Django’s URL routing system is straightforward and powerful. urlpatterns, include(), and namespaces make it easy to organize routes cleanly. But as a project grows with multiple apps, third-party packages, and layered APIs - it becomes harder to keep track of what’s actually registered.

If you’ve ever installed a popular library like django-allauth or dj-stripe, you’ve likely surfaced endpoints you didn’t explicitly write yourself. That may be fine. But Django doesn’t give you great visibility into everything your project is exposing out of the box.

This is why I’ve built dj-urls-panel - a way to visually search. inspect and test all of the URLs that are defined in your project. It plugs right into your Django admin, exposes a full featured interface and requires zero additional configuration.

The URL Sprawl Problem

In large Django projects, URLs becomes a sprawl across

  • App-level urls.py
  • Nested include() calls
  • Namespaces
  • Third-party libraries
  • Admin routes
  • API endpoints

At some point, answering simple questions becomes non-trivial. We should be able to answer one important question immediately:

what urls is my app exposing?

If you can’t answer this question confidently and quickly you have a visibility problem and potentially a security issue.

Why Not Just Use Swagger or Redoc?

Tools like Swagger UI and Redoc are excellent and I use them myself extensibly, but they exist to solve a specific problem. They are OpenAPI based tools intended to generate sharable API documentation and provide some client side exploration via interactive UIs. Typically you would point them at only part of your application (likely a REST API.)

dj-urls-panel is not an API documentation generator; It is a URL introspection tool.

It inspects all urlpatterns defined in your Django application - whether they’re API endpoints, template views, auth callbacks, webhook receivers, or third-party routes. Anything tied to a URL pattern is visible with this tool. It is purposefully built to be broader and more internal in scope.

What dj-urls-panel Does

dj-urls-panel offers:

  • URL Visualization: View all Django URL patterns in an organized, searchable interface
  • URL Testing Interface: Swagger-like interface for testing URLs with:
  • DRF Integration: Automatic detection and visualization of Django REST Framework serializers
  • Security Features:
    • Configurable SSRF protection with default blocklist for internal IPs
    • Optional host whitelisting for production environments
    • Ability to disable testing interface entirely

The goal is to give you immediate, internal clarity about what your system exposes.

Built-In URL Testing Interface

dj-urls-panel also includes a lightweight testing interface directly inside the admin. If you’re using Swagger UI purely for testing endpoints internally, this can simplify your stack. It’s not meant to replace OpenAPI tooling for public documentation. But for internal verification and exploration, it covers a common use case without introducing another dependency.

images/dj-urls-panel-test-request.png

Part of a Larger Effort

dj-urls-panel is one piece of a broader effort to allow the Django admin to act as a control plane. The growing list of panels includes

  • Redis.
  • Cache.
  • Celery.
  • and now URLs

The admin already has authentication and permissioning built in. It is a secure internal surface that most teams trust. Extending it to expose operational insight is a natural evolution.

Try It

Repository: https://github.com/yassi/dj-urls-panel

PyPI: https://pypi.org/project/dj-urls-panel/

Docs: https://yassi.github.io/dj-urls-panel/

If you build with Django and have thoughts, feedback, or feature ideas, I’d love to hear them.

As always, more Django admin tooling coming soon.