These tools provide quick, memorable ways to test your connections or API calls.
Any of the following base endpoints are valid:
When working with an HTTP request library or designing an HTML form, there is a need to see what the library or your browser is sending as a request. Did it send an Authorization header? What form data did it send? Simply swap the API's endpoint or your form's action withhttps://exe.st/apito get those answers.Response:
Returns the request headers, query string, and post data from the user agent or browser. Coming soon: cookies.
The response is formatted as indented JSON. The following sections will be included if the corresponding data is sent:
"request_headers"- List of headers sent by the user agent."raw_query_string"- The query string as is."parsed_query_string"- The query string parsed and URL decoded into key value pairs. Since duplicate keys are interpreted differently per API, the full list is shown in the order they are read. For duplicate keys, APIs might only read the first occurrence of a key, the last occurrence, combine the values of duplicate keys into a single string, or handle them as a list."raw_post_data"- The post data as is, probably encoded as base64."parsed_post_data"- The post data parsed and URL decoded into key value pairs. Since duplicate keys are interpreted differently per API, the full list is shown in the order they are read. For duplicate keys, APIs might only read the first occurrence of a key, the last occurrence, combine the values of duplicate keys into a single string, or handle them as a list.Example:
$ curl http://exe.st/api { "request_headers": { "accept": "*/*", "content-length": "0", "host": "exe.st", "user-agent": "curl/7.64.1", "x-forwarded-for": "192.0.2.127", "x-forwarded-port": "443", "x-forwarded-proto": "https" } }Example (GET):
$ curl 'http://exe.st/api?first_name=Gary&last_name=Smith&first_name=Leroy' { "parsed_query_string": [ { "key": "first_name", "value": "Gary" }, { "key": "last_name", "value": "Smith" }, { "key": "first_name", "value": "Leroy" } ], "raw_query_string": "first_name=Gary&last_name=Smith&first_name=Leroy", "request_headers": { "accept": "*/*", "content-length": "0", "host": "exe.st", "user-agent": "curl/7.64.1", "x-forwarded-for": "192.0.2.127", "x-forwarded-port": "443", "x-forwarded-proto": "https" } }Example (POST):
$ curl http://exe.st/api -d 'first_name=Gary&last_name=Smith&first_name=Leroy' { "parsed_post_data": [ { "key": "first_name", "value": "Gary" }, { "key": "last_name", "value": "Smith" }, { "key": "first_name", "value": "Leroy" } ], "raw_post_data": "Zmlyc3RfbmFtZT1HYXJ5Jmxhc3RfbmFtZT1TbWl0aCZmaXJzdF9uYW1lPUxlcm95", "request_headers": { "accept": "*/*", "content-length": "48", "content-type": "application/x-www-form-urlencoded", "host": "exe.st", "user-agent": "curl/7.64.1", "x-forwarded-for": "192.0.2.127", "x-forwarded-port": "443", "x-forwarded-proto": "https" } }
How does your code handle errors returned from an API? Testing that can be tricky since you may not be able to get the API to generate the errors you want to test. With this endpoint, swap the endpoint to the API withhttps://exe.st/api/{the error code you want to test}to see how your code reacts.
This function supports all 97 accepted and unofficial HTTP status codes detailed on the Wikipedia List of HTTP status codes page.Response:
For most HTTP status codes, this simply returns the code you request. Exceptions are noted below under each status code.
