PHPackages apiura/apiura - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Testing & Quality](/categories/testing) 4. / 5. apiura/apiura ActiveLibrary[Testing & Quality](/categories/testing) apiura/apiura ============= Interactive API documentation and testing tool for Laravel. Browse, test, save, and annotate your API endpoints from a single page. v1.0.0(3mo ago)02MITBladePHP ^8.2 Since Feb 17Pushed 2mo agoCompare [ Source](https://github.com/AhmadMHairon/APIura)[ Packagist](https://packagist.org/packages/apiura/apiura)[ RSS](/packages/apiura-apiura/feed)WikiDiscussions main Synced 1mo ago READMEChangelogDependencies (1)Versions (2)Used By (0) APIura ====== [](#apiura) A drop-in interactive API documentation and testing tool for any Laravel application. Browse, test, save, and annotate your API endpoints — all from a single page. No npm, no build step. [![Laravel 10+](https://camo.githubusercontent.com/93554d1ac44e7880097a6bd117e99f90c33ddf03dcf0a37f3047fa50b8aaa4d2/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f4c61726176656c2d31302532422d726564)](https://camo.githubusercontent.com/93554d1ac44e7880097a6bd117e99f90c33ddf03dcf0a37f3047fa50b8aaa4d2/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f4c61726176656c2d31302532422d726564) [![PHP 8.2+](https://camo.githubusercontent.com/187240af044d09d5b14a1d9d9ebdf3f7a993e4c7bc09bdb46b4ba661a891bf5b/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f5048502d382e322532422d626c7565)](https://camo.githubusercontent.com/187240af044d09d5b14a1d9d9ebdf3f7a993e4c7bc09bdb46b4ba661a891bf5b/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f5048502d382e322532422d626c7565) [![License MIT](https://camo.githubusercontent.com/5caa455d8debc46fb23abbadb45a733a937f3910a73fc875c2f7820468e1bb54/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f4c6963656e73652d4d49542d677265656e)](https://camo.githubusercontent.com/5caa455d8debc46fb23abbadb45a733a937f3910a73fc875c2f7820468e1bb54/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f4c6963656e73652d4d49542d677265656e) --- What You Get ------------ [](#what-you-get) - **IDE-Style Interface** — VS Code-inspired layout with activity bar, sidebar, tabbed editor, and status bar - **Interactive API Browser** — All your API endpoints organized by tags, with search and filtering - **Request Builder** — Build and fire requests with path params, query params, headers, and JSON body - **Response Preview** — Syntax-highlighted JSON responses with status codes and timing - **Tabbed Editing** — Open multiple endpoints in tabs with independent state per tab - **Request History** — Local history of all requests sent, persisted in localStorage - **Save Requests** — Persist requests with their responses for team reference - **Comments** — Annotate saved requests by role (backend, frontend, QA) - **API Flows** — Create multi-step request sequences with variable extraction between steps - **Modules** — Organize saved requests and flows into hierarchical folders (up to 3 levels deep) - **Database Schema Viewer** — Browse all your tables, columns, indexes, and foreign keys - **Environment Profiles** — Save and switch between base URL / auth token configurations - **Export to Markdown** — Download your API docs + DB schema as a ZIP - **Export OpenAPI** — Export your spec with saved cases, examples, or clean - **Telescope Integration** — View recent request history if Telescope is installed - **Dark/Light Mode** — Toggle theme preference with full CSS variable theming - **Keyboard Shortcuts** — Ctrl+Enter to send, Ctrl+S to save, Ctrl+L to clear - **Import cURL** — Paste a cURL command to populate the request builder - **Zero Dependencies** — Single Blade file using Alpine.js + Tailwind from CDN --- Requirements ------------ [](#requirements) - **Laravel 10+** (tested on 11 and 12) - **PHP 8.2+** - **[Scramble](https://github.com/dedoc/scramble)** (recommended) — for auto-generating the OpenAPI spec from your routes --- Installation ------------ [](#installation) ### Step 1: Install the package [](#step-1-install-the-package) ``` composer require apiura/apiura --dev ``` The package uses Laravel's auto-discovery, so the service provider is registered automatically. ### Step 2: Publish the config (optional) [](#step-2-publish-the-config-optional) ``` php artisan vendor:publish --tag=apiura-config ``` ### Step 3: Run migrations [](#step-3-run-migrations) ``` php artisan migrate ``` ### Step 4: Generate your API spec [](#step-4-generate-your-api-spec) ``` # Install Scramble if you haven't already composer require dedoc/scramble # Generate the OpenAPI spec file php artisan scramble:export ``` This creates `api.json` in your project root. APIura reads this file to display your endpoints. If Scramble is installed, APIura will generate the spec live — the static file is only used as a fallback. ### Step 5: Visit the explorer [](#step-5-visit-the-explorer) ``` http://your-app.test/apiura ``` Done. --- Configuration ------------- [](#configuration) All values can be set via `.env`. Publish the config file first with `php artisan vendor:publish --tag=apiura-config`. ### Environment Variables [](#environment-variables) ``` # ── APIura Configuration ────────────────────────────────────── # Require login to access APIura (recommended for shared staging servers) APIURA_REQUIRE_AUTH=false # Path to the static OpenAPI JSON spec file (fallback when Scramble is not installed) APIURA_SPEC_PATH=api.json # Comma-separated list of APP_ENV values where APIura is accessible # Production is ALWAYS blocked regardless of this setting APIURA_ENVIRONMENTS=local,staging,testing # Maximum requests per minute to APIura endpoints APIURA_RATE_LIMIT=60 # Default items per page for saved requests and flows lists APIURA_PER_PAGE=50 # Fully qualified class name of your User model APIURA_USER_MODEL=App\Models\User # Comma-separated table names to hide from the Database Schema viewer APIURA_SCHEMA_EXCLUDE=migrations,password_reset_tokens,password_resets,failed_jobs,job_batches,jobs,cache,cache_locks,sessions,personal_access_tokens,telescope_*,saved_api_requests,saved_api_request_comments,saved_api_flows,apiura_modules ``` ### Config Options [](#config-options) KeyEnv VariableDefaultDescription`require_auth``APIURA_REQUIRE_AUTH``false`When `true`, adds Laravel's `auth` middleware. Users must be logged in.`user_model``APIURA_USER_MODEL``App\Models\User`Your User model class for saved request/comment ownership.`spec_path``APIURA_SPEC_PATH``base_path('api.json')`Path to the OpenAPI JSON spec file.`allowed_environments``APIURA_ENVIRONMENTS``local,staging,testing`Environments where the explorer is accessible. **Production is always blocked.**`rate_limit``APIURA_RATE_LIMIT``60`Max requests per minute to APIura endpoints.`per_page``APIURA_PER_PAGE``50`Items per page when listing saved requests and flows.`schema_exclude_tables``APIURA_SCHEMA_EXCLUDE`*(see above)*Tables to hide from the DB Schema viewer. Supports wildcards.--- Publishing Assets ----------------- [](#publishing-assets) ``` # Publish config only php artisan vendor:publish --tag=apiura-config # Publish views (to customize the UI) php artisan vendor:publish --tag=apiura-views # Publish migrations (to modify them) php artisan vendor:publish --tag=apiura-migrations ``` --- Package Structure ----------------- [](#package-structure) ``` apiura/ ├── composer.json ├── LICENSE ├── README.md ├── config/ │ └── apiura.php ├── database/migrations/ │ └── 2024_01_01_000000_create_apiura_tables.php ├── resources/views/ │ └── apiura.blade.php # The entire SPA ├── routes/ │ └── apiura.php └── src/ ├── ApiuraServiceProvider.php ├── Console/Commands/ │ └── GenerateApiDocs.php # docs:generate artisan command ├── Http/ │ ├── Controllers/ │ │ ├── ApiuraController.php │ │ ├── ApiuraModuleController.php │ │ ├── SavedApiFlowController.php │ │ ├── SavedApiRequestCommentController.php │ │ └── SavedApiRequestController.php │ ├── Middleware/ │ │ └── EnsureApiuraAccess.php │ ├── Requests/ │ │ ├── StoreApiuraModuleRequest.php │ │ ├── StoreSavedApiFlowRequest.php │ │ ├── StoreSavedApiRequestCommentRequest.php │ │ ├── StoreSavedApiRequestRequest.php │ │ ├── UpdateApiuraModuleRequest.php │ │ ├── UpdateSavedApiFlowRequest.php │ │ └── UpdateSavedApiRequestRequest.php │ └── Resources/ │ ├── ApiuraModuleResource.php │ ├── SavedApiFlowResource.php │ ├── SavedApiRequestCommentResource.php │ └── SavedApiRequestResource.php ├── Models/ │ ├── ApiuraModule.php │ ├── SavedApiFlow.php │ ├── SavedApiRequest.php │ └── SavedApiRequestComment.php └── Services/ ├── ModuleDuplicateDetectionService.php └── OpenApiExportService.php ``` --- Database Tables --------------- [](#database-tables) The migration creates 4 tables: ### `apiura_modules` [](#apiura_modules) Hierarchical folders for organizing saved requests and flows. ColumnTypeNullableDescription`id`bigintNoPrimary