dev

JSON Formatter and Validator for API Debugging

Debug JSON with a practical formatter and validator workflow for RFC-style syntax errors, escaping, numbers, nested payloads, schemas, JWT data, and safe redaction.

When an API response fails, the first question is not β€œhow do I beautify this JSON?” The useful question is β€œis this text valid JSON, is the structure readable, and does the payload satisfy the contract my application expects?” Formatting helps you see the shape. Validation tells you whether the text follows JSON syntax. Neither step alone proves the data is semantically correct.

Separate syntax problems from data problems

A JSON formatter should be used in two passes. First, validate the text as JSON. Second, use the formatted output to inspect fields, nesting, arrays, and suspicious values. Keeping these tasks separate avoids a common mistake: assuming that readable indentation means the payload is valid or accepted by an API.

Valid JSON has strict syntax rules. Object names are strings in double quotes. Strings use double quotes, not single quotes. Control characters must be escaped. Numbers cannot use JavaScript conveniences such as `NaN`, `Infinity`, or trailing decimal points. Arrays and objects cannot have trailing commas. Whitespace is allowed between tokens, but it does not fix invalid punctuation or quoting.

Application data has its own rules on top of JSON. A payload may be syntactically valid but still fail because `id` is a string instead of a number, an enum value is unknown, a required property is missing, or a nested object appears where the schema expects an array. Treat JSON validation as the first gate, not the final verdict.

Read the first error before editing everything

When validation fails, start with the first error location. A missing comma or quote near the top can create a chain of later errors that disappear after the first fix. Look at the reported line, the previous line, and the nearest opening brace or bracket. Most JSON syntax bugs are local, but their error messages often look confusing because the parser only knows where it got stuck.

Common syntax failures include trailing commas after the last property, single-quoted strings copied from JavaScript examples, unescaped backslashes in Windows paths, unescaped newlines inside strings, and comments copied from configuration files. JSON is a data format, not a JavaScript object literal, so features that feel normal in code are often invalid in JSON.

Preserve the original response while debugging

Do not edit the only copy of a failing response. Save the original text, then format a duplicate. This matters when you need to compare client logs, server logs, browser network output, and support tickets. A cleaned-up sample is easier to read, but the original response is evidence.

For API debugging, keep three versions: the raw response, the formatted response, and a minimal reproduction sample. The raw response proves what came over the wire. The formatted response helps humans review it. The minimal sample isolates the failing field or nesting pattern so another developer can reproduce the issue without reading the entire payload.

Decode wrapped JSON only when the wrapper is real

Many payloads contain JSON inside another format. A JWT header and payload are Base64URL-encoded JSON segments, so inspect token structure with JWT Decoder rather than pasting the whole token into a formatter. Some APIs also send Base64-wrapped JSON strings; in that case, decode the wrapper first with Base64 Encoder, then validate the decoded text as JSON.

Do not guess that every unreadable string is encoded JSON. If the decoded output is binary-looking text, random characters, or invalid UTF-8, the value may be encrypted, compressed, signed, or simply not JSON. Forcing it through a formatter can create misleading output.

Handle escaping and Unicode deliberately

Escaping is one of the most frequent JSON debugging traps. A backslash inside a string starts an escape sequence. Windows paths such as `C:\temp\file.json` need escaped backslashes in JSON text. Newlines inside string values should be represented as `\n`, not pasted as literal line breaks unless the producer serializes them correctly.

Modern JSON exchanged on the web is expected to work with Unicode text, and UTF-8 is the practical default for interoperable APIs. Still, bugs appear when a system double-escapes text, mixes encodings, or serializes already-encoded strings again. If the formatted output shows unexpected `\u` sequences, broken characters, or extra quotation marks around an entire object, inspect the producer before editing the payload manually.

Redact sensitive data without changing structure

Online tools are convenient, but real production payloads often contain secrets, access tokens, customer records, emails, internal IDs, or request signatures. Do not paste sensitive values into a browser tool. Create a redacted copy that keeps the same shape: replace token values with `REDACTED_TOKEN`, use sample emails, shorten long IDs, and keep array lengths only when length affects the bug.

Good redaction keeps the debugging signal. Bad redaction changes field types, removes nesting, or deletes the value that triggers the error. If a bug depends on a long string, keep a synthetic string of the same length class. If it depends on a missing field, do not add the field just to make the sample look cleaner.

Debug checklist

  • Validate syntax before interpreting business meaning.
  • Fix the first syntax error before chasing later ones.
  • Check for trailing commas, single quotes, comments, invalid escapes, and unclosed strings.
  • Keep the raw response, formatted response, and minimal reproduction separate.
  • Decode JWT or Base64-wrapped data only when the wrapper is known.
  • Redact secrets while preserving field types and nesting.
  • Confirm valid JSON against the API schema or application contract.

FAQ

Can a formatter repair invalid JSON automatically?

It can make valid JSON readable and may point to syntax errors, but it should not silently invent missing structure. You still need to understand and fix the producer or the copied sample.

Why does valid JSON still fail my API request?

Syntax validation only proves that the text is JSON. The API may require specific fields, types, enum values, date formats, authentication, or schema rules.

Is it safe to paste API JSON into an online formatter?

Only if the data is non-sensitive. For production payloads, redact secrets, tokens, personal data, customer identifiers, and internal credentials before using a browser tool.

Why does my decoded JSON contain extra quotes?

The producer may have serialized a JSON string that itself contains JSON. In that case you are looking at double-encoded data, and you need to inspect the serialization step rather than only reformatting the final text.

Back to tutorials

Continue reading

Base64 Encoding for API Payloads

Use Base64 encoding safely for API payload fields, debugging tokens, comparing URL encoding, and checking browser-side encoded data before sending requests.

How to Beautify Minified JSON Safely in Browser

Learn a safe browser workflow for beautifying minified JSON, checking API payloads, spotting nested data issues, and sharing readable examples without changing the original structure.

Decode JWT Payload with Base64 Safely

Learn how to decode a JWT payload with Base64, inspect claims in a browser, compare token segments, and avoid mistaking decoded content for verified signatures.