Wait for HTTP Request v2.2.4 Help

Starts the Flow after receiving an HTTP request.

How can I use the Step?

This Step lets you start a Flow upon receiving an HTTP request. You can use the Step to build Flows that rely on HTTP to transfer data and respond to external events, such as webhook integrations or API calls.

How does the Step work?

The Step waits for an HTTP request to be received at the specified URL. Once the request is received, the Step starts the Flow and sends the request data to the next Step in the Flow.

HTTP settings

To set up the section, specify the Flow slug and HTTP methods you want to use:

  • For URL path, enter a unique URL slug for your Flow. It must not start with a slash /, contain uppercase letters, whitespaces, or the following characters: \:^?<>|&%'#[]+=„"{}.
  • For HTTP methods, select HTTP methods suitable for your task. Each selected method adds a separate exit to the Step.
  • Optional: Turn on Process all selected methods with a single exit to use a single exit for all request types.

Output settings

By default, Step returns a result according to the following format:

json
{
    "method": "",
    "path": "",
    "request": {
        "method": "",
        "headers": {
            "authorization": ""
        },
        "queryParams": {},
        "body": {}
    }
}
{
    "method": "",
    "path": "",
    "request": {
        "method": "",
        "headers": {
            "authorization": ""
        },
        "queryParams": {},
        "body": {}
    }
}
  • In the Output data structure field, you can customize the Step's output structure to align it with the structure of the inbound request. This is particularly useful if you need to access specific request properties from the subsequent Steps in the Flow.

In addition, there are options to return only the request body or include authentication information in the Step's output.

Authentication settings

To enable authentication, turn on the Use authentication for requests toggle and follow these steps:

  1. In the Authentication methods list, select at least one method.
  2. For each authentication method (where applicable), select the collection where the credentials are stored.
  3. Optional: Go to the Authentication errors section and configure authentication error messages.
  4. Optional: If you use OneReach flow or user tokens, go to the OneReach token restrictions section and set specific rules for authenticated Flow.

If the HTTP request does not contain correct authentication data in its header, the Flow proceeds down the unauthenticated exit.

Note: To authenticate access credentials, you can also use the Authenticate Access Credentials Step, which provides similar authentication features.

Authentication methods

Here are the available authentication methods:

  • Username and password: Uses to Basic HTTP authentication scheme that transmits credentials as username/password pairs encoded with Base64 (to learn more, see RFC 7617).
  • Bearer token: Uses Bearer HTTP authentication scheme with security tokens known as bearer tokens (to learn more, see RFC 6750).
  • OneReach flow token: A bearer token generated by OneReach, specifically designed to authenticate a particular Flow.
  • OneReach user token: A bearer token generated by OneReach, intended to authenticate a OneReach user.

Warning: OneReach tokens not only identify the user but also contain permissions to act on behalf of that user. To prevent unauthorized actions within your system, handle these tokens carefully.

OneReach token restrictions

In this section, you can specify the restrictions for OneReach tokens. All restrictions are optional. With their help, you can do the following:

  • Restrict users to specific account IDs.
  • Restrict users to specific user IDs (for OneReach user token only).
  • Set the minimum role level (guest, user, admin, or super admin).

Caution: If you select both OneReach flow token and OneReach user token authentication methods, the Step applies token restrictions to both.

Authentication errors

In this section, you can customize authentication error messages for the following categories:

  • Invalid authentication
  • Not authenticated
  • Not authorized

Each category includes several specific errors with default messages that you can change to suit your needs. You can enter text manually or using a Merge field here.

Merge field settings

The Step returns the result as a JSON object and stores it under the Merge field name. To learn more about Merge fields and how to work with them, see our Merge fields guide.

Error Handling

By default, the Step handles errors using a separate exit. So if any error occurs during the Step execution, the Flow proceeds down the error exit. For more information, see Error and timeout handling.

Reporting

The Step automatically generates Reporting events during its execution, allowing for real-time tracking and analysis of its performance and user interactions. To learn more, see Reporting events

Service dependencies

  • flow builder v2.34.0
  • studio v3.71.0
  • bot deployer v2.22.4
  • library v2.18.4

Release notes

v2.2.4

  • Disable reporting for internal requests

v2.2.3

  • Add support for unprefixed OneReach flow and OneReach user tokens

v2.2.2

  • Add OneReach tokens restrictions
  • Add Authentication errors to customize messages for authentication errors
  • Replace text fields with dropdown lists for selecting credentials collection
  • Add extra hashing to the token storage method
  • Remove Advanced settings

v2.1.18

  • Change the default Flow session timeout from 30 seconds to 2 minutes
  • For the URL path customization field, prohibit uppercase letters
  • Fix an incorrect deployment URL for the Copy URL button

v2.1.17

  • Add PATCH HTTP method

v2.1.15

  • Add authentication
  • Make the Copy URL button work without Flow activation
  • Change validation for URL path customization - it must not start with the slash / character.
  • Populate the Output data structure field with the HTTP request by default