The Hypertext Transfer Protocol (HTTP) is a request/response network protocol that enables clients and servers to communicate. A client typically submits HTTP requests to a server that hosts a service; for example, a server that provides a resource such as an API with a publicly exposed HTTP endpoint, a website with static content, or a web application with dynamic content and an associated database. On receipt, the HTTP server processes the request and returns a response.

You can use App Connect to pass key data from an app into an HTTP “invoke” action that calls out to an HTTP endpoint, and then pass data returned from the HTTP response into other apps – automatically, in real time. You can do so using configuration and data mapping techniques (without any need for coding), and can achieve a return on your investment in minutes or hours, rather than days or months.

This guide shows you how.

If you can’t find what you want, or have comments about the “how to” information, please either add comments to the bottom of this page or .

A business scenario

The challenge

Let’s say your company plans to host a week-long outdoor event, with anticipated attendance figures that run into the thousands. You’ve set up the event in your ticketing app so potential attendees can book tickets. When each attendee registers, you’d like to send them an email with additional details about the event. And because the event is outdoors, it would be a nice touch to help the attendees “dress for the weather” by including a weather forecast for each day booked. But, you’ve got a lot going on and you’re hoping there’s a quick-and-easy way to ensure each attendee receives the relevant forecast.

How App Connect can help

Use App Connect to set up a flow that queries the Weather API, and then uses the response to add details about the weather forecast to generated emails whenever an attendee registers for your event. By automating this process, you’ll free up time to spend doing what really matters – organizing a top-notch event that your attendees will be raving about for years!

What should I consider first?

Before you use App Connect Designer with an HTTP invoke method, take note of the following considerations:

  • If the HTTP server is in a private network (for example, behind a firewall in an on-premises location or in a private cloud), you’ll need to set up a gateway that App Connect will use to securely access the HTTP server. You can use a natively installed IBM Secure Gateway Client to set up the required network connection for making a call to the protected endpoint.

    If you’ve previously used the Secure Gateway Client to set up a network connection for an App Connect application that is on the same private network as the HTTP server, you can use this network connection to access the HTTP endpoint. If you don’t have such a network connection in place, configure one as described in Configuring a private network for IBM App Connect on IBM Cloud. Also ensure that the HTTP server’s host and port are defined in the Secure Gateway Client’s access control list.

  • To create an integration flow that passes key data between an HTTP server and other apps, you must connect App Connect to each app in the flow. The values required to connect App Connect to your HTTP server are dependent on the type of security scheme configured for the endpoint, and whether the endpoint is publicly available or private. You can add an account for connecting to the HTTP endpoint either from the Applications tab on the App Connect Catalog page, or when you add an HTTP node to a flow in the flow editor.

    Connecting to an un-authenticated public endpoint

    If the endpoint is publicly available and requires no authentication, you don’t need to specify any connection details. When you click the Connect button for HTTP from the Applications tab on the Catalog page or from the flow editor, you can leave the connection fields blank and simply click Connect again. (In the flow editor, you’ll use the fields for the HTTP “Invoke method” action to specify the URL and other configuration options for calling the HTTP endpoint.)

    Connecting to a secure endpoint

    If the HTTP endpoint requires authentication or is on a private network, specify the required connection details:

    • If the endpoint is secured using basic authentication, complete both of these fields to establish a connection:
      • User name: Specify the name of a user that is authorized to perform HTTP operations.
      • Password: Specify a password for the user.

        Note: If you are using basic authentication that requires a user name with an API key as the password, specify the API key in the Password field.

    • If the endpoint requires an API key whenever a request is made (for example, to authenticate API calls, monitor usage, or apply permissions), complete all of these fields:
      • API key: Specify an API key that will be used to validate the HTTP request.
      • API key location: Specify where the API key should be stored in the request:
        • Select header to pass the API key in the request header.
        • Select body URL encoded to pass the API key in the request body, in a URL-encoded format.
      • API key name: Specify which header or body parameter will be used to store the API key. If necessary, check your API documentation for this parameter name.

      Take note of the following considerations:

      • If you select body URL encoded as the API key location, the following rules apply:
        • The media type in the header is automatically set to content-type: application/x-www-form-urlencoded, and it will override any Content-Type header that you set in your HTTP node. This setting indicates that the request body should be formatted as a query string of key/value pairs with an ampersand (&) separator, and encoded special characters; for example, field1=value1&field2=value2&field3=value3. Be aware that the Request body value in the HTTP node will not be inspected to check whether it’s properly formatted into a URL-encoded string.
        • The API key name and API key are appended to the request body using this format: &apikeyname=apikeyvalue.
      • In your HTTP node, if you add a Request headers field with a name that’s identical to the API key name value that was configured to be passed in a request header, the header in the connection fields takes priority.
    • If the endpoint is on a private network, complete both of these fields to establish a connection through the IBM Secure Gateway Client:
      • Override the HTTP endpoint host name and port of the URL used in the flow: Specify the protocol, host name or IP address, and the port number of the HTTP server in the format http://host:port or https://host:port.
        • How it works

          This protocol, host, and port are used to define a destination for the endpoint, within the Secure Gateway service on IBM Cloud. A corresponding cloud host and port, which are required in order to connect to the protected endpoint, are also generated for the destination. When you create and run a flow, the value specified within the URL (fully qualified) field in the HTTP node will be updated with the cloud host and port that were generated for the destination. This enables the HTTP request to be routed through the Secure Gateway, to the endpoint defined in the override URL.

