GraphQL and REST API for Testing and Prototyping
fake data | real responses | 24/7 online
Trying it Out
POST /public/v2/users | Create a new user |
GET /public/v2/users/6942909 | Get user details |
PUT|PATCH /public/v2/users/6942909 | Update user details |
DELETE /public/v2/users/6942909 | Delete user |
Nested Resources
POST /public/v2/users/6942909/posts | Creates a user post |
POST /public/v2/posts/6942909/comments | Creates a post comment |
POST /public/v2/users/6942909/todos | Creates a user todo |
- Do not post your personal data like name, email, phone, photo etc...
- For paged results parameter "page" and "per_page" should be passed in url ex: GET
/public/v2/users?page=1&per_page=20
(max 100 results per page) - Request methods PUT, POST, PATCH, DELETE needs access token, which needs to be passed with "Authorization" header as Bearer token.
- API Versions
/public-api/*
, /public/v1/*
and /public/v2/*
- Get your access token
GraphQL Endpoint
Features
- Fully secured quick prototyping.
- Response format negotiation. (supporting JSON and XML add ".json" or ".xml" to api end point)
- Support for the OPTIONS and HEAD verbs.
- Full search support on all fields. Ex: https://gorest.co.in/public/v2/users?name=kumar
- Data created/modified by a user is only visible to that perticular user, all data will be deleted and recreated on daily basis.
- Request and response logging.
Rate Limiting Headers
- Customize the rate limit per access token.
X-RateLimit-Limit
number of allowed requests/minute.X-RateLimit-Remaining
remaining requests within the current period.X-RateLimit-Reset
seconds to wait before having maximum number of allowed requests again.
Pagination Headers
X-Pagination-Total
total number of results.X-Pagination-Pages
total number of pages.X-Pagination-Page
current page number.X-Pagination-Limit
results per page.
API Version 2
- Path:
/public/v2/*
- Response format Object or Array of Objects
{}
or [{}]
- HTTP Status code contains the actual response code, response headers contains the pagination information, response body contains the results.
API Version 1
- Path:
/public/v1/*
- Response format
{ meta:, data: }
- HTTP status code contains the actual response code,
meta
contains the pagination information and data
contains the actual results
API Version 0
- Path:
/public-api/*
- Response format
{ code :, meta:, data: }
- HTTP status code is always 200,
code
contains the actual response code, meta
contains the pagination information, data
contains the actual results
Authentication
Unlike Web applications, RESTful APIs are usually stateless, which means sessions or cookies should not be used. Therefore, each request should come with some sort of authentication credentials. A common practice is to send a secret access token with each request to authenticate the user. Since an access token can be used to uniquely identify and authenticate a user, API requests should always be sent via HTTPS to prevent man-in-the-middle (MitM) attacks.
There are different ways to send an access token:
- HTTP Basic Auth: the access token is sent as the username.
- Query parameter: the access token is sent as a query parameter in the API URL.
e.g. https://gorest.co.in/public/v2/users?access-token=xxx - OAuth 2: the access token is obtained by the consumer from an authorization server and sent to the API server via HTTP Bearer Tokens , according to the OAuth2 protocol.
- This API supports only "HTTP Bearer Tokens" and "Query parameter Auth"
cUrl Examples for REST API
List users
curl -i -H "Accept:application/json" -H "Content-Type:application/json" -H "Authorization: Bearer ACCESS-TOKEN" -XGET "https://gorest.co.in/public/v2/users"Create user
curl -i -H "Accept:application/json" -H "Content-Type:application/json" -H "Authorization: Bearer ACCESS-TOKEN" -XPOST "https://gorest.co.in/public/v2/users" -d '{"name":"Tenali Ramakrishna", "gender":"male", "email":"tenali.ramakrishna@15ce.com", "status":"active"}' Update user
curl -i -H "Accept:application/json" -H "Content-Type:application/json" -H "Authorization: Bearer ACCESS-TOKEN" -XPATCH "https://gorest.co.in/public/v2/users/6942909" -d '{"name":"Allasani Peddana", "email":"allasani.peddana@15ce.com", "status":"active"}' Delete user
curl -i -H "Accept:application/json" -H "Content-Type:application/json" -H "Authorization: Bearer ACCESS-TOKEN" -XDELETE "https://gorest.co.in/public/v2/users/6942909"cUrl Examples for GraphQL
List users
curl -i -H "Accept:application/json" -H "Content-Type:application/json" -H "Authorization: Bearer ACCESS-TOKEN" -XPOST "https://gorest.co.in/public/v2/graphql" -d '{"query":"query{users {pageInfo {endCursor startCursor hasNextPage hasPreviousPage} totalCount nodes {id name email gender status}}}"}'Get User
curl -i -H "Accept:application/json" -H "Content-Type:application/json" -H "Authorization: Bearer ACCESS-TOKEN" -XPOST "https://gorest.co.in/public/v2/graphql" -d '{"query":"query{user(id: 6942909) { id name email gender status }}"}'Create User
curl -i -H "Accept:application/json" -H "Content-Type:application/json" -H "Authorization: Bearer ACCESS-TOKEN" -XPOST "https://gorest.co.in/public/v2/graphql" -d '{"query":"mutation{createUser(input: {name: \"Tenali Ramakrishna\" gender: \"male\" email: \"tenali.ramakrishna@15ce.com\" status: \"active\"}) {user{id name gender email status}}}"}'Update User
curl -i -H "Accept:application/json" -H "Content-Type:application/json" -H "Authorization: Bearer ACCESS-TOKEN" -XPOST "https://gorest.co.in/public/v2/graphql" -d '{"query":"mutation{updateUser(input: {id: 6942909 name: \"Allasani Peddana\" email: \"allasani.peddana@15ce.com\" status: \"active\"}) {user{id name gender email status}}}"}'Delete User
curl -i -H "Accept:application/json" -H "Content-Type:application/json" -H "Authorization: Bearer ACCESS-TOKEN" -XPOST "https://gorest.co.in/public/v2/graphql" -d '{"query":"mutation{deleteUser(input: {id: 6942909}){user {id name email gender status}}}"}'REST API Http Response Codes
- 200: OK. Everything worked as expected.
- 201: A resource was successfully created in response to a POST request. The Location header contains the URL pointing to the newly created resource.
- 204: The request was handled successfully and the response contains no body content (like a DELETE request).
- 304: The resource was not modified. You can use the cached version.
- 400: Bad request. This could be caused by various actions by the user, such as providing invalid JSON data in the request body etc.
- 401: Authentication failed.
- 403: The authenticated user is not allowed to access the specified API endpoint.
- 404: The requested resource does not exist.
- 405: Method not allowed. Please check the Allow header for the allowed HTTP methods.
- 415: Unsupported media type. The requested content type or version number is invalid.
- 422: Data validation failed (in response to a POST request, for example). Please check the response body for detailed error messages.
- 429: Too many requests. The request was rejected due to rate limiting.
- 500: Internal server error. This could be caused by internal program errors.