Online API Tester & cURL Builder
Debug REST APIs directly from your browser with support for GET, POST, custom headers, and authentication.
Flag Explanations:
- -L (--location): If the server says "Moved" (301/302), curl will go to the new address automatically.
- -k (--insecure): Tells curl to accept "bad" SSL certificates (e.g., self-signed or expired). Useful for testing internal dev servers.
- -v (--verbose): Shows the hidden conversation (Headers) between you and the server, not just the final content.
- -I (--head): Fetches only the headers (useful to check if a file exists without downloading it).
- -f (--fail): Makes curl fail on server errors (404, 500) instead of outputting the error page HTML.
🚀
Enter a URL to inspect headers and debug connections.
What this tool does
This utility executes HTTP requests (GET, POST, PUT, etc.) directly from the browser to test REST API endpoints. It allows customization of request headers, bodies, and authentication tokens, and displays the raw response headers and body for analysis.
When engineers use this
- Debugging API endpoint behavior and validating status codes during development.
- Inspecting HTTP response headers for security configurations (e.g., CORS, HSTS).
- Testing API responses with specific User-Agent strings or custom headers.
- Troubleshooting authentication failures (401/403) by manually crafting requests.
How to interpret the results
- Status Code: The HTTP return code indicating success (2xx), redirection (3xx), or error (4xx/5xx).
- Headers: Metadata returned by the server, including content type and caching directives.
Understanding HTTP Methods
REST APIs rely on standard HTTP verbs to perform actions. GET retrieves data, POST creates new resources, PUT updates existing ones, and DELETE removes them.
Status Codes Matter
A 200 OK means success, while 400 Bad Request usually means your input was invalid. 401/403 indicate authentication issues, and 500 implies a server-side crash.