Send HTTP requests online. Test GET, POST, PUT, DELETE endpoints and view responses instantly.
API testing is a critical part of modern software development. Whether you are building a REST API, integrating with a third-party service like Stripe or Twilio, or debugging a microservices architecture, being able to quickly send an HTTP request and inspect the response is invaluable.
This API tester supports all common HTTP methods: GET for retrieving data, POST for creating resources, PUT for full updates, PATCH for partial modifications, DELETE for removing resources, and HEAD for checking headers without downloading the body. You can attach custom headers for authentication, content negotiation, or any other purpose.
All requests are executed directly from your browser using the Fetch API. No data passes through any intermediate server, which means your API keys and request payloads remain private. The response section shows the status code for quick debugging, the elapsed time for performance analysis, and the payload size for monitoring bandwidth usage.
Step 1 — Enter the endpoint URL: Type or paste the full URL of the API you want to test into the Endpoint URL field. A sample URL (JSONPlaceholder) is pre-filled for quick experimentation.
Step 2 — Select the HTTP method: Click one of the method tabs (GET, POST, PUT, DELETE, PATCH, HEAD) to choose the request type. GET is selected by default.
Step 3 — Add headers (optional): Enter custom headers in JSON format if the API requires authorization tokens, specific content types, or other custom header fields.
Step 4 — Add request body (POST, PUT, PATCH only): Enter the JSON payload you want to send in the Request Body field. For GET and DELETE requests, the body field is typically ignored.
Step 5 — Send and inspect: Click "Send Request" and view the response. The tool displays the HTTP status code, response time in milliseconds, payload size, response body, and response headers.
We support GET, POST, PUT, PATCH, DELETE, and HEAD methods for testing any REST API.
Yes, add any custom headers in the headers section including authorization tokens, content-type, and custom fields.
All requests are made directly from your browser. We don't store any of your API calls or credentials.
The tool uses your browser's Fetch API, so it is subject to the same CORS (Cross-Origin Resource Sharing) policies as any web request. If the target API does not set appropriate CORS headers, the request will be blocked by the browser. Many public APIs support CORS, but private or internal APIs may not.
Absolutely. Use the Headers input field to add an Authorization header with your Bearer token, API key, or Basic auth credentials. The token is sent directly from your browser and is never stored on any server.
PUT replaces the entire resource with the data you send — you must include all fields. PATCH applies a partial update — you only need to include the fields you want to change. For example, to update just a user's email, PATCH is more appropriate; to replace an entire user profile, use PUT.
CORS errors occur when the target server does not include your origin in its Access-Control-Allow-Origin response header. This is a browser security mechanism, not a bug in this tool. Solutions include using a CORS proxy, asking the API provider to enable CORS, or testing from a server-side environment instead.
When you send a request, the API responds with a status code that tells you the outcome. Here is a quick reference for the most common codes you will encounter: