Validate API JSON Responses (Webhook & REST Payload Validator)
Validate webhook bodies, vendor responses, and integration payloads against your expected structure before they hit billing logic, retry loops, or downstream LLM steps.
Paste your JSON → Get results instantly (no signup)
→ Validate this order payload against a small schema config.
1{2 "valid": false,3 "errors": [4 {5 "field": "customer_email",6 "message": "Expected string, received null"7 },8 {9 "field": "total_amount",10 "message": "Expected number, received string"11 },12 {13 "field": "items",14 "message": "Expected array, received number"15 }16 ]17}Love the result?
Use this exact pipeline in your app, backend, or LLM workflow.
No setup needed. Works with curl, Node, Python.
Uses example data. For edited input, copy from the playground.
Works with:
- Webhook payloads (Stripe, Shopify, GitHub)
- REST API responses
- Vendor SDK output
- Retry-loop validation
- OpenAPI / Swagger response shapes
Example: input → output
Third-party APIs do not always fail cleanly. A webhook may send a field as null, a REST endpoint may return a different shape after a version change, or a retry loop may keep processing the same malformed payload. This API JSON validator helps you check webhook bodies, vendor responses, and integration payloads against the structure your app expects before they create downstream errors.
Why API JSON breaks in production
Most API issues are not caused by invalid JSON syntax. They happen when the JSON is valid, but the payload no longer matches the contract your code assumes.
Common examples include:
- a payment webhook missing a required
event_id - a vendor response changing
itemsfrom an array to an object - a nested customer email arriving as
null - a retry event reusing the same idempotency key
- a
429or5xxresponse returning an error body instead of the success shape
These are the cases where schema validation is useful. It gives you a clear report before your pipeline, worker, or LLM step consumes the payload.
Common webhook and vendor inconsistencies
Webhook and REST payloads often drift over time. Providers may add new fields, omit optional fields, or return different objects for test mode, sandbox mode, failed requests, and retry attempts.
Use this validator when you want to confirm that an API response still matches your expected shape before you store it, transform it, or pass it into another system.
Good checks include:
- required event IDs
- nested user or customer objects
- arrays of line items
- enum-like status fields
- timestamps and retry metadata
- error payloads versus success payloads
Debug payload failures faster
When an integration fails, the hard part is often finding whether the problem came from your code or from the incoming payload.
A schema check helps separate those cases:
4xxresponse body with a different error shape429retry response missing the normal data object- webhook event with a partial customer record
- vendor SDK output that wraps the real payload one level deeper
- duplicate event caused by retry semantics or reused idempotency keys
Instead of guessing, paste the payload and schema, then inspect the validation report.
How to validate before it bites you
Paste the API JSON payload you received, define the structure your app expects, and run the validator. The result shows which fields are missing, mismatched, or shaped differently than expected.
This is useful before:
- accepting webhook events
- importing vendor API data
- running background jobs
- converting API responses into CSV
- passing API JSON into an LLM
- saving external payloads to your database
For a general overview of schema validation, see JSON Schema Validator.
Example: webhook payload validation
Imagine your worker expects a webhook like this:
{
"event_id": "evt_123",
"type": "invoice.paid",
"created_at": "2026-05-04T10:00:00Z",
"customer": {
"id": "cus_456",
"email": "buyer@example.com"
},
"line_items": [
{
"sku": "starter-plan",
"quantity": 1
}
],
"retry": {
"attempt": 1,
"idempotency_key": "invoice-paid-evt_123"
}
}If customer.email becomes null, line_items is no longer an array, or event_id is missing, the validator should catch the mismatch before the payload reaches billing logic, analytics, or an automation pipeline.
When to use this tool
Use this API JSON validator when the JSON comes from an external system and your app depends on a predictable contract.
It is especially useful for:
- webhook debugging
- REST API response checks
- third-party vendor payload review
- retry-loop validation
- OpenAPI or Swagger response-shape testing
- pre-processing JSON before an LLM call
The goal is not only to confirm that JSON parses. The goal is to confirm that the payload is safe for the next step in your workflow.
Frequently asked questions
Why does my webhook payload keep failing validation?+−
Most webhook failures are not invalid JSON — they are valid JSON that no longer matches your expected contract. Common causes include a provider adding or omitting a field, a nested email arriving as null, an array changing to an object, or a retry event sending an error shape instead of the normal success shape. Paste the failing payload here against your expected schema to see which specific field broke the contract.
