The HTTP app provides various modules for communication based on Hypertext Transfer Protocol (HTTP) protocol. HTTP is the foundation of data communication for the World Wide Web. The modules enable you to download web pages and files, call webhooks and API endpoints, etc.
The right choice of the module depends on the authentication/authorization mechanism the resource you wish to access employs:
HTTP > Make a request module is a universal module that enables you to configure an HTTP request and submit it to a server. The received HTTP response is then contained in the output bundle. The example below shows how to setup the module to submit a POST request with JSON payload:
NOTE: To make sure your JSON is valid, you may use one of the available online services (e.g. https://jsonlint.com/) or employ JSON > Create JSON module to create the JSON dynamically and take care of all the necessary escaping (see our tutorial Use JSON Generator to create a JSON Data Structure and make an HTTP request for detailed explanation). Mixing JSON pieces with expressions and items directly in the Request content field is not recommended as it can result in invalid JSON.
In order to make an HTTP(S)request to servers that require a OAuth 2.0 authorization, you first need to create a OAuth connection.
Create a OAuth client in the target service with which you want Integromat to communicate with. This option will mostly likely be found in the Developer section of the given service. When creating the client, you will be asked to specify a so called
Redirect URL (sometimes called as
Callback URL). Always enter
https://www.integromat.com/oauth/cb/oauth2 in this field.
Once you have created the client, the given service will display two keys
Client ID and
Client Secret. Some services call these
App Key and
App Secret. Make sure you write down these keys, you will be asked to provide them when creating the connection in Integromat.
Authorize URI and
Token URI in the API documentation of the given service (if the service uses Implicit flow, you will need only
Authorize URI). These are URL addresses through which Integromat communicates with the target service. The addresses serve for OAuth authorization.
Examples of Yahoo addresses:
If the target service uses scopes (access rights), check how the service separates individual scopes and make sure you set the separator in the advanced settings accordingly. If the separator is not set correctly, Integromat will fail to create the connection and you will receive an invalid scope error.
Once you have completed the steps above, you can start to create the OAuth connection in Integromat. Add the OAuth 2.0 HTTP(S) request and response processing module to your scenario and in the Connection section click on the Add button.
codefor Autorization Code flow and
tokenfor Implicit flow
After the connection is established, the module uses by default the bearer token which is sent in the request header field. The bearer token has the following format:
Authorization: Bearer <access token>
When creating a connection, it is possible to adjust where the token shall be located, whether in the header in the
Authorization parameter or in the URL in the query string.
The Raw body type is generally suitable for most HTTP body requests even is situations where developer documentation does not specify data to send, with the following field option of specifying content type as a form of parsing data.
Despite the content type selected, data is entered in any format that is stipulated or required by the developer documentation.
Multipart/form-data is an HTTP multipart request that HTTP clients construct to send files and data over to an HTTP module. It is commonly used to upload files to your desired server.
You will notice that when you select application form the input method changes and this entails that from the developer documentation you will have the relevant fields required, same also applies to Multipart/form-data whereby in order to receive files encoded with
mutlipart/form-data, it is necessary to configure a data structure with a
collection type field that contains the nested fields
data. So as you can see the way the information is received is different.
This body type is to POST data using
application/x-www-form-urlencoded, the body of the HTTP message sent to the server is essentially one giant query string -- name/value pairs are separated by the ampersand (
&), and names are separated by the fields name and value for easy use to you and replacing the equals symbol (
=) used in coding. However, after you have configured the above it will look like the example shown below: