How to type third-party API responses in TypeScript (without lying to your compiler)

You add TypeScript to a project, turn on strict, fix every red squiggle, and feel safe. Then a third-party API quietly changes a field from a number to a string, your app explodes in production, and TypeScript never said a word.

That gap surprises people, so it's worth saying plainly: TypeScript checks your code, not the data your code receives at runtime. The moment a value crosses the network boundary, your types are a promise nobody is enforcing. This article walks through how to type API responses honestly — from the quick approaches that only look safe, to the ones that actually hold up when the data misbehaves.

The starting point: fetch gives you nothing

Here's the shape of the problem. The built-in fetch returns a response whose .json() resolves to any:

const response = await fetch("https://api.example.com/users/1");