Testnizer
EN TR
Download
v1.4.30 — free forever · a project by Apinizer

The offline API client for teams requiring absolute data privacy.

Testnizer is a free, fully offline desktop app for testing HTTP, SOAP, WebSocket, GraphQL, gRPC and SSE — built by Apinizer for teams in banking, government, insurance and healthcare where production credentials and payloads must never leave the machine.

Download for macOS, Windows, Linux Read the docs

macOS (arm64 / x64) · Windows (x64 / arm64) · Linux (deb / AppImage)

latest releasev1.4.30 downloads201 telemetrynone
Testnizer running with the Swagger Petstore OpenAPI loaded — sidebar shows the imported endpoint tree, the request pane shows a POST /pet with a JSON body, the response pane shows a 200 OK with the returned pet object.

Imported a Swagger spec, ran a POST, got a 200. No account, no cloud sync, no telemetry.

The four guarantees

Your data never leaves your machine.

Not when you decode a JWT. Not when you sign an XML envelope. Not when you check for updates. Not ever.

100% Offline

Air-gapped networks supported. The app sends API requests only to the targets you configure — never to a vendor server. No login, no account, no telemetry.

Local Storage Only

Workspaces, projects, environments, history, certificates and secrets live in a single SQLite database on your disk. Move it, back it up, delete it — your call.

Internal Git & Local DB

Tests live next to your code in your existing Git repo. Built-in simple-git integration means collections branch and review through your normal PR pipeline.

Zero Data Leakage

The renderer has CSP connect-src self — physically incapable of reaching the public internet. Every API call goes through an audited main-process IPC handler you control.

Why offline matters

Where your data actually goes.

Concern SaaS API clients Testnizer
Where collections live Vendor cloud workspace Local SQLite on your disk
Where tokens are stored Synced to vendor servers OS keychain (Keychain / DPAPI / libsecret)
JWT decode Web app sends token to a remote service Local crypto — token stays in process
WS-Security sign / encrypt Online tools or separate desktop app Built-in main process with xml-crypto + Node crypto
Telemetry On by default None — and no opt-in either
Air-gapped network Doesn't work Works

Protocols

Test what enterprise systems actually run on.

Not just REST. SOAP envelopes, gRPC streams, WebSocket sessions, and event streams — first-class, on-device.

HTTP / REST

Methods, params, headers, body, cookies, mTLS, proxy, redirects, multipart with file upload, scripts, assertions.

SOAP / WSDL

WSDL import (URL or file), manual envelope mode, SOAP 1.1 + 1.2, multi-service, multi-port.

gRPC

.proto import, all four streaming modes, metadata, JSON skeleton from message fields.

WebSocket

ws + wss, custom headers, JSON / text composer, message timeline.

Socket.IO

Connect with namespace + auth, emit events with a JSON payload, subscribe to any event name, watch the bidirectional timeline.

GraphQL

Query, mutation, subscription, schema introspection, variables JSON.

AI Chat

14 providers (OpenAI, Anthropic, Google, xAI, DeepSeek, Mistral, Groq…) plus Custom URL — streaming, multi-turn. Requests go directly to the provider you configure; this is the only feature that contacts an external server.

Server-Sent Events

Long-lived streams with Last-Event-ID resume.

MCP

Model Context Protocol client. Streamable HTTP, SSE, and stdio (local subprocess) transports. List tools advertised by the server, invoke them with JSON arguments, inspect results.

Built-in tools

All the things you'd otherwise paste into jwt.io.

Every utility runs on-device. No round-trips to a third-party site to "format your JSON" or "decode your token." If the network is off, the tools still work.

  • JWT debugger
  • WS-Security workbench
  • AES / RSA encrypt / decrypt
  • XML Signature & Encryption
  • JSON / XML formatters
  • Base64 / URL / Hex encoders
  • JSONPath / XPath / XSLT / Jolt
  • Text diff

Migration

Bring your existing collections.

Lossless round-trips for the documented surface — including scripts and variables.

OpenAPI 3.x Swagger 2.0 Postman v2.1 Insomnia v4 cURL WSDL .proto RAML 1.0 SoapUI / ReadyAPI HAR
For regulated industries

Need enterprise support?

The free binary is distributed as-is, with no maintenance or security-patch obligation. If your organization needs paid support, response-time SLAs, on-premise deployment assistance, training, or custom development — typical for banking, public sector, defense, healthcare, and regulated infrastructure — get in touch.

Open an inquiry

Free. No vendor lock-in. No subscription.

Testnizer is built and maintained by Apinizer. There is no "pro" tier, no cloud workspace upsell, no waitlist for real features. We made it because we needed it ourselves.

Download Testnizer