Fixing Malformed JSON Errors In Apex: A Comprehensive Guide

Aug 8, 2025 by Sebastian Müller 60 views

Troubleshooting JSON Deserialization Errors in Apex HTTP Responses

Hey guys! Ever been there, staring at your Apex code, trying to parse that HTTP JSON response, and bam! You hit the dreaded System.JSONException: Malformed JSON: Expected '[' at the beginning of List/Set error? Yeah, it's a classic head-scratcher. But don't worry, we've all been there, and today, we're going to break down exactly why this happens and how to fix it. This guide is all about making sure you can seamlessly deserialize JSON responses in your Salesforce Apex code, especially when dealing with REST APIs and callouts. We’ll dive deep into the common causes, provide practical examples, and offer step-by-step solutions to get your code running smoothly. So, grab your coffee, and let's get started!

So, what does this error even mean? Let's break it down. The System.JSONException: Malformed JSON: Expected '[' at the beginning of List/Set error is Salesforce's way of telling you that it expected to find an opening square bracket ([) at the start of a JSON array but didn't. This usually happens when you're trying to deserialize a JSON response into a List or Set in Apex, but the JSON structure doesn't match what Apex expects. In other words, your Apex code thinks it's getting a list of items, but the JSON is formatted differently. Maybe it's a single object, or the array is nested deeper than you anticipated.

JSON Basics: Before we dive into the specifics, let's quickly recap JSON (JavaScript Object Notation). JSON is a lightweight format for data interchange, easy for humans to read and write, and easy for machines to parse and generate. It's based on two structures:

Objects: A collection of key-value pairs, enclosed in curly braces {}.
Arrays: An ordered list of values, enclosed in square brackets [].

When you're deserializing JSON in Apex, you're essentially converting this text-based format into Apex data structures (like Lists, Sets, and custom classes). If the JSON structure doesn't align with your Apex class structure, you’ll run into issues.

Common Causes: Here are the usual suspects behind this error:

Incorrect JSON Structure: The most common cause is that the JSON you're receiving isn't in the format you expect. For example, you might expect a list of objects, but you're getting a single object or a more complex structure.
Mismatched Apex Class Definition: Your Apex class might not accurately reflect the structure of the JSON. Fields might be named differently, or the data types might not match.
Nested Arrays or Objects: Sometimes, the JSON has arrays nested within objects or vice versa, and your Apex code isn't handling this nesting correctly.
Empty JSON Response: In some cases, you might be getting an empty JSON response or a response that isn't valid JSON at all.

Understanding these causes is the first step in troubleshooting. Now, let's look at some practical examples and how to tackle them.

Okay, let's get our hands dirty with some code! We'll look at a real-world scenario and see how to fix the dreaded JSON deserialization error. Imagine you're calling an external API that's supposed to return a list of products. Here's how you might approach it and the potential pitfalls.

Scenario: Calling an API for a List of Products

Let’s say you're making a callout to an external service that should return a list of products in JSON format. Your initial Apex code might look something like this:

public class ProductService {
 public static List<Product> getProducts() {
 HttpResponse res = makeCallout(); // Assume this method makes the actual callout
 String jsonBody = res.getBody();
 return (List<Product>) JSON.deserialize(jsonBody, List<Product>.class);
 }

 public class Product {
 public String name { get; set; }
 public Decimal price { get; set; }
 }
}

In this example, we're expecting a JSON array of products, each with a name and price. But what if the API returns something different?

Example 1: Incorrect JSON Structure

Suppose the API returns a single product object instead of a list:

{
 "name": "Awesome Gadget",
 "price": 99.99
}

If you try to deserialize this using the code above, you'll get the Malformed JSON: Expected '[' error because Apex is expecting a list (an array starting with [), but it's getting an object (starting with {).

Solution: To fix this, you need to adjust your Apex code to match the JSON structure. If you're getting a single object, you should deserialize it into a single Product instance, not a list:

public class ProductService {
 public static Product getProduct() { // Changed return type to Product
 HttpResponse res = makeCallout();
 String jsonBody = res.getBody();
 return (Product) JSON.deserialize(jsonBody, Product.class); // Deserialize into Product class
 }

 public class Product {
 public String name { get; set; }
 public Decimal price { get; set; }
 }
}

Example 2: Nested JSON Structure

Now, let's say the API returns a JSON object that contains an array of products:

{
 "products": [
 {
 "name": "Awesome Gadget",
 "price": 99.99
 },
 {
 "name": "Cool Thing",
 "price": 49.99
 }
 ]
}

In this case, the array of products is nested inside a JSON object with the key "products". If you try to deserialize this directly into List<Product>, you'll get the error again because the JSON structure doesn't match your expectation.

