Make HTTP calls to any external REST API from your automation graph. The HTTP Request extension is the universal integration point — any service that exposes an API can be connected to your bot using this extension.
Type: ACTION Handler: BUILT_IN Category: Actions
Overview
The HTTP Request extension allows your bot to interact with any HTTP endpoint — fetching data, posting updates, calling webhooks, or authenticating against third-party services. It supports all standard HTTP methods, custom headers, query parameters, and a variety of body formats.
The HTTP Request extension has no required secrets by default. If your target API requires authentication, add an Authorization header in the Headers config, or use a secret reference via {{secrets.MY_API_KEY}}.
Configuration
These fields are configured in the Node Config Sidebar when the node is selected on the canvas.
| Field | Type | Required | Description |
|---|---|---|---|
url | string | ✅ | The full URL of the endpoint to call. Supports template strings (e.g., https://api.example.com/users/{{trigger.data.userId}}). |
method | enum | ✅ | HTTP method. One of: GET, POST, PUT, PATCH, DELETE. |
headers | key-value | — | Custom HTTP headers. Each entry is a key-value pair. Commonly used for Content-Type and Authorization. |
queryParams | key-value | — | Query parameters appended to the URL (e.g., ?page=1&limit=20). |
body | string | — | The request body. Supports JSON, raw text, and template strings. Only used for POST, PUT, and PATCH requests. |
timeout | number | — | Request timeout in milliseconds. Default: 30000 (30 seconds). |
Example Configuration
{
"url": "https://api.example.com/messages",
"method": "POST",
"headers": {
"Content-Type": "application/json",
"Authorization": "Bearer {{secrets.MY_API_TOKEN}}"
},
"body": "{\"text\": \"{{outputs.ai_node.response}}\"}"
}
Input Schema
Data that can be mapped to this node from upstream nodes via edge mappings.
| Field | Type | Description |
|---|---|---|
url | string | Override the configured URL at runtime. Useful when the endpoint is dynamic. |
body | string | object | Override the configured body at runtime. |
headers | object | Merge additional headers at runtime on top of the configured headers. |
Output Schema
Data produced by this node, available to downstream nodes via edge mappings or template strings.
| Field | Type | Description |
|---|---|---|
status | number | The HTTP response status code (e.g., 200, 201, 404). |
statusText | string | The HTTP status text (e.g., "OK", "Not Found"). |
body | object | string | The parsed response body. If the response is JSON, this is an object. Otherwise, it is a raw string. |
headers | object | Response headers returned by the server. |
ok | boolean | true if the status code is in the 200–299 range. |
Accessing Response Data
Use template strings to access fields from the response in downstream nodes:
{{outputs.http_request_1.body.id}} → A field from a JSON response body
{{outputs.http_request_1.status}} → The HTTP status code
{{outputs.http_request_1.ok}} → Whether the request succeeded
{{outputs.http_request_1.headers.x-token}} → A specific response header
Error Handling
- 4xx errors (client errors) — The node outputs the error response body and sets
ok: false. Execution continues unless a downstream If Condition branches onok. - 5xx errors (server errors) — The engine retries the request 3 times with exponential backoff (1s, 2s, 4s). If all retries fail, execution stops for that branch.
- Timeouts — Treated as a retriable error; same retry logic applies.
To handle errors gracefully, connect the output of this node to an If Condition and branch on {{outputs.http_request_1.ok}}.
Examples
Fetch data from a public API
{
"url": "https://api.github.com/repos/narakim/narakim",
"method": "GET",
"headers": {
"Accept": "application/vnd.github+json"
}
}
Access in downstream node:
Stars: {{outputs.http_1.body.stargazers_count}}
POST data to a webhook
{
"url": "https://hooks.slack.com/services/T00/B00/xxx",
"method": "POST",
"headers": { "Content-Type": "application/json" },
"body": "{\"text\": \"Bot alert: {{trigger.data.event}}\"}"
}
Authenticated API call with a secret
{
"url": "https://api.stripe.com/v1/customers",
"method": "GET",
"headers": {
"Authorization": "Bearer {{secrets.STRIPE_API_KEY}}"
}
}
Required Secrets
None by default. If your target API requires authentication, configure your credentials via the Configurations → Extension Secrets tab and reference them using {{secrets.YOUR_KEY_NAME}} in the Headers or Body fields.
Limitations
- Maximum response body size:
10 MB - Maximum request timeout:
60 seconds - HTTP/2 is not supported; all requests use HTTP/1.1
- File upload (multipart/form-data) is not yet supported — use Database Media for file operations