Introduction to Hoppscotch

Hoppscotch (formerly Postwoman) is an innovative open-source API development ecosystem that runs entirely in the browser. Unlike traditional desktop API clients, Hoppscotch is a Progressive Web App (PWA) that combines the accessibility of web applications with the power of native tools. It’s designed for speed, simplicity, and real-time collaboration.

Born in 2019 as a lightweight alternative to Postman, Hoppscotch has evolved into a comprehensive platform supporting REST, GraphQL, WebSocket, and more—all while maintaining its commitment to being fast, beautiful, and open-source. If you’re exploring modern API testing tools, Hoppscotch stands out as the browser-first option.

Key Features and Capabilities

Browser-Native Architecture

Progressive Web App (PWA)

  • Install as desktop app from browser
  • Works offline after installation
  • Native-like performance
  • Auto-updates seamlessly

No Installation Required

Access: https://hoppscotch.io
Install PWA: Click install icon in address bar
Use offline: Full functionality without internet

Cross-Platform Accessibility

  • Works on any device with a modern browser
  • Consistent experience across desktop, tablet, mobile
  • Share URLs to API requests instantly

Protocol Support

REST API Testing

GET https://api.example.com/users
Authorization: Bearer {{token}}
Content-Type: application/json

GraphQL

query GetUser($id: ID!) {
  user(id: $id) {
    id
    name
    email
    posts {
      title
      publishedAt
    }
  }
}

For GraphQL and gRPC API testing, Hoppscotch provides specialized interfaces that simplify working with these modern protocols.

WebSocket Testing

// Connect to WebSocket
ws://localhost:8080/socket

// Send message
{"type": "subscribe", "channel": "updates"}

// Receive real-time data
{"event": "message", "data": {...}}

Server-Sent Events (SSE)

GET https://api.example.com/events
Accept: text/event-stream

Socket.IO Support

  • Connect to Socket.IO servers
  • Test real-time events
  • Monitor bidirectional communication

Real-Time Collaboration

Shared Workspaces

1. Create workspace
2. Generate invite link
3. Share with team
4. Real-time updates for all members
5. See cursor positions and edits live

Team Features

  • Collaborative collections
  • Shared environments
  • Role-based permissions
  • Activity history
  • Comments and annotations

Environment Management

Multiple Environments

{
  "local": {
    "baseUrl": "http://localhost:3000",
    "apiKey": "dev-key-123"
  },
  "staging": {
    "baseUrl": "https://staging-api.example.com",
    "apiKey": "staging-key-456"
  },
  "production": {
    "baseUrl": "https://api.example.com",
    "apiKey": "{{SECRET_KEY}}"
  }
}

Environment Variables

Global variables: Available across all requests
Environment-specific: Override per environment
Secret variables: Encrypted and protected
Dynamic values: Generated at runtime ({{$timestamp}}, {{$randomInt}})

Advanced Capabilities

Request Interceptor

Hoppscotch Browser Extension enables intercepting requests:

Install Extension:
- Chrome/Edge: Chrome Web Store
- Firefox: Firefox Add-ons

Enable Interceptor:
1. Install extension
2. Enable in Hoppscotch settings
3. Bypass CORS restrictions
4. Access localhost from browser

Code Generation

Generate client code in multiple languages:

// JavaScript (fetch)
fetch('https://api.example.com/users', {
  method: 'GET',
  headers: {
    'Authorization': 'Bearer token123',
    'Content-Type': 'application/json'
  }
})
.then(response => response.json())
.then(data => console.log(data));

// Python (requests)
import requests

url = 'https://api.example.com/users'
headers = {
    'Authorization': 'Bearer token123',
    'Content-Type': 'application/json'
}
response = requests.get(url, headers=headers)
print(response.json())

// cURL
curl -X GET 'https://api.example.com/users' \
  -H 'Authorization: Bearer token123' \
  -H 'Content-Type: application/json'

