All tools
Development tools

API Request Tester

Send HTTP requests with custom headers, body and auth — then inspect the full response: status code, headers and body.

GET/POST/PUT/DELETE/PATCH Custom headers JSON body Basic & Bearer auth Response inspector No CORS limits
Get started free Sign in

Free · No credit card · 50 credits/day

HTTP methods reference

Method Purpose Idempotent Has body
GET Retrieve a resource Yes No
POST Create a new resource No Yes
PUT Replace a resource entirely Yes Yes
PATCH Partially update a resource No Yes
DELETE Remove a resource Yes Optional
HEAD Like GET but returns headers only Yes No
OPTIONS Discover supported methods (CORS) Yes No

Frequently asked questions

What is the difference between REST and GraphQL?

REST uses multiple endpoints (one per resource) with HTTP verbs (GET /users, POST /users). GraphQL uses a single endpoint where the client specifies exactly which fields to return. REST is simpler to cache and debug; GraphQL reduces over-fetching and is popular in frontend-heavy apps.

Why do API requests fail with CORS errors in the browser?

Browsers enforce the Same-Origin Policy — JavaScript can only make requests to the same domain unless the server includes CORS headers. API testers that run server-side bypass this restriction entirely because the request comes from a server, not a browser. This is why an API that fails in your browser JS may work fine in a server-side tester.

What is the difference between 401 Unauthorized and 403 Forbidden?

401 means the client is not authenticated — no credentials were sent, or they are invalid. The client should authenticate and retry. 403 means the client is authenticated but lacks permission for that resource. Authentication won't help for a 403 — the user simply lacks the required role.

What is API versioning and why does it matter?

API versioning lets you change your API without breaking existing clients. Common strategies: URL versioning (/api/v1/users), header versioning (API-Version: 2), and query parameter versioning (?version=2). Always version your API from day one — retrofitting versioning is painful.

Related dev tools

More tools for inspecting and debugging APIs.

CORS Tester

Test CORS preflight and response headers for any endpoint.

JWT Debugger

Decode, verify and encode JWT tokens — useful for testing authenticated APIs.

HTTP Headers Viewer

Inspect all response headers and get a security grade for any URL.

Test your API right now

Free account. 50 credits per day. Access to 75+ tools instantly.

Create free account →