Toolbox for developers / Online REST tester

REST client online

: It allows to test local REST API. You must allow CORS in your REST API (more informations about CORS).
: It allows to test public REST API. Sometimes our server is blacklisted ...
Your favorites requests
Favorite request
Warning, the backup of favorites is local in your browser, it can be deleted at any time.

This tester tool allows you to test rest API online. You can test local or public REST API:

  • The requests are launched directly from the browser to test local API (not accessible from the internet). CORS must be enabled.
  • The requests are launched from our server to test public API. CORS do not need to be enabled.

You can see the user guide to help you to use this REST client. This tool does not work on IE.

User guide

This guide explains how to test JSON API online with this tool:

  • How to call a web service:

    Step 1 - Select the HTTP method

    Step 2 - Fill the URL of web service to test.

    Step 3 - Add a basic authentication or headers if necessary. You can also add a request body if necessary.

    Step 4 - Call your web service

    REST Testing tool

    You can also beautify the web service response if it is XML or JSON data.

    Format XML and JSON response
  • Cross-origin resource sharing (CORS) :

    Select the place of sending of the request: From browser or from server
    If you want to test a custom REST API which is not public, select from browser. But CORS must be enabled.
    If you want to test a public REST API which for which CORS is not enabled, select from server.

    see more informations about CORS.

  • Favorite requests:

    You can save your favorite requests so that you will find it during your next visits.
    Click on the "Add or update a favorite" button to add or update current request in favorites.
    Click on the "List of favorites" button in order to load a favorite request.

    Warning, this is a local backup in your browser, it can be deleted at any time.


Cross-Origin Resource Sharing (CORS)

CORS must be activated

When you select "Send REST API Request from your Browser" mode, it creates HTTP requests on the client side, your browser directly launches requests, the calls are cross domain. Cross-Origin Resource Sharing (CORS) is a mechanism to let a user agent gain permission to access selected resources from a server on another domain (than

You must allow CORS in your REST API. Example for CORS in php:

header('Access-Control-Allow-Origin: *');
You also need to authorize headers if you need to send headers in yours requests:
header('Access-Control-Allow-Headers: *');

If you want to know more about Cross-Origin Resource Sharing:

Testing REST API Manually

This rest client allows to test API online. This can be useful for a small test of an API, for example to launch 3 or 4 requests, it does not require installation.

You can launch requests to a public REST API (CORS can be diabled). You can also test your local API, with requests launched directly in the browser.

It is better to use a more functional heavy client in the case of advanced tests. API testing tools do not replace test automation (for example: UI tests with selenium ... ).

About REST (Representational state transfer)

REST is a set of architectural principles which is stateless (not keep a client state on the server). It is a alternative to SOAP (Simple Object Access Protocol), which is more heavyweight.

There is no standard for the description format of REST services. To describe a REST webservice you can use WADL, Swagger/OpenAPI, RAML and others formats.

REST usually structures data in JSON, but it can also be XML, YAML, or any other format.

A RESTful API Web service uses both HTTP and REST, it includes:

  • A base URI for the API
  • Internet Media Types Used by the REST API (such as JSON or XML)
  • Request operations such as GET, PUT, POST, PATCH or DELETE

REST asks developers to use HTTP methods explicitly :

  • GET: To retrieve a resource
  • PUT: To add or update a resource
  • PATCH: To partially update a resource
  • DELETE: To delete a resource
  • POST: Everything else

Facebook, Google, Twitter ... provide REST APIs. You can find many useful APIs for developers.

The tools are provided "as is", without warranty of any kind, either express or implied.