How do I validate a third-party API response before retrying?+−
Run the response body through this validator with a schema that lists the fields and types your retry logic depends on (event ID, status, timestamps, idempotency key). If the validator reports a mismatch, you know to log and skip the event rather than blindly retry. This separates 'transient API failure' from 'contract drift' so retry storms do not amplify a real provider regression.
Does this validator handle deeply nested webhook and REST payloads?+−
Yes. The validator walks the document and reports every mismatch by JSON path, so deeply nested fields like customer.address.line1 or line_items[0].sku surface as their own entries with the expected type and the actual value. Use it to catch shape drift in vendor SDK output that wraps the real payload one or two levels deeper than your code expects.
Is the API payload uploaded anywhere when I paste it?+−
No. The validator runs entirely in your browser — the API response, webhook body, or vendor payload never leaves your machine and is never logged on a server. There is no signup or rate limit, so you can paste production-shaped data while debugging a live integration without exposing it.
How is this different from a generic JSON validator?+−
A generic JSON validator only checks syntax — whether the input parses. This API JSON validator checks structure: required event IDs, expected field types, nested customer objects, arrays of line items, and enum-like status fields. For API integrations, syntax is rarely the failure mode; contract drift is. This tool catches the contract failures specifically.
Related tools
Read more on the blog
Advanced usage (optional)
Schema Validation
v1.0.0Description
Schema Validation
Validate JSON against a JSON Schema-style subset and return a field-level report.
This utility is a report-producing transformer. It does not block, skip, warn, or otherwise control pipeline execution. Use validation.contract when a pipeline needs guardrail behavior.
Supported V1 Schema Fields
type:object,array,string,number,boolean, ornullrequired: array of required object keysproperties: object field rulesitems: array item ruleenum: primitive values only, using strings, numbers, booleans, or null
Unknown fields are ignored in V1.
Invalid schema config returns:
{
"valid": false,
"errors": [
{ "field": "$schema", "message": "Missing or invalid schema config" }
]
}Configuration
| Name | Type | Default | Description |
|---|---|---|---|
| Schema Config | json | {"type":"object","required":[],"properties":{}} | JSON Schema-style subset. Supports type, required, properties, items, and primitive enum values. Unknown fields are ignored in V1. |
Examples
Validate this order payload against a small schema config.1{2 "valid": false,3 "errors": [4 {5 "field": "customer_email",6 "message": "Expected string, received null"7 },8 {9 "field": "total_amount",10 "message": "Expected number, received string"11 },12 {13 "field": "items",14 "message": "Expected array, received number"15 }16 ]17}1{2 "type": "object",3 "required": [4 "order_id",5 "customer_email",6 "total_amount",7 "currency",8 "items"9 ],10 "properties": {11 "order_id": {12 "type": "string"13 },14 "customer_email": {15 "type": "string"16 },17 "total_amount": {18 "type": "number"19 },20 "currency": {21 "type": "string",22 "enum": [23 "USD",24 "EUR",25 "GBP"26 ]27 },28 "items": {29 "type": "array",30 "items": {31 "type": "object",32 "required": [33 "sku",34 "qty"35 ],36 "properties": {37 "sku": {38 "type": "string"39 },40 "qty": {41 "type": "number"42 }43 }44 }45 }46 }47}API Usage
curl -X POST https://your-domain.com/api/v1/utilities/validation.schema \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{"inputs":{"primary":{"order_id":"ORD_1001","customer_email":null,"total_amount":"42.50","currency":"USD","items":2}},"config":{"schema":{"type":"object","required":["order_id","customer_email","total_amount","currency","items"],"properties":{"order_id":{"type":"string"},"customer_email":{"type":"string"},"total_amount":{"type":"number"},"currency":{"type":"string","enum":["USD","EUR","GBP"]},"items":{"type":"array","items":{"type":"object","required":["sku","qty"],"properties":{"sku":{"type":"string"},"qty":{"type":"number"}}}}}}}}'1{2 "valid": false,3 "errors": [4 {5 "field": "customer_email",6 "message": "Expected string, received null"7 },8 {9 "field": "total_amount",10 "message": "Expected number, received string"11 },12 {13 "field": "items",14 "message": "Expected array, received number"15 }16 ]17}