A body is returned with each error, but it is irrelevant. The status code from the response header is what's important.2xx Success:
Example 200 - OK
$ curl -I http://exe.st/api/200 HTTP/1.1 200 OK Content-Type: text/html Content-Length: 496 Connection: keep-alive Date: Wed, 24 Feb 2021 23:02:12 GMT ...3xx Redirection:
301 and 302 redirects - A "location" header is included pointing tohttps://exe.st, using the protocol with which it was requested.Example 301 - Moved Permanently
$ curl -I https://exe.st/api/301 HTTP/2 301 content-type: text/html content-length: 503 location: https://exe.st date: Thu, 25 Feb 2021 02:03:06 GMT ...4xx Client Errors:
401 Unauthorized - A "www-authenticate" header is included requesting basic authentication.
You can specify a different authentication scheme to be returned by adding it to the endpoint. Available schemes are 'basic', 'bearer', 'digest', 'hoba', 'mutual', and 'aws4-hmac-sha256'.Example 401 - Unauthorized (default)
$ curl -i https://exe.st/api/401 HTTP/2 401 content-type: text/html content-length: 524 date: Thu, 25 Feb 2021 16:38:29 GMT www-authenticate: Basic realm="Access to the exe.st API.", charset="UTF-8" ...Example 401 - Unauthorized (bearer)
$ curl -i https://exe.st/api/401/bearer HTTP/2 401 content-type: text/html content-length: 524 date: Thu, 25 Feb 2021 16:45:03 GMT www-authenticate: Bearer realm="Access to the exe.st API.", charset="UTF-8" ...5xx Server Errors:
Example 503 - Service Unavailable
$ curl -i https://exe.st/api/503 HTTP/2 503 content-type: text/html content-length: 531 date: Thu, 25 Feb 2021 16:34:42 GMT ...
Is your code authorizing properly? Use this endpoint to test if your code is sending credentials properly.Response:
Responds with an HTTP status code of 200 OK if authentication is successful. Returns a code of 403 Forbidden if authentication failed.
You can specify the authentication scheme to require by including the scheme in the endpoint. Otherwise, any of the following will succeed with the right credentials. For example, to require "bearer" authentication, callhttps://exe.st/auth/bearer. Supported schemes are 'basic' and 'bearer'.Basic Authentication:
A username of "guest" and a password of "pencil" will return a status code of 200. Any other credentials or no credentials will return a 403 Forbidden.Example 200 - OK (valid credentials)
$ curl -i -u guest:pencil https://exe.st/api/auth/basic HTTP/2 200 content-type: text/html content-length: 504 date: Thu, 25 Feb 2021 17:31:56 GMT ...Example 403 - Forbidden (wrong password)
$ curl -i -u guest:1234 https://exe.st/api/auth/basic HTTP/2 403 content-type: text/html content-length: 521 date: Thu, 25 Feb 2021 17:48:29 GMT ...Bearer Authentication:
A token of "0123456789" will return a status code of 200. Any other token or no token will return a 403 Forbidden.Example 200 - OK (corrent token)
$ curl -i -H 'Authorization: Bearer 0123456789' https://exe.st/api/auth/bearer HTTP/2 200 content-type: text/html content-length: 504 date: Thu, 25 Feb 2021 22:01:50 GMT ...Example 403 - Forbidden (wrong token)
$ curl -i -H 'Authorization: Bearer AaAaAaAaA' https://exe.st/api/auth/bearer HTTP/2 403 content-type: text/html content-length: 521 date: Thu, 25 Feb 2021 17:55:38 GMT ...
Do you need to whitelist your IP address? Sometimes your address isn't obvious since VPNs and proxy servers will present a different IP than your router. This tells you what a server sees as your external IP address for HTTP requests.Response:
Returns your IP address as seen by a server outside your local network.
The output is returned as plaintext.Example:
$ curl http://exe.st/ip 192.0.2.127
Building a large circular structure in Minecraft can be challenging. This endpoint generates a list of coordinates for a circle based on the radius (r) and center coordinates (x and z) specified in the query string.Response:
Returns a list of x,z coordinates.
The output is returned as plaintext.Example:
$ curl 'http://exe.st/minecraft/circle?r=59&x=14&z=134' -45,134 -45,135 -45,136 -45,137 -45,138 -45,139 -45,140 -45,141 -44,142 -44,143 -44,144 -44,145 -44,146 -44,147 -43,148 -43,149 -43,150 -42,151 ...