HTTP
The HTTP app provides modules for communication based on the Hypertext Transfer Protocol (HTTP). HTTP is the fundamental component of data transfer for the World Wide Web. As the backbone of information exchange between web servers and clients, HTTP allows you to download web pages, access files, make API calls, and trigger webhooks.
Overview of the HTTP modules
Select a module of the HTTP app based on the authentication requirements of the resource you want to use. To use modules that require authentication, you have to create a connection first.
Make a request: universal module, best to use for resources that do not require authentication.
Make a Basic Auth request: for resources that require basic authentication.
Make an API key Auth request: for resources that require API key authentication.
Make an OAuth 2.0 request: for resources that require OAuth 2.0 authorization.
Make a Client Certificate Auth request: for resources that require client-side certificate authentication.
Get a file: download a file from the URL.
Resolve a target URL: retrieve the target URL from a chain of HTTP redirects.
Retrieve headers: to get headers from the HTTP request module in separate bundles.
Note
The module dialog fields that are displayed in bold (in the Makescenario, not in this documentation article) are mandatory!
Make a request
The Make a request module allows you to create an HTTP request and send it to a server. The output bundle contains the HTTP response.
Evaluate all states as errors (except for 2xx and 3xx) | Use the response status to detect errors. Otherwise, the module reports only Make related errors (like mapping errors or missing required values). | ||||||
URL | Enter the request URL. | ||||||
Serialize URL | Encodes the API call URL with the URL encoding (encoding special characters for example). | ||||||
Method | Select the HTTP method you want to use:
| ||||||
Headers | Enter request headers. For example, the response content type. CautionThe HTTP app requests do not have the Accept header. If the HTTP request returns an unexpected response, try adding the ![]() | ||||||
Query String | Enter the query key-value pairs. | ||||||
Body type | HTTP
| ||||||
Parse response | Enable to parse HTTP responses into bundles. With this option, you don't need to add the Parse JSON or Parse XML modules. Otherwise, the HTTP module returns the raw response data. Before you can use parsed JSON or XML content, run the module once manually so that the module can recognize the response content and allow you to map it in subsequent modules. ![]() | ||||||
User name | Enter the user name to send the request with the basic auth. | ||||||
Password | Enter the password to send the request with the basic auth. | ||||||
Timeout | Specify the request timeout in seconds (1-300). Default: 40 seconds. | ||||||
Share cookies with other HTTP modules | Enable to share cookies from the server with all HTTP modules in your scenario. | ||||||
Self-signed certificate | Upload your certificate if you want to use TLS using your self-signed certificate. | ||||||
Reject connections that use unverified (self-signed) certificates | Enable to reject connections that use unverified TLS certificates. | ||||||
Follow redirect | Enable to follow URL redirects that return 3xx response statuses. | ||||||
Follow all redirect | Enable to follow URL redirects regardless of response statuses. | ||||||
Disable serialization of multiple same query string keys as arrays | Make handles multiple values for the same URL query string parameter key as arrays (e.g., | ||||||
Request compressed content | Enable to request compression of the response data. Adds the |
Example HTTP request with the Make a request module
Check the following screenshot to see how to set up the Make a request module to send a POST
request with the body
in the JSON data format:

To make sure your JSON is valid, use a JSON validator (for example: https://jsonlint.com/) or use a Create JSON module to create the JSON.

