API Request / curl Command Builder - Multi-Language HTTP Code Generator (curl, fetch, axios, requests, Go)

First Published:
Last Updated:

Build an HTTP request visually and instantly generate ready-to-use code in curl (bash and PowerShell), JavaScript fetch, Node.js axios, Python requests, and Go net/http at the same time. All code generation is performed entirely within your browser — no requests are sent and no data leaves your device.

  • This tool is provided "AS IS" without any warranties of any kind.
  • The author accepts no responsibility for incorrect generated code, leaked secrets, or any other issues arising from use of this tool.
  • Generated code should be reviewed and tested before use in production. Per-language quoting and escaping rules can interact in subtle ways.
  • Do not paste real production credentials into a shared screen. The page never transmits data, but bystanders can see your screen.
  • By using this tool, you accept full responsibility for any outcomes.

Privacy: This tool uses client-side JavaScript for all processing. No HTTP requests are sent from this page, no data is uploaded, all processing happens locally in your browser. Once loaded, this tool continues to work even without an internet connection. For more details, please refer to our Web Tools Disclaimer.

Query Parameters
Headers
Authentication
Request Body
Generated Code (updates as you type)
curl (bash / sh / zsh) — single-quote escaping
curl (PowerShell) — backtick-escaped double quotes; uses curl.exe to bypass the Invoke-WebRequest alias
JavaScript Fetch API (browsers and modern Node.js)
Node.js axios (CommonJS)
Python requests
Go net/http (standard library)

Features

  • Six languages, generated simultaneously: curl (bash), curl (PowerShell with backtick-escaped double quotes and curl.exe to avoid the Invoke-WebRequest alias), JavaScript fetch, Node.js axios, Python requests, and Go net/http. Switch tabs without losing context.
  • Per-language safe escaping: bash uses single-quoted strings with the '\'' idiom. PowerShell uses backtick escapes for `, $, and ". Python prefers '...' and falls back to "..." with escapes when needed. Go prefers raw backtick strings and falls back to interpreted strings.
  • Smart JSON inlining: if your JSON body is parseable, fetch and axios emit JSON.stringify({ ... }) with a real object literal (not a stringified string), and Python emits json={...} with a native dict. Invalid JSON gracefully falls back to a raw string body.
  • Authentication helpers: Basic (auto base64-encodes the UTF-8 byte sequence of user:pass), Bearer Token, and API Key (sendable as either a header or a query parameter). All values appear in every output.
  • Body types: JSON with a one-click formatter, application/x-www-form-urlencoded from key/value rows, multipart/form-data with the @filename convention, or a raw body with a custom Content-Type.
  • Six API presets: GitHub user lookup, Swagger Petstore, Amazon Bedrock InvokeModel, Anthropic Messages API, JSONPlaceholder, and httpbin form POST — load a working example with one click.
  • Validation: URL syntax check, http/https warning, double-encoding detection, non-ASCII warning, JSON validation with parser error messages, and a warning when a non-body method (GET / HEAD / OPTIONS) carries a body.
  • Per-row enable/disable: toggle individual query parameters, headers, or body fields without deleting them.
  • Copy buttons: each output has its own one-click copy button with a clipboard fallback.
  • Keyboard accessible: use Left/Right arrow keys on the output tabs to switch languages without a mouse.
  • 100% client-side: no requests are sent from this page. Once loaded, the tool keeps working offline.

How to Use

  1. Optional: Load a preset. Pick from the "Preset" dropdown to populate every field with a working example.
  2. Set the method and URL. Choose an HTTP method and enter the request URL. Validation messages appear under the URL field.
  3. Add query parameters. Click + Add parameter to push an empty row, then fill in name/value. Uncheck the leftmost checkbox to temporarily exclude a row from the output without deleting it.
  4. Add headers. Same pattern as query parameters. Content-Type is added automatically when needed for JSON, form, or raw bodies.
  5. Configure authentication. Choose Basic (user/password), Bearer (token), or API Key (custom header or query parameter name). The credentials appear in every generated language.
  6. Set the body. Pick JSON / form / multipart / raw. For JSON, click Format JSON to pretty-print. For multipart, prefix a value with @ to reference a file (e.g. @./photo.jpg).
  7. Switch output tabs to view the equivalent code in each language. Use the Copy button on the active tab to copy that output.
  8. Reset Form at the top right clears everything back to a clean GET request.

Important Notes

  • This tool does not send requests. It is a code generator only. To execute a request, copy the output into your terminal, browser console, Node.js script, Python interpreter, or Go program.
  • bash escaping. Each argument is wrapped in single quotes; embedded single quotes are escaped as '\''. This is robust against any payload, including JSON, JWTs, and shell metacharacters.
  • PowerShell escaping. Output uses curl.exe rather than the curl alias because in PowerShell curl is bound to Invoke-WebRequest, whose flag syntax differs entirely from real curl. Inside double-quoted PowerShell strings the escape character is the backtick (`), so " becomes `" and $ becomes `$ to suppress variable interpolation.
  • JavaScript fetch in browsers. Cross-origin requests are subject to CORS. The generated fetch code only works against APIs that send the appropriate Access-Control-Allow-* headers, or against same-origin endpoints. This is a browser policy, not a limitation of this tool.
  • Node.js axios. The output uses CommonJS require. For ESM, change to import axios from 'axios';. For multipart, the output uses the form-data npm package, which is a standard companion for axios on Node.js.
  • Python requests. When the JSON body is valid, the output uses json={...} with a native Python dict, which lets requests set Content-Type: application/json and serialize correctly. When the JSON is invalid, it falls back to data=<string>.
  • Go net/http. The output prefers Go raw-string literals (`...`) so backslashes and quotes inside JSON bodies do not need escaping. If your body itself contains a backtick, the output falls back to an interpreted (double-quoted) string.
  • Amazon Bedrock preset and AWS SigV4. The InvokeModel preset shows the request shape only. AWS SigV4 signing is intentionally not generated client-side; in practice you should call Bedrock through the AWS SDK or an SDK-signed proxy. Use the preset as a payload reference.
  • Bearer tokens, API keys, and Basic credentials are sensitive. They appear in plaintext in the generated outputs. Avoid pasting production credentials into screen shares, screenshots, or anything you save outside of a secrets manager.
  • multipart/form-data. The boundary string is generated by each HTTP client at send time, so this tool does not emit a literal boundary. The Go output uses writer.FormDataContentType() to ensure the right Content-Type header.
  • GET / HEAD / OPTIONS with a body. A warning appears under the body section. Many servers, proxies, and CDNs ignore (or strip) the body on these methods.
  • This tool generates curl, fetch, axios, Python requests, and Go net/http output. The original specification listed httpie as an additional target — this is intentionally omitted in the current MVP. httpie syntax reference
  • PowerShell output uses curl.exe instead of Invoke-WebRequest to avoid the PowerShell alias confusion (PS5/PS7's curl alias points to Invoke-WebRequest, not curl). If you need Invoke-WebRequest output, the parameter mapping is documented at Microsoft Learn.

References:
Tech Blog with curated related content
Web Tools Collection

Written by Hidekazu Konishi