Supported languages:

  • JavaScript (Fetch, Axios)
  • Python (requests)
  • cURL
  • Go (net/http)
  • PHP (cURL)
  • Java (OkHttp)
  • C# (HttpClient)
  • Ruby (Net::HTTP)

Collections and Organization

Collection Structure

My API Project/
├── Authentication/
│   ├── Login
│   ├── Refresh Token
│   └── Logout
├── Users/
│   ├── Get All Users
│   ├── Get User by ID
│   ├── Create User
│   ├── Update User
│   └── Delete User
└── Admin/
    └── System Health

Import/Export

  • Import from Postman collections
  • Export collections as JSON
  • Share via URL
  • OpenAPI/Swagger import

Testing and Validation

Response Tests

// Status code validation
pm.expect(pw.response.status).to.equal(200);

// Response time check
pm.expect(pw.response.responseTime).to.be.below(500);

// JSON validation
const jsonData = pw.response.body;
pm.expect(jsonData).to.have.property('id');
pm.expect(jsonData.email).to.match(/.+@.+\..+/);

// Header validation
pm.expect(pw.response.headers['content-type']).to.include('application/json');

Pre-Request Scripts

// Set timestamp
pw.env.set("timestamp", Date.now());

// Generate random data
pw.env.set("randomEmail", `user${Math.random()}@example.com`);

// Compute signature
const crypto = require('crypto-js');
const signature = crypto.HmacSHA256(
  pw.request.body,
  pw.env.get('secret_key')
).toString();
pw.env.set("signature", signature);

Self-Hosting

Hoppscotch can be self-hosted for complete control:

Docker Deployment

# Pull Docker image
docker pull hoppscotch/hoppscotch

# Run container
docker run -p 3000:3000 \
  -e DATABASE_URL=postgresql://user:pass@localhost/hoppscotch \
  -e JWT_SECRET=your-secret-key \
  hoppscotch/hoppscotch

# Access at http://localhost:3000

Self-Hosted Benefits

Complete Data Control

  • All data stays on your infrastructure
  • No third-party dependencies
  • Compliance with data regulations
  • Custom security policies

Enterprise Features

  • SSO integration (SAML, OAuth)
  • LDAP/Active Directory
  • Custom branding
  • Advanced auditing

Performance

  • Low latency (local deployment)
  • No rate limits
  • Scalable infrastructure
  • Dedicated resources

Integration and Workflows

CI/CD Integration

Hoppscotch CLI (hopp-cli):

# Install CLI
npm install -g @hoppscotch/cli

# Run collection
hopp test collection.json --env production.json

# Generate reports
hopp test collection.json --reporter json --output results.json

# CI pipeline integration
hopp test collection.json --env ci.json --reporter junit --output report.xml

GitHub Actions Example

name: API Tests
on: [push, pull_request]

jobs:
  test:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3

      - name: Setup Node.js
        uses: actions/setup-node@v3
        with:
          node-version: '18'

      - name: Install Hoppscotch CLI
        run: npm install -g @hoppscotch/cli

      - name: Run API Tests
        run: hopp test api-tests.json --env ci.json
        env:
          API_KEY: ${{ secrets.API_KEY }}

      - name: Upload Results
        if: always()
        uses: actions/upload-artifact@v3
        with:
          name: test-results
          path: test-results.json

Browser Extension Integration

Features

  • Bypass CORS restrictions
  • Access localhost APIs from browser
  • Capture network requests
  • Sync with browser DevTools

Installation

1. Visit Chrome Web Store / Firefox Add-ons
2. Search "Hoppscotch Browser Extension"
3. Install extension
4. Enable in Hoppscotch settings
5. Grant necessary permissions

Real-World Use Cases

Scenario 1: Frontend Development

Challenge: Test backend APIs while developing frontend Solution: Use Hoppscotch PWA for quick API exploration