key`parent_id`bigintYesFK to self (cascade delete)`name`stringNoModule name`description`textYesDescription`sort_order`intNoFor drag-drop ordering### `saved_api_requests` [](#saved_api_requests) Saved API requests with their responses. ColumnTypeNullableDescription`id`bigintNoPrimary key`user_id`bigintYesFK to users (optional)`module_id`bigintYesFK to apiura\_modules`name`stringYesDisplay name`priority`stringYes`low`, `medium`, `high`, `critical``team`stringYesTeam label`method`stringNoHTTP method`path`stringNoAPI path`path_params`jsonYesPath parameters`query_params`jsonYesQuery parameters`headers`jsonYesRequest headers`body`jsonYesRequest body`response_status`intYesHTTP status code`response_headers`jsonYesResponse headers`response_body`longtextYesFull response### `saved_api_request_comments` [](#saved_api_request_comments) Comments attached to saved requests, tagged by team role. ColumnTypeNullableDescription`id`bigintNoPrimary key`saved_api_request_id`bigintNoFK (cascade delete)`user_id`bigintYesFK to users (optional)`author_name`stringYesName if no user`author_type`enumNo`backend`, `frontend`, `qa`, `other``content`textNoComment text`status`stringNo`info`, `resolved`, `wontfix`, `warning`, `critical`### `saved_api_flows` [](#saved_api_flows) Multi-step API test sequences. ColumnTypeNullableDescription`id`bigintNoPrimary key`module_id`bigintYesFK to apiura\_modules`name`stringNoFlow name`description`textYesDescription`steps`jsonNoArray of step configs`default_headers`jsonYesHeaders for all steps`continue_on_error`booleanNoContinue after failure--- Routes Reference ---------------- [](#routes-reference) All routes are prefixed with `/apiura` and protected by the `EnsureApiuraAccess` middleware. MethodPathControllerDescriptionGET`/apiura``ApiuraController@index`Main explorer pageGET`/apiura/db-schema``ApiuraController@dbSchema`Database schema JSONGET`/apiura/export-md``ApiuraController@exportMarkdown`Download docs as ZIPGET`/apiura/export-openapi/{mode}``ApiuraController@exportOpenApi`Export OpenAPI JSONGET`/apiura/telescope``ApiuraController@telescopeEntries`Request historyGET`/apiura/telescope/{uuid}``ApiuraController@telescopeEntry`Single request detailsGET`/apiura/saved-requests``SavedApiRequestController@index`List saved requestsPOST`/apiura/saved-requests``SavedApiRequestController@store`Save a requestGET`/apiura/saved-requests/{id}``SavedApiRequestController@show`Get saved requestPUT`/apiura/saved-requests/{id}``SavedApiRequestController@update`Update saved requestDELETE`/apiura/saved-requests/{id}``SavedApiRequestController@destroy`Delete saved requestGET`/apiura/saved-requests/{id}/comments``...CommentController@index`List commentsPOST`/apiura/saved-requests/{id}/comments``...CommentController@store`Add commentPUT`/apiura/saved-requests/{id}/comments/{cid}``...CommentController@update`Update commentDELETE`/apiura/saved-requests/{id}/comments/{cid}``...CommentController@destroy`Delete commentGET`/apiura/modules``ApiuraModuleController@index`List modulesPOST`/apiura/modules``ApiuraModuleController@store`Create modulePOST`/apiura/modules/reorder``ApiuraModuleController@reorder`Reorder modulesPOST`/apiura/modules/move-items``ApiuraModuleController@moveItems`Move itemsPOST`/apiura/modules/import-preview``ApiuraModuleController@importPreview`Preview importPOST`/apiura/modules/import-execute``ApiuraModuleController@importExecute`Execute importGET`/apiura/modules/{id}``ApiuraModuleController@show`Get modulePUT`/apiura/modules/{id}``ApiuraModuleController@update`Update moduleDELETE`/apiura/modules/{id}``ApiuraModuleController@destroy`Delete moduleGET`/apiura/flows``SavedApiFlowController@index`List flowsPOST`/apiura/flows``SavedApiFlowController@store`Create flowPOST`/apiura/flows/bulk``SavedApiFlowController@bulkStore`Bulk create flowsPOST`/apiura/flows/bulk-delete``SavedApiFlowController@bulkDestroy`Bulk delete flowsGET`/apiura/flows/{id}``SavedApiFlowController@show`Get flowPUT`/apiura/flows/{id}``SavedApiFlowController@update`Update flowDELETE`/apiura/flows/{id}``SavedApiFlowController@destroy`Delete flow--- Security -------- [](#security) ### Production is Always Blocked [](#production-is-always-blocked) The `EnsureApiuraAccess` middleware **always returns 404 in production**, regardless of any config setting. There is no override flag. ### Environment Allow-list [](#environment-allow-list) After the production check, the middleware