The HTTP app provides various modules for communication based on Hypertext Transfer Protocol (HTTP) protocol. HTTP is the foundation of data communication for the World Wide Web. The modules enable you to download web pages and files, call webhooks and API endpoints, etc.
The right choice of the module depends on the authentication/authorization mechanism the resource you wish to access employs:
HTTP > Make a request module is a universal module that enables you to configure an HTTP request and submit it to a server. The received HTTP response is then contained in the output bundle. The example below shows how to setup the module to submit a POST request with JSON payload:
NOTE: To make sure your JSON is valid, you may use one of the available online services (e.g. https://jsonlint.com/) or employ JSON > Create JSON module to create the JSON dynamically and take care of all the necessary escaping (see our tutorial Use JSON Generator to create a JSON Data Structure and make an HTTP request for detailed explanation). Mixing JSON pieces with expressions and items directly in the Request content field is not recommended as it can result in invalid JSON.
In order to make an HTTP(S)request to servers that require a OAuth 2.0 authorization, you first need to create a OAuth connection.
Create a OAuth client in the target service with which you want Integromat to communicate with. This option will mostly likely be found in the Developer section of the given service. When creating the client, you will be asked to specify a so called Redirect URL
(sometimes called as Callback URL
). Always enter https://www.integromat.com/oauth/cb/oauth2
in this field.
Once you have created the client, the given service will display two keys Client ID
and Client Secret
. Some services call these App Key
and App Secret
. Make sure you write down these keys, you will be asked to provide them when creating the connection in Integromat.
Find the Authorize URI
and Token URI
in the API documentation of the given service (if the service uses Implicit flow, you will need only Authorize URI
). These are URL addresses through which Integromat communicates with the target service. The addresses serve for OAuth authorization.
Examples of Yahoo addresses:
https://api.login.yahoo.com/oauth2/request_auth
https://api.login.yahoo.com/oauth2/get_token
If the target service uses scopes (access rights), check how the service separates individual scopes and make sure you set the separator in the advanced settings accordingly. If the separator is not set correctly, Integromat will fail to create the connection and you will receive an invalid scope error.
Once you have completed the steps above, you can start to create the OAuth connection in Integromat. Add the OAuth 2.0 HTTP(S) request and response processing module to your scenario and in the Connection section click on the Add button.
code
for Autorization Code flow and token
for Implicit flowhttps://www.integromat.com/oauth/cb/oauth2
authorization_code
https://www.integromat.com/oauth/cb/oauth2
refresh_token
After the connection is established, the module uses by default the bearer token which is sent in the request header field. The bearer token has the following format: Authorization: Bearer <access token>
When creating a connection, it is possible to adjust where the token shall be located, whether in the header in the Authorization
parameter or in the URL in the query string.
HTTP Message Body is the data bytes transmitted in an HTTP transaction message immediately following the headers if there are any to be used.
The Raw body type is generally suitable for most HTTP body requests even is situations where developer documentation does not specify data to send, with the following field option of specifying content type as a form of parsing data.
Despite the content type selected, data is entered in any format that is stipulated or required by the developer documentation.
Multipart/form-data is an HTTP multipart request that HTTP clients construct to send files and data over to an HTTP module. It is commonly used to upload files to your desired server.
You will notice that when you select application form the input method changes and this entails that from the developer documentation you will have the relevant fields required, same also applies to Multipart/form-data whereby in order to receive files encoded with mutlipart/form-data
, it is necessary to configure a data structure with a collection
type field that contains the nested fields name
, mime
and data
. So as you can see the way the information is received is different.
This body type is to POST data using application/x-www-form-urlencoded
For application/x-www-form-urlencoded
, the body of the HTTP message sent to the server is essentially one giant query string -- name/value pairs are separated by the ampersand (&
), and names are separated by the fields name and value for easy use to you and replacing the equals symbol (=
) used in coding. However, after you have configured the above it will look like the example shown below:
MyVariableOne=ValueOne&MyVariableTwo=ValueTwo
It is possible to generate a JWT token with the help of built-in functions:
Header:
Code for copy&paste:
{{replace(replace(replace(base64("{""alg"":""HS256"",""typ"":""JWT""}"); "/=/g"; emptystring); "/\+/g"; "-"); "/\//g"; "_")}}
Payload:
Code for copy&paste:
{{replace(replace(replace(base64("{""iss"":""key"",""exp"":" + (timestamp + 60) + "}"); "/=/g"; emptystring); "/\+/g"; "-"); "/\//g"; "_")}}
Token:
Code for copy&paste:
{{1.value}}.{{2.value}}.{{replace(replace(replace(sha256(1.value + "." + 2.value; "base64"; "secret"); "/=/g"; emptystring); "/\+/g"; "-"); "/\//g"; "_")}}