Workflow:
1. Open Hoppscotch in browser tab
2. Test API endpoints as you develop
3. Generate code snippets for frontend
4. Switch between browser and editor seamlessly
5. No context switching to desktop app

Scenario 2: Team Collaboration

Challenge: Multiple developers need to test same APIs Solution: Shared workspace with real-time updates

Setup:
1. Create team workspace
2. Define shared environments
3. Build collection collaboratively
4. See changes in real-time
5. Comment on requests

Scenario 3: Client Demonstrations

Challenge: Show API capabilities to non-technical stakeholders Solution: Use Hoppscotch’s clean UI and share URLs

Process:
1. Create collection with example requests
2. Add descriptions and documentation
3. Share collection URL with client
4. Client can test APIs in their browser
5. No installation required

Scenario 4: Mobile API Testing

Challenge: Test APIs on mobile devices Solution: Access Hoppscotch via mobile browser

Benefits:
- Responsive design for touch interfaces
- Full functionality on tablets
- Test location-based APIs on actual devices
- Share results instantly

Comparison with Alternatives

FeatureHoppscotchPostmanInsomniaBruno
InstallationBrowser/PWADesktop appDesktop appDesktop app
Offline Mode✓ (after install)
PriceFree (open-source)FreemiumFreemiumFree
Self-Hosting✓✓✓N/A
Real-Time Collab✓✓✓✓ (paid)Git-based
GraphQL✓✓✓✓✓✓✓✓✓✓
WebSocket✓✓✓
Mobile Support✓✓✓LimitedLimitedLimited
Code Generation✓✓✓✓✓LimitedLimited
Learning CurveVery LowMediumLowLow

While Insomnia offers a polished desktop experience, Hoppscotch’s browser-based approach eliminates installation friction entirely.

Best Practices

Organizing Collections

Project Structure:
├── 00-Setup/
│   └── Health Check
├── 01-Authentication/
│   ├── Login
│   └── Register
├── 02-Core Features/
│   └── [Feature-specific requests]
└── 99-Cleanup/
    └── Reset Test Data

Environment Strategy

Development

{
  "baseUrl": "http://localhost:3000",
  "debug": true,
  "timeout": 10000
}

Production

{
  "baseUrl": "https://api.example.com",
  "timeout": 5000,
  "apiKey": "{{SECRET_API_KEY}}"
}

Security Considerations

Protect Sensitive Data

✓ Use secret variables for API keys
✓ Never commit secrets to collections
✓ Enable browser extension only when needed
✓ Use self-hosted instance for confidential APIs
✗ Don't share production credentials
✗ Avoid public workspaces for private APIs

Following API testing best practices is crucial when working with production environments and sensitive data.

Roadmap and Future

Hoppscotch is actively developed with exciting features:

Upcoming Features

  • Advanced mock servers
  • Performance testing capabilities
  • Enhanced GraphQL tooling
  • API documentation generation
  • Webhooks and automation
  • Plugin ecosystem

Community Contributions

  • Open-source on GitHub
  • Active Discord community
  • Regular feature releases
  • Transparent roadmap

Conclusion

Hoppscotch represents the future of API testing: accessible, collaborative, and open-source. Its browser-based architecture eliminates installation friction while providing powerful features comparable to desktop applications. The Progressive Web App approach makes it uniquely suited for:

  • Teams seeking real-time collaboration without paid tiers
  • Developers who want quick access without desktop app overhead
  • Organizations requiring self-hosted solutions for compliance
  • Mobile users needing API testing on tablets and phones
  • Open-source advocates valuing transparency and community

Whether you’re a solo developer testing APIs on the go, a team collaborating on API development, or an enterprise needing self-hosted control, Hoppscotch offers a modern, flexible alternative to traditional API testing tools. Its commitment to being fast, beautiful, and free makes it an invaluable addition to any developer’s toolkit.

Try it at https://hoppscotch.io — no signup required, just open and start testing.