Caution
Be careful when combining JSON data with mapping variables or function directly in the Request content field. Mixing JSON with mapping can lead to an invalid JSON structure.
Make a Basic Auth request
The Make a Basic Auth request module allows you to send an HTTP request with the basic authentication. The output bundle contains the HTTP response.
Credentials | Click Add to add your credentials (user name and password) for basic authentication. | ||||||
Evaluate all states as errors (except for 2xx and 3xx) | Use the response status to detect errors. Otherwise, the module reports only Make related errors (like mapping errors or missing required values). | ||||||
URL | Enter the request URL. | ||||||
Serialize URL | Encodes the API call URL with the URL encoding (encoding special characters for example). | ||||||
Method | Select the HTTP method you want to use:
| ||||||
Headers | Enter request headers. For example, the response content type. CautionThe HTTP app requests do not have the Accept header. If the HTTP request returns an unexpected response, try adding the ![]() | ||||||
Query String | Enter the query key-value pairs. | ||||||
Body type | HTTP
| ||||||
Parse response | Enable to parse HTTP responses into bundles. With this option, you don't need to add the Parse JSON or Parse XML modules. Otherwise, the HTTP module returns the raw response data. Before you can use parsed JSON or XML content, run the module once manually so that the module can recognize the response content and allow you to map it in subsequent modules. ![]() | ||||||
Timeout | Specify the request timeout in seconds (1-300). Default: 40 seconds. | ||||||
Share cookies with other HTTP modules | Enable to share cookies from the server with all HTTP modules in your scenario. | ||||||
Self-signed certificate | Upload your certificate if you want to use TLS using your self-signed certificate. | ||||||
Reject connections that use unverified (self-signed) certificates | Enable to reject connections that use unverified TLS certificates. | ||||||
Follow redirect | Enable to follow URL redirects that return 3xx response statuses. | ||||||
Follow all redirect | Enable to follow URL redirects regardless of response statuses. | ||||||
Disable serialization of multiple same query string keys as arrays | Make handles multiple values for the same URL query string parameter key as arrays (e.g., | ||||||
Request compressed content | Enable to request compression of the response data. Adds the |
Make an API key Auth request
The Make an API key Auth request module allows you to send API calls to services that require API key authorization. The module also supports "Bearer" authorization.
The output bundle contains the HTTP response.
Create an API key connection for the Make an API key Auth request module
Check out the following example if you want to set up a connection for the Make an API key Auth request module:
In the Make an API key Auth request module settings, click the Add button. The Add a new keychain window pops up.
Fill in:
Name: The label for your API key connection.
Key: The API key to authorize the HTTP calls. If the API uses "Bearer" or "Token" authorization, add the word before the API key.
Example:
Bearer 1234-5678-abcd-efgh
Note
You can use the eye icon at the edge of the box to reveal the API key and the text you add to it. If you do, make sure that you are the only one viewing the content.
API key placement: Select if you want the authorization in the request header or query string.
API key parameter name: The name of the parameter that contains the API key.
Click Create to create the connection.
You created an API key connection. You can now use the connection in the Make an API key Auth request module.
Make an OAuth 2.0 request
In order to make HTTP(S) requests that require an OAuth 2.0 authorization, you need to create an OAuth connection first.
Create an OAuth 2.0 Connection
Create an OAuth client in the service that you want to connect with Make. Creating the OAuth client is usually available in the "Developer" section of the service settings. When creating the client, you will have to specify a
Redirect URL
(sometimes called aCallback URL
).Use the following Redirect URL:
https://www.integromat.com/oauth/cb/oauth2
https://auth.redirect.celonis.cloud/oauth/cb/oauth2
.OAuth redirect URI domain
Notice that the redirect URI starts with
https://www.integromat.com
instead ofhttps://www.make.com
. This is currently a known issue in Make.Make was formerly called Integromat, which means you can trust this URL as much as any Make URL.
Please make sure all your OAuth redirect URIs point to
https://www.integromat.com/oauth/cb/oauth2
.Once you have created the client in the 3rd party service, the given service will display two keys:
Client ID
Client Secret
Note
Some services call these
App Key
andApp Secret
.
Make sure you save these keys. You will be asked to provide them when creating the connection in Make.
Check the
Authorize URI
andToken URI
in the documentation of the service (if the service uses implicit flow, you will need onlyAuthorize URI
). These are URL addresses through which Make communicates with the service. The addresses are used also for OAuth authorization.Example of Yahoo addresses:
Authorize URI:
https://api.login.yahoo.com/oauth2/request_auth
Token URI:
https://api.login.yahoo.com/oauth2/get_token
In Make, click the Add button to create an OAuth 2.0 connection.
Fill in:
Connection name: Name of the connection.
Flow type:
Authorization Code: Enter Authorize URI and Token URI from the service's API documentation.
Implicit: Enter Authorize URI from the service's API documentation.
Scope: Your connection API scopes. Check the service API documentation for the list of API scopes.
Scope separator: Character which separates the list of scopes.
Client ID and Client Secret: Provided by the service.
Click Save to create the OAuth 2.0 connection.
You have created an OAuth 2.0 connection. Now you can use the connection in the Make an OAuth 2.0 request module.
Note
Check the OAuth 2.0 connection options reference table below if you need to configure more parameters for your OAuth 2.0 connection.
Connection name | Enter the name of the connection. |
Flow type | Select the flow for obtaining tokens:
|
Scope | Add the API scopes for your connection. Check the service API documentation for the list of API scopes. |
Scope separator | Select the separator for the list of scopes you entered above. Check the service API documentation for the format of the list of scopes. If the separator is not set correctly, Make will be unable to create the connection, and you will receive an invalid scope error. |
Client ID | Enter the Client ID. You get the Client ID when you create an OAuth client in the service. |
Client Secret | Enter the Client Secret. You get the Client Secret when you create an OAuth client in the service. |
Authorize parameters | Enter additional authorization request parameters as a key-value pairs. Standard parameters:
|
Access token parameters | Enter additional access token request parameters as key-value pairs. Standard parameters:
|
Refresh token parameters | Enter the additional refresh token request parameters as key-value pairs. Standard parameters:
|
Custom Headers | Specify any custom headers to send in the request. |
Token placement | Select whether to send the token in the |
Header token name | Enter the name of the authorization token in the header. Default: |
Query string parameter name | Enter the name of the authorization token in the query string. Default: |
Module settings reference:
Make a client certificate authentication request
Sends an HTTP(S) request to services that require a client certificate authorization.
Get a file
Downloads a file from a URL.
URL | Enter the URL of the file you want to download. You can use the file (map the file data) in other modules in the scenario. |
Resolve a target URL
Enter the URL you want to resolve. The output bundle contains the link to which the original URL redirects in the location
response header.
This module helps you to get a direct URL to a resource instead of a redirect URL. For example, links for sharing files in storage services like Dropbox redirect you before you reach the target file. The module navigates through the redirect chain and returns the target URL.
URL | Enter the URL you want to resolve. |
Method | Select the method you want to use. |
Retrieve Headers
Returns each header (name and value) from the specified HTTP module in a separate bundle.
Source Module | Select the module you want to retrieve headers from. |
How to generate JSON Web Tokens (JWT)
You can generate JWT tokens using the HS256 algorithm with built-in functions:
Header:

Code for copy & paste:
{{replace(replace(replace(base64("{""alg"":""HS256"",""typ"":""JWT""}"); "/=/g"; emptystring); "/\+/g"; "-"); "/\//g"; "_")}}
Payload:

Code for copy & paste:
{{replace(replace(replace(base64("{""iss"":""key"",""exp"":" + (timestamp + 60) + "}"); "/=/g"; emptystring); "/\+/g"; "-"); "/\//g"; "_")}}
Token:

Code for copy & paste:
{{11.header}}.{{12.payload}}.{{replace(replace(replace(sha256(11.header + "." + 12.payload; "base64"; 16.secret); "/=/g"; emptystring); "/\+/g"; "-"); "/\//g"; "_")}}