Invoke a flow with an API endpoint using a Client Token
The API endpoint flow is registered as a webhook and is secured through a unique client token. It's only accessible if the requesting service passes the proper client token through the invoke URL. The invoke URL is constructed using a flow alias.
After you invoke a flow, it sends the flow output as a response object.
Use the following procedure to invoke a flow through a registered webhook.
Create your flow
For existing API endpoint flows, you can skip these two flow creation steps. Instead, click the Endpoint settings icon 
shown on the bottom of the API Endpoint event card in your flow.
-
Create a flow in your Workflows Console and click Add event.
-
From the Pick an app to start your flow dialog, select API Endpoint.
Configure your API endpoint settings
-
In the API endpoint settings dialog, select Secure with client token as the security level.
-
When you select this option, it generates a Client token to identify the registered webhook. This unique client token is automatically added as the alias value in the Invoke URL and Resume URL fields.
-
Click copy to save the URL in the Invoke URL field.
-
Click Close to confirm the changed endpoint settings.
Test your API endpoint flow
To invoke the flow, perform a GET or POST request to the Invoke URL. Use the POST method if you need to send data in the body of the request.
If necessary, authenticate your request using one of the following methods.
-
Pass the provided Client token using the clientToken query parameter. This is the default behavior.
-
Pass the provided Client token as a value in the x-api-client-token header. This is the most secure option. However, don't use this together with the clientToken query parameter.
Related topics
Function: API Endpoint