API Debugging Studio
Paste a cURL command or upload a HAR entry. Get one debugging board with headers, body, JWT, scan findings, snippets, Postman export, and a redaction-aware share.
When to use
- You have a cURL command from a failing API call and want to see everything about it on one screen.
- You captured a HAR file and want to deeply inspect one specific request/response without scanning the whole file.
- You need to share a debug artifact safely — with secrets and PII redacted and the share gated by the standard pre-share scan.
Input
Paste a cURL command from your terminal or a captured HAR file from your browser's DevTools. The Studio normalizes it into a single artifact and renders a multi-panel debugging board so you can see, in one screen:
- Request method, URL, host/path, status (HAR), and timing (HAR).
- Parsed request and response headers.
- Query parameters extracted from the URL.
- Pretty-printed request and response bodies (JSON/form/raw).
- Decoded JWT header and payload when the Authorization header carries a Bearer JWT, with expiry status.
- Secrets and PII scan findings — and one-click apply/undo redactions before copying or sharing.
- Security-header analysis (HAR responses).
- "Possible issues" grounded in the specific request: expired tokens, body without Content-Type, JSON-body mismatch, error status, cookies missing Secure.
Reach for the Studio when you have a single API call to debug end-to-end. The dedicated tools — cURL Converter for snippet generation across many languages, JWT Decoder for deep token inspection, HTTP Headers for header policy lookups, HAR Sanitizer for full-HAR redaction — remain the right home when you want depth on one job.
- Code snippet (fetch, axios, python-requests, curl) — one click, copies to clipboard.
- Postman v2.1.0 single-request collection — one click, downloads as
.postman_collection.json. - Share — routes through the standard pre-share scan + encrypted share modal; redactions you applied on the board are carried into the share.
- Send to — moves the body, JWT, or full cURL into JSON Formatter, JSON Diff, JWT Decoder, cURL Converter, or Workflow Studio.
Everything runs in your browser. No artifact, header, body, token, or finding ever leaves the page. HAR files are read locally; the file is never uploaded. The Share button uses the same encrypted share gate as every other Daily Developer Tools sharing feature, which always runs a mandatory pre-share secrets/PII scan first.
- cURL Converter — generate snippets in Go, PHP, C#, PowerShell, Rust and more.
- HAR Sanitizer — redact an entire HAR before sharing.
- JWT Decoder — full decode with signature inspection.
- HTTP Headers — header reference and parser.
- HTTP Security Headers Analyzer — policy-level analysis of a response.
- Request Snippet Generator — generate request snippets from raw fields.
- Workflow Studio — chain multiple tools into a pipeline.