App APIs
Create an API that allows your applications to process incoming HTTP requests
Sometimes you need to interact with your Application or its data outside of Airkit. Application APIs are a way to build custom API endpoints and interact with Airkit from external systems, leveraging the available data operations to create Journeys, modify existing Journeys, validate data, or even read data from AirData.
What is an App API?
An App API is a powerful method for integrating Airkit with other applications and services. It is how you can create a custom REST endpoints that are defined by you, through the use of combining and adding data operations together. With App APIs, you are able to create either a GET request or a POST request and can also configure your endpoint path, path parameters, and query parameters.
For a guide on how to build an App API, see Building an App API.
Securing App APIs
If the App API requires Authentication and should not be publicly available, a token must be created. The API token that gets generated is a JWT token. For this you will need an API key that can be generated from the Console (API > Tokens):
API Keys
Make sure to safely store the generated token at that moment since it will not be retrievable after the window is closed. If the API key is lost, you can delete the API key and create a new one.
Once the token has been created in the Console, go to Settings and add the API Key in API Key Filtering.
This will make it appear under Authentication in Triggers > App APIs .
Making a request to a Secure API
If you want to make an HTTP request to an App API that requires Authentication, this requires the request to include the token in the request header.
In the headers of the request, add:
Authorization: Bearer <Your API token>
API Tokens and Environments
Upon creation, the token needs to be assigned an environment in multi-environment organizations. This would then make the API Token only accessible to developers who have access to the corresponding environment. For example, if a developer created an API token in the development environment, then that API Token can only be used for an API created in the development environment.
For more information see Environments.
Redirects
When using an App API to redirect to a URL it is recommended to use the 302
response status code instead of 301
. 301
s are cached by the browser which may result in unintended behavior.
Accessible Data from App API
The following is a sample payload of data that is accessible when you trigger an App API. This data can be passed to a journey and used across your application.
{
"fqdn": "app.airkit.com",
"pathMapping": {
"test": "foo"
},
"queryParams": {
"queryParam": "bar"
},
"header": {
"user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36",
"accept-encoding": "gzip, deflate",
"accept": "*/*",
"x-forwarded-for": "206.189.180.4"
},
"host": "www.domain.com",
"httpVersion": "1.1",
"cookies": {
"name": "value"
}
}
Limits
Payload Limits
Data passed as a request payload for App APIs have a maximum size of 5mb.
Updated about 2 years ago
Interested in integrating other systems with Airkit and triggering off a journey with an HTTP request? Check out the tutorial below.