How do I compress an API payload?

Send a gzip-compressed body with Content-Encoding: gzip. In curl: gzip -c payload.json | curl -X POST --data-binary @- -H 'Content-Encoding: gzip' -H 'Content-Type: application/json' https://api.example.com. In Python, use gzip.compress(json.dumps(data).encode()) and set the header. The server must support Content-Encoding to decompress it.

How do I send large payloads to an API?

For large payloads, use chunked transfer encoding (Transfer-Encoding: chunked) to stream the body, compress with gzip (Content-Encoding: gzip), paginate the data across multiple smaller requests, or use multipart uploads for files. Most APIs have size limits — check the documentation and consider uploading files to object storage instead.

What is the difference between body and payload?

In HTTP, "body" and "payload" are used interchangeably to describe the data sent in an HTTP request or response, separate from the headers. Technically, the payload is the meaningful application data within the body, while the body may include framing or encoding overhead. In practice, API documentation uses both terms to mean the same thing.

How do I validate a request payload structure?

Use JSON Schema validation: define the expected payload structure (required fields, types, formats) and validate incoming payloads against it. Libraries include Ajv for Node.js, jsonschema for Python, and joi for Express.js. This analyzer shows the actual payload structure to compare against your schema documentation.

What causes payload corruption in API requests?

Common causes: incorrect Content-Type header causing the server to misparse the body, double-encoding (JSON-stringifying an already-stringified object), character encoding mismatches (UTF-8 vs Latin-1), truncated bodies due to a size limit, and binary data sent without proper Base64 encoding. Paste the raw body into this analyzer to inspect the actual bytes.

All tools

Payload Analyzer - Analyze API Payloads Instantly

Inspect, analyze, and optimize API request and response payloads

100% in-browserNo signupFree forever

Payload Size & Performance Analyzer

Live

Learn More About Payload Optimization

API Payload Size Optimization: Performance Best Practices

Reduce payload size, improve API performance, and enhance mobile efficiency.

Read →

What Is a Payload Analyzer?

An HTTP payload is the body of a request or response — the data transmitted alongside headers. When a frontend sends a login form, POST request, or webhook event, the payload carries the actual content: user credentials, JSON objects, file uploads, or XML documents. Understanding that content is essential for debugging APIs, auditing integrations, and optimizing performance.

A payload analyzer parses and inspects that body data regardless of its encoding. Instead of manually decoding a URL-encoded form string or counting bytes in a nested JSON tree, the analyzer surfaces structure, field types, size metrics, and content at a glance. It supports all common Content-Type values — JSON, form-urlencoded, multipart, XML, and plain text — so you can work with any API or webhook payload without switching tools.

How it works

Analyze Payloads in Seconds

Paste or type your payload

Paste the raw request body — JSON, form-encoded string, multipart data, XML, or plain text — directly into the editor.

Select the content type

Choose the Content-Type that matches your payload, or let the tool auto-detect it from the input format.

Inspect structure and fields

View a parsed breakdown of all fields, nested objects, arrays, data types, and individual field sizes.

Identify issues and optimize

Spot oversized fields, unexpected null values, missing keys, or structural mismatches against your API documentation.

Supported Content Types

The analyzer handles the six content types most commonly found in REST, GraphQL, and webhook payloads:

Content-Type	Common use
`application/json`	REST API request and response bodies, webhooks, GraphQL
`application/x-www-form-urlencoded`	HTML form submissions, OAuth token requests
`multipart/form-data`	File uploads, mixed form fields and binary data
`text/xml`	Legacy REST APIs, RSS/Atom feeds, configuration payloads
`application/xml`	SOAP services, enterprise integrations, XML-based APIs
`text/plain`	Raw text bodies, log payloads, simple string data

Use cases

When Developers Analyze Payloads

🐛

API Debugging

Inspect the exact body sent to an endpoint when a request returns unexpected results — no guesswork about what was actually transmitted.

🔔

Webhook Inspection

Paste a raw webhook event body to decode its structure and verify fields before writing handler logic.

🔐

Security Testing

Examine request bodies for sensitive data exposure, unexpected fields, or injection payloads during penetration testing.