Solution: You need to create an Apex class that represents the outer JSON object and then access the list of products. Here's how you can do it:

public class ProductService {
 public static List<Product> getProducts() {
 HttpResponse res = makeCallout();
 String jsonBody = res.getBody();
 ProductResponse response = (ProductResponse) JSON.deserialize(jsonBody, ProductResponse.class);
 return response.products; // Access the list of products from the response
 }

 public class ProductResponse {
 public List<Product> products { get; set; }
 }

 public class Product {
 public String name { get; set; }
 public Decimal price { get; set; }
 }
}

Here, we've created a ProductResponse class to match the outer JSON object. It has a products property, which is a list of Product objects. This allows us to correctly deserialize the JSON and access the list of products.

Example 3: Empty JSON Response

Sometimes, APIs might return an empty JSON array or an empty string if there are no results. For example:

[]

Or:

""

If you try to deserialize an empty string into a list, you might get an error. Similarly, if the API returns null, your code might throw a NullPointerException.

Solution: It's a good practice to check for empty responses before deserializing. Here’s how you can do it:

public class ProductService {
 public static List<Product> getProducts() {
 HttpResponse res = makeCallout();
 String jsonBody = res.getBody();
 if (String.isBlank(jsonBody)) {
 return new List<Product>(); // Return an empty list
 }
 return (List<Product>) JSON.deserialize(jsonBody, List<Product>.class);
 }

 // ... rest of the class
}

By checking if the JSON body is blank, we can return an empty list, avoiding the deserialization error.

Alright, we've covered the basics and some common scenarios. Now, let's level up our JSON deserialization game with some advanced techniques and best practices. These tips will help you write more robust and maintainable code.

1. Using JSON2Apex for Class Generation

One of the best tools in your arsenal is JSON2Apex. This handy utility generates Apex classes from JSON samples, saving you a ton of time and reducing the risk of errors. Instead of manually creating Apex classes to match your JSON structure, you can simply paste your JSON sample into JSON2Apex, and it will generate the classes for you.

How to Use It: There are several online JSON2Apex tools available. Simply search for "JSON2Apex" in your favorite search engine. Paste your JSON sample into the tool, and it will generate the corresponding Apex classes. You can then copy and paste these classes into your Salesforce org.
Benefits: This approach ensures that your Apex classes perfectly match the JSON structure, reducing the likelihood of deserialization errors. It also saves you time and effort, especially when dealing with complex JSON structures.

2. Handling Different Data Types

JSON supports several data types, including strings, numbers, booleans, and null values. When deserializing, it's crucial to ensure that your Apex class properties match these data types. For example, if a JSON field contains a number, your Apex property should be of type Integer, Decimal, or Double.

Type Mismatches: A common issue is trying to deserialize a string into a number field or vice versa. Salesforce will throw an error if the data types don't match.
Handling Null Values: JSON null values can also cause issues if your Apex properties aren't nullable. To handle null values, you can use the (String) cast or the JSON.deserializeStrict method with appropriate handling.

3. Using JSON.deserializeStrict

By default, JSON.deserialize is lenient and ignores extra fields in the JSON that don't exist in your Apex class. However, this can sometimes hide issues. If you want to ensure that the JSON exactly matches your Apex class structure, you can use JSON.deserializeStrict.

Benefits: JSON.deserializeStrict throws an error if there are any extra fields in the JSON that don't exist in your Apex class. This can help you catch errors early and ensure that your code is robust.
Usage: Simply replace JSON.deserialize with JSON.deserializeStrict in your code.

4. Testing and Error Handling

No code is perfect, and errors can happen. It's essential to have robust error handling in place to catch and handle JSON deserialization issues gracefully. Additionally, writing unit tests that cover different scenarios, including error cases, is crucial.

Try-Catch Blocks: Use try-catch blocks to catch System.JSONException and handle it appropriately. You can log the error, display a user-friendly message, or take other corrective actions.
Unit Tests: Write unit tests that cover different scenarios, including cases where the JSON is malformed, contains unexpected data, or is empty. This will help you ensure that your code is resilient to errors.

5. Logging and Debugging

When things go wrong, logging and debugging are your best friends. Use System.debug statements to log the JSON response and other relevant information. This will help you understand what's happening and identify the root cause of the issue.

Log Levels: Use appropriate log levels (e.g., DEBUG, INFO, ERROR) to control the amount of logging information. Avoid logging sensitive information in production.
Debug Logs: Analyze the debug logs to see the exact JSON response and any errors that occurred during deserialization. This will help you pinpoint the issue and develop a solution.

By incorporating these advanced techniques and best practices, you'll be well-equipped to handle JSON deserialization in Apex like a pro!

Even with a solid understanding of JSON deserialization, there are still some common pitfalls that can trip you up. Let's look at these and how to avoid them. Think of this as your troubleshooting checklist.

1. Case Sensitivity

JSON field names are case-sensitive. This means that the field names in your JSON must exactly match the property names in your Apex class. If there's a case mismatch, the deserialization will fail, or the field will be null.

Pitfall: Forgetting that `