About Apiggle
A modern, browser-based API testing tool
What is Apiggle?
Apiggle is a powerful, browser-based API testing tool designed to make HTTP requests simple and efficient. Built with Next.js and deployed on Cloudflare Pages, it combines the convenience of a web application with advanced features like request syncing, credential encryption, and automatic CORS fallback.
Whether you're developing APIs, testing endpoints, or debugging HTTP requests, Apiggle provides all the tools you need in a clean, intuitive interface.
Key Features
π Full HTTP Support
Support for GET, POST, PUT, PATCH, and DELETE methods with custom headers, query parameters, and request bodies.
π Authentication
Built-in support for Basic Auth and Bearer Token authentication. Credentials are encrypted with a master password.
πΎ Save & Organize
Save requests in collections and organize them for easy reuse. All saved locally in your browser.
βοΈ Cloud Sync
Sync your saved requests across devices when authenticated. Access your collections anywhere.
π CORS Fallback
Automatic CORS error detection with backend proxy fallback. Make requests to any API without CORS issues.
π¨ Response Formatting
Syntax highlighting and formatting for JSON, XML, HTML, and more. Preview HTML responses directly.
How to Use
- Make a Request
Enter a URL, select an HTTP method, add headers or parameters if needed, and click Submit.
- View Response
View formatted responses with syntax highlighting. Switch between Preview, Raw, Code, and Headers tabs.
- Save for Later
Click "Save Request" to store it in a collection. Organize related requests together.
- Sync Across Devices
Create an account to sync your saved requests across devices. Your data is always accessible.
- Secure Your Credentials
When you save a request with Basic Auth or Bearer Token for the first time, you'll be prompted to create a master password. This encrypts your credentials locally in your browser.
Restrictions & Quotas
CORS Proxy Usage
When a request fails due to CORS restrictions, Apiggle automatically retries through a backend proxy. This feature requires authentication.
Monthly Quota
Authenticated users have a quota of 1,000 backend proxy requests per month. Direct browser requests (without CORS issues) don't count toward this quota.
π‘ Tip: Most APIs support CORS and won't need the proxy. The quota ensures fair usage of backend resources.
Authentication Requirements
- Optional for basic usage (direct requests, local saves)
- Required for CORS proxy fallback
- Required for request syncing across devices
- Required to track and manage your quota
Privacy & Data Storage
What's Stored Where
- Saved requests and collections
- Encrypted credentials (passwords, tokens)
- Master password salt
- UI preferences
- User account (email, hashed password)
- Synced requests (if authenticated)
- Quota usage tracking
- Session tokens (HTTP-only cookies)
π Your credentials (passwords and tokens) are encrypted using AES-GCM with a key derived from your master password. We cannot decrypt your credentials without your master password.
Tips & Best Practices
- Use Collections: Organize related requests together for easier management.
- Master Password for Credentials: When you save a request with passwords or tokens, you'll be prompted to create a master password. Choose a strong one and remember it - we cannot recover it if you forget!
- Test Locally First: Most requests work directly from the browser without needing the proxy.
- Save Response Examples: After getting a successful response, save the request for future reference.
- Monitor Your Quota: Keep an eye on your remaining proxy requests when logged in.
- Use Query Parameters: Add query params through the UI instead of in the URL for better organization.
Open Source
Apiggle is open source and built with modern web technologies including Next.js, React, Cloudflare Pages, and D1. Contributions and feedback are welcome!