📄

API Documentation

Explore an undocumented payload to understand its schema and generate accurate field-level documentation.

🧪

Integration Testing

Verify that the payload a service sends during integration tests matches the expected contract before deploying.

📱

Mobile App Debugging

Analyze payloads from mobile apps to identify oversized responses or unnecessary fields that affect bandwidth and battery.

FAQ

Frequently Asked Questions

1What is an HTTP payload?

An HTTP payload is the body of a request or response — the actual data being sent, separate from the URL and headers. Request payloads carry data to the server (for example, a JSON object in a POST request), while response payloads carry data back to the client.

2What content types does the Payload Analyzer support?

The tool supports application/json, application/x-www-form-urlencoded, multipart/form-data, text/xml, application/xml, and text/plain. Auto-detection works for most standard payloads.

3Is my payload data sent to any server?

No. All analysis runs entirely in your browser. Your payload data never leaves your device, making it safe to use with production credentials, tokens, and other sensitive request bodies.

4How is a payload analyzer different from a JSON formatter?

A JSON formatter only pretty-prints JSON. A payload analyzer handles multiple content types, measures size, inspects individual fields and data types, and surfaces structural information useful for debugging, security review, and documentation.

5Can I use this to inspect webhook payloads?

Yes. Copy the raw webhook body from your server logs, debugging proxy, or request inspector and paste it into the analyzer. The tool will parse and display its structure regardless of content type.

6What is an API request payload?

An API request payload is the body data sent in an HTTP request — the actual content transmitted to the server, separate from the URL and headers. Common types include JSON objects in POST requests, form-encoded data, multipart file uploads, and XML. The Content-Type header declares the payload format.

7What is the maximum payload size for HTTP requests?

There is no HTTP protocol-level maximum, but servers enforce limits: Nginx defaults to 1MB (client_max_body_size), Express.js to 100KB for JSON, AWS API Gateway to 10MB, and Cloudflare Workers to 100MB. Exceeding these returns a 413 Request Entity Too Large error.

8How do I fix a 413 Request Entity Too Large error?

Increase the server body size limit (e.g. client_max_body_size 10m in Nginx or express.json({ limit: '10mb' }) in Express), compress the payload with gzip, paginate into smaller requests, or upload files to object storage and send only the URL.

9How do I inspect a request payload in Chrome DevTools?

Open DevTools (F12), go to the Network tab, and click any request. The Payload tab shows the decoded request body for POST/PUT requests. For JSON, Chrome displays a parsed tree view. Click "view source" to see the raw body.

10How do I check the size of a JSON payload?

Paste your JSON into this analyzer — it reports the total byte size automatically. In JavaScript: new Blob([JSON.stringify(obj)]).size. In Python: len(json.dumps(obj).encode('utf-8')).

11How do I mask sensitive data in payloads?

Replace sensitive fields (passwords, tokens, PII) with redacted placeholders before logging or sharing. Create a sanitizer function that deep-clones the payload and replaces sensitive keys with ***. This analyzer flags common sensitive field names (password, token, ssn, credit_card) to assist in identification.

12How do I debug a missing payload in Express?

If req.body is undefined in Express, add body-parsing middleware: app.use(express.json()) for JSON and app.use(express.urlencoded({ extended: true })) for form data. Verify the request has a matching Content-Type header and that the middleware is registered before your route handlers.

Learn more

Developer Guides

📖Top 10 JSON Payload Errors 📖Why API Payloads Break 📖Payload Design Best Practices 📖Fix Payload Parsing Errors

Feedback for payload_analyzer

Tell us what's working, what's broken, or what you wish we built next — it directly shapes our roadmap.

You make the difference

Good feedback is gold — a rough edge you hit today could be smoother for everyone tomorrow.

Feature ideas often jump the queue when lots of you ask.
Bug reports with steps get fixed faster — paste URLs or examples if you can.
Name and email are optional; we won't use them for anything except replying if needed.

Stay Updated

Get the latest tool updates, new features, and developer tips delivered to your inbox.

What you'll get

Product updates & new tools
JSON, API & developer tips
Unsubscribe anytime — no hassle

Get in touch

Feature ideas, bugs, or a quick thanks — we read every message.

support@unblockdevs.com