API & Web
Processed locally in your browser

API Debugging Studio

Paste a cURL command or upload a HAR entry. Get one debugging board with headers, body, JWT, scan findings, snippets, Postman export, and a redaction-aware share.

Tool workspace

When to use
  • You have a cURL command from a failing API call and want to see everything about it on one screen.
  • You captured a HAR file and want to deeply inspect one specific request/response without scanning the whole file.
  • You need to share a debug artifact safely — with secrets and PII redacted and the share gated by the standard pre-share scan.
Shortcuts: Ctrl + Enter Build board

Input

What the API Debugging Studio does

Paste a cURL command from your terminal or a captured HAR file from your browser's DevTools. The Studio normalizes it into a single artifact and renders a multi-panel debugging board so you can see, in one screen:

  • Request method, URL, host/path, status (HAR), and timing (HAR).
  • Parsed request and response headers.
  • Query parameters extracted from the URL.
  • Pretty-printed request and response bodies (JSON/form/raw).
  • Decoded JWT header and payload when the Authorization header carries a Bearer JWT, with expiry status.
  • Secrets and PII scan findings — and one-click apply/undo redactions before copying or sharing.
  • Security-header analysis (HAR responses).
  • "Possible issues" grounded in the specific request: expired tokens, body without Content-Type, JSON-body mismatch, error status, cookies missing Secure.
  • A status-code playbook (HAR responses) explaining what the status means, its likely causes, and concrete fixes.
  • A request triage checklist of things to check — missing auth, Content-Type vs body mismatch, no Accept header, plain http instead of https.
When to use it

Reach for the Studio when you have a single API call to debug end-to-end. The dedicated tools — cURL Converter for snippet generation across many languages, JWT Decoder for deep token inspection, HTTP Headers for header policy lookups, HAR Sanitizer for full-HAR redaction — remain the right home when you want depth on one job.

What you can export
  • Code snippet (fetch, axios, python-requests, curl) — one click, copies to clipboard.
  • Postman v2.1.0 single-request collection — one click, downloads as .postman_collection.json.
  • Share — routes through the standard pre-share scan + encrypted share modal; redactions you applied on the board are carried into the share.
  • Send to — moves the body, JWT, or full cURL into JSON Formatter, JSON Diff, JWT Decoder, cURL Converter, or Workflow Studio.
Privacy

Everything runs in your browser. No artifact, header, body, token, or finding ever leaves the page. HAR files are read locally; the file is never uploaded. The Share button uses the same encrypted share gate as every other Daily Developer Tools sharing feature, which always runs a mandatory pre-share secrets/PII scan first.

Related tools
Related guides

How to use the API Debugging Studio

Paste a cURL command from your terminal or a captured HAR entry from your browser's DevTools, then click Build board to get a full debugging view — headers, body, JWT, security findings, and code snippets — all on one screen, entirely in your browser.

What it does

When to use it

FAQ

Runs locally in your browser. No API calls, headers, or tokens are uploaded. HAR files are read and processed entirely on your device.