Backend Developer Toolkit
The daily toolkit for backend engineers — fire HTTP requests, decode JWTs, validate JSON schemas, hash passwords, build cron expressions, calculate CIDR ranges, and convert between every data format you work with. All 42 tools run entirely in your browser: nothing is sent to a server, no account needed, no tracking.
Open API Tester→Featured Tool
API Tester
Send HTTP requests to CORS-enabled APIs and inspect responses — runs in your browser
Open API Tester→All Tools (42)
Send HTTP requests to CORS-enabled APIs and inspect responses — runs in your browser
Convert cURL commands to JavaScript fetch, axios, Python requests, Node.js, or PowerShell
Searchable reference of every HTTP response code
Searchable reference of common HTTP headers
Searchable reference of common MIME content types
Encode and decode HTTP Basic Authentication headers from username and password
Parse, validate, format, and minify JSON
Test regular expressions with live match highlighting
Format SQL across multiple dialects
Parse and validate YAML, see line and column errors
Pretty-print and indent XML documents
Run JSONPath expressions against any JSON document and inspect the matched paths and values
Validate JSON documents against a JSON Schema (Draft 2020-12) and see precise errors
Convert between JSON and YAML in either direction
Convert between JSON and XML in either direction
Parse CSV to JSON and serialize JSON to CSV
Generate TypeScript interfaces or type aliases from any JSON sample
Generate Go structs with JSON tags from any JSON sample
Generate mock JSON arrays from a schema
Decode JSON Web Token header and payload
Sign JSON Web Tokens with HS256, HS384, or HS512 in your browser
MD5, SHA-1, SHA-256, SHA-512, and HMAC
Compute HMAC-SHA-1, SHA-256, SHA-384, or SHA-512 with any secret
Generate and verify bcrypt password hashes with a tunable cost factor
AES-GCM encrypt and decrypt with passphrase
Generate Time-based One-Time Passwords from a base32 secret — RFC 6238 compatible
Crypto-secure random passwords
Score password strength and entropy
Generate UUID v4, v7, and NIL identifiers
Generate strong, memorable passphrases from the EFF Diceware wordlist (7,776 words)
UTF-8-safe Base64 encoder and decoder
Percent-encode and decode URI components
Convert numbers across bases 2 to 36
Encode and decode HTML entities
Escape and unescape \uXXXX sequences
Build and explain cron schedules in plain English
Convert datetimes between timezones
Convert between Unix epoch and ISO/local datetime
Compute the difference between two dates
Convert Unix file permissions between octal and symbolic notation
Calculate network, broadcast, host range, and netmask for any CIDR block
Parse a user-agent string into browser, engine, OS, device, and CPU details
Workflow: Debug an API Integration
A realistic end-to-end flow for diagnosing a broken third-party API call.
Convert the failing cURL command to readable code — cURL Converter
Paste the cURL snippet from your shell history to see the equivalent fetch or axios call — headers, body, and auth all mapped out.
Fire the request and inspect headers and body — API Tester
Send the request directly, examine the raw response status, headers, and JSON body without switching to Postman.
Look up an unfamiliar status code — HTTP Status Codes
Get a plain-English explanation of the response code — semantics, when to retry, and common causes.
Decode the JWT in the Authorization header — JWT Decoder
Paste the Bearer token to inspect the header algorithm and payload claims — expiry, scopes, and issuer — without a library.
Validate the response shape against your schema — JSON Schema Validator
Run the API response body through your JSON Schema to surface missing fields or type mismatches before they reach production.
Generate Go structs from the confirmed JSON — JSON to Go
Paste the valid response JSON once and get idiomatic Go structs with json tags — ready to drop into your service.