a JSON body with my request?

Yes. For POST, PUT, and PATCH requests a request body text area appears automatically. Enter your JSON payload there. If you do not manually set a Content-Type header, the tool automatically adds Content-Type: application/json so the server receives and parses the body correctly.

How is the response time measured?

The tool records a timestamp using performance.now() immediately before calling fetch() and again once the response body has been fully read. The difference is reported in milliseconds and represents the full round-trip time including network latency and server processing time.

Does the API Tester support file uploads or multipart forms?

The current version supports JSON and plain text request bodies. File uploads via multipart/form-data are not supported in this tool. For file upload testing, use a dedicated tool like Postman or curl with the -F flag.

Can I inspect the response headers?

Yes. After a successful request, click the Response Headers tab to see all headers returned by the server. Headers like Content-Type, Cache-Control, Set-Cookie, and custom server headers are displayed as key-value pairs in a readable list.

Is there a way to save or share requests?

The current version does not persist requests between page loads or generate shareable links. Each session starts fresh. For saving and organizing requests, consider using a dedicated API client such as Postman, Insomnia, or Bruno alongside this tool for quick ad-hoc testing.