Tools Developer Tools

← Back to all tools

Free REST Client

Test API requests from your browser. Save requests locally. No login. No cloud sync.

Requests and saved collections stay in your browser. Nothing is uploaded to Balance On Hand.

Request editor

Requests use your browser's fetch. If a request works in Postman but fails here, it's almost always CORS — browser tools follow CORS rules, Postman does not.

Enabled params are appended to the URL when sending.

Response


              

Generate code


            

Why some requests work in Postman but not here

This tool runs entirely in your browser using the fetch API. It can call HTTP and HTTPS APIs, including localhost services — but browsers enforce CORS and certificate rules that desktop tools like Postman don't. This is normal browser security, not a bug in the tool.

Requests usually work when: the API sends Access-Control-Allow-Origin, local microservices have CORS enabled, and HTTPS certificates are trusted by your browser.

Requests may be blocked when: the server doesn't send Access-Control-Allow-Origin, the CORS preflight fails, a self-signed certificate isn't trusted, or the API needs network/VPN access the browser doesn't have.

For local development only, a Spring Boot service can enable CORS, for example:

@CrossOrigin(origins = "https://balanceonhand.com")
// or, for local-only testing:
@CrossOrigin(origins = "*")

Your requests stay in your browser

Requests are sent directly from your browser to the API you enter. Saved requests, collections, and environments are stored only in this browser's local storage — there's no account, no cloud sync, and no tracking. Clear them any time with "Clear all".

From Balance On Hand

Built by Balance On Hand

Free tools with no login, no upload, and no unnecessary friction — plus a cash-flow planning app that helps you see how bills, subscriptions, loans, income, and spending affect your future balance.