checks if `APP_ENV` is in the `allowed_environments` config (default: `local`, `staging`, `testing`). ### Optional Authentication [](#optional-authentication) Set `APIURA_REQUIRE_AUTH=true` to require login via Laravel's `auth` middleware. ### Rate Limiting [](#rate-limiting) All routes are throttled using the `apiura` rate limiter (default: 60 req/min). The package registers this rate limiter automatically. ### CSRF [](#csrf) Since these are web routes, Laravel's CSRF protection applies automatically. The JavaScript handles CSRF tokens by reading the `XSRF-TOKEN` cookie. --- Optional Integrations --------------------- [](#optional-integrations) ### Telescope [](#telescope) If [Laravel Telescope](https://laravel.com/docs/telescope) is installed, the explorer automatically shows a "Telescope" option with recent API requests. No configuration needed. ### Scramble [](#scramble) [Scramble](https://github.com/dedoc/scramble) is the recommended tool for auto-generating the OpenAPI spec. If installed, APIura generates the spec live. Otherwise, set `APIURA_SPEC_PATH` to your static spec file. --- Customization ------------- [](#customization) ### Change the URL prefix [](#change-the-url-prefix) Publish the routes and modify the prefix: ``` php artisan vendor:publish --tag=apiura-views ``` Or override the routes in your own `routes/web.php`. ### Custom User model [](#custom-user-model) If your User model is not `App\Models\User`, set it in your `.env`: ``` APIURA_USER_MODEL=App\Models\Admin ``` ### Publish views for UI customization [](#publish-views-for-ui-customization) ``` php artisan vendor:publish --tag=apiura-views ``` Views will be copied to `resources/views/vendor/apiura/`. --- Troubleshooting --------------- [](#troubleshooting) ### "404 Not Found" when visiting `/apiura` [](#404-not-found-when-visiting-apiura) 1. Check your `APP_ENV` — must be `local`, `staging`, or `testing` (not `production`) 2. Run `php artisan route:list --name=apiura` to verify routes are registered 3. Make sure the package is installed: `composer show apiura/apiura` ### Empty endpoint list [](#empty-endpoint-list) 1. Install Scramble: `composer require dedoc/scramble` 2. Generate the spec: `php artisan scramble:export` 3. Verify `api.json` exists in your project root ### CSRF token errors on POST/PUT/DELETE [](#csrf-token-errors-on-postputdelete) The explorer expects Laravel's default `XSRF-TOKEN` cookie. Ensure the `ValidateCsrfToken` middleware is active (default in Laravel). --- Development (local path) ------------------------ [](#development-local-path) To develop the package alongside your Laravel app, use Composer's path repository: ``` // In your Laravel app's composer.json: "repositories": [ { "type": "path", "url": "../apiura-kit" } ] ``` Then: `composer require apiura/apiura --dev` This creates a symlink — changes in the package directory are instantly reflected. --- License ------- [](#license) MIT — see [LICENSE](LICENSE) for details. ### Health Score 36 — LowBetter than 82% of packages Maintenance83 Actively maintained with recent releases Popularity2 Limited adoption so far Community6 Small or concentrated contributor base Maturity46 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Unknown Total 1 Last Release 91d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/ad39c36d8a59aa93092763b7a4dcbc4005b32b1e53ab3058bc548cc8585dad07?d=identicon)[AhmadMHairon](/maintainers/AhmadMHairon) --- Top Contributors [![AhmadMHairon](https://avatars.githubusercontent.com/u/81325058?v=4)](https://github.com/AhmadMHairon "AhmadMHairon (3 commits)") --- Tags testingapilaraveldocumentationswaggeropenapi ### Embed Badge ![Health badge](/badges/apiura-apiura/health.svg) ``` [![Health](https://phpackages.com/badges/apiura-apiura/health.svg)](https://phpackages.com/packages/apiura-apiura) ``` ### Alternatives [darkaonline/l5-swagger OpenApi or Swagger integration to Laravel 2.9k34.0M112](/packages/darkaonline-l5-swagger)[davidhsianturi/laravel-compass An elegant REST assistent for the Laravel framework. 1.3k84.5k](/packages/davidhsianturi-laravel-compass)[osteel/openapi-httpfoundation-testing Validate HttpFoundation requests and responses against OpenAPI (3+) definitions 1201.9M6](/packages/osteel-openapi-httpfoundation-testing)[api-platform/laravel API Platform support for Laravel 59126.4k6](/packages/api-platform-laravel) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)