Invoke a flow with an API endpoint

An API Endpoint flow is a type of flow that can be triggered by changes at an external source.

Unlike flows that start with events associated with a connected application, these flows can be triggered at any time. The only requirement is that the external client calls the designated endpoint with the valid security credentials.

When the external client calls the endpoint, the flow is executed and the client receives any output from that flow execution.

There are two ways of exposing your API endpoint:

  • Exposed as a Webhook: An API endpoint flow that is exposed as a webhook is only accessible if the client making the HTTP request passes the proper client token to the invoke URL. The invoke URL is constructed using the flow alias. For more information about client tokens and flow aliases, see Flow client token and Flow aliases.
  • Exposed as a Public Service: An API endpoint flow that is exposed as a public service is available to anyone with the invoke URL. The invoke URL is constructed using the flow alias.

You can change how you expose an API endpoint using the API endpoint settings dialog. To access this dialog, click the Endpoint settings icon </> on the bottom of an API Endpoint event card.

Exposed as a Webhook

To invoke a flow as an exposed webhook, perform the following tasks:

  1. In the API endpoint settings dialog, copy the URL in the Invoke URL field.

  2. Perform a GET or POST request to that URL. Use the POST method if you need to send data in the body of the request.

  3. Authenticate your request with one of the following methods:

    • Pass the provided token using the clientToken query parameter. This is the default behavior.

    • Pass the provided token as the value for the x-api-client-token header. This is the most secure option. However, don't use this with the clientToken query parameter.

Exposed as a Public Service

To invoke a flow as a public service, perform the following tasks:

  1. In the API endpoint settings dialog, copy the URL in the Invoke URL field.

  2. Perform a GET or POST request to that URL. Use the POST method if you need to send data in the body of the request.

You don't need to pass along any authentication options in the request to invoke a flow at this security level.

After you invoke the flow, you receive the output of your flow as a response object.

Related topics

Invoke an API endpoint flow