      • Network name: Specify the name of the network that was configured using the Secure Gateway Client.

        Important: Before you connect the account, ensure that the Secure Gateway Client has been started. If you need to, you can start the Secure Gateway Client as described in Configuring a private network for App Connect Designer: Finally, start and configure the Secure Gateway Client.

    • Example of completed fields for connecting using basic authentication and an API key

      Example of HTTP connection details for basic authentication and an API key

    • Example of completed fields for connecting to a private network

      Example of HTTP connection details for connecting to a private network

    Connecting to an endpoint by using an override URL
    If you want to specify a URL value that can be used to override the protocol, host, and port in the HTTP endpoint URL being called, complete the Override the HTTP endpoint host name and port of the URL used in the flow field (and leave the Network name field blank). The override URL can be specified in either of these formats: http://host:port or https://host:port. This setting enables you to use the same flow to call different endpoints by setting up multiple accounts with different override URLs.

    • How it works

      At run time, the protocol, host, and port segment of the URL specified within the URL (fully qualified) field in the HTTP node is overwritten with the override URL. For example, if the override URL for account 1 is https://testAPIhost:testPort and the URL (fully qualified) value in the HTTP node is https://APIhost:optionalPort/path?query, at run time, the URL (fully qualified) value is replaced with https://testAPIhost:testPort/path?query. Similarly, running the same (exported) flow using another account with an override URL of https://productionAPIhost:productionPort will convert the URL (fully qualified) value to https://productionAPIhost:productionPort/path?query.

      Override URL example

    Tip: Immediately after you connect, rename your account with a meaningful name that helps you identify which HTTP endpoint and credentials the account relates to. You’ll find this useful if you’d like to set up multiple accounts that enable access to multiple endpoints with varying security credentials. You can rename an account only from the Applications tab on the Catalog page, and before it’s used in a flow. For information about renaming accounts and setting up multiple accounts, see Managing accounts in App Connect.

  • For the “Invoke method” action:
    • The supported HTTP methods are: GET, POST, PUT, PATCH, DELETE, and HEAD.
    • The HTTP and HTTPS transports are supported, and the URL that you specify must be fully qualified.


      The URL can also contain mapped fields from previous nodes in the flow. The following example shows a Postal/Zip Code mapped field that was inserted using Insert a reference Insert a reference icon:

      HTTP URL field showing a combination of text and mapped fields

      Note: If you specified an override URL when connecting to the HTTP account, the protocol, host name, and port that you specify in the URL (fully qualified) field will be replaced with your override settings when the flow runs.

    • Request headers (if required to define additional operating parameters) can be specified as data properties (with a name and String data type) or as a JSON object that consists of comma-separated name/value pairs.
      • To specify request headers as data properties:
        1. Click Add property to define each property with a data type of String.

          Adding properties for request headers

        2. Click Edit mappings to expose these properties as fields and then specify their values. (To add or remove properties, you can click Edit properties.)

          Request headers properties exposed as fields

          To update the name of a defined property, you must ensure that the associated field is empty before you click Edit properties. For more information about specifying data properties, see Defining your own data properties.

      • To specify request headers as JSON (for example {"Accept": "application/json", "Content-Type": "application/json"}), click Map to object and then enter the JSON.

        Request headers field with JSON specified

        If you’ve already defined one or more property fields under the Request headers heading, but would prefer to use JSON instead, you must delete those properties and then click Map to object to display a Request headers field that you can type into.

    • Optionally implement your own error handling within the flow by indicating whether the flow should continue if something unexpected occurs. Set Continue flow (non-2xx) to true to continue running the flow if a status code other than 2xx (Success) is returned by the HTTP call.

      Continue flow (non-2xx) field for the Invoke method action

      If set to false (the default), flow processing stops when a non-2xx status code is issued.

    • A maximum of three attempts are made to call the HTTP server, with a five-second delay between retries. A flow will typically time out after 60 seconds.

Ways of processing the HTTP response

The response from an HTTP invoke method is returned in a format supported by the endpoint – for example, JavaScript Object Notation (JSON), XML, or CSV format – and is passed as a string. To map the response headers and response body in a subsequent action in your flow, you’ll need to use one of the built-in parsers in App Connect to convert the string into an object that represents the string. For example, if the response is in JSON format, you can use the JSON parser to convert the JSON string into a JSON object. You can map to the response by selecting either Response headers​ or Response body​ (as appropriate) under HTTP / Invoke method in the list of available inputs.

Response mappings in the list of available inputs

For more information about using the App Connect parsers which are available in the toolbox, see:

Troubleshooting tips

If you observe network errors for an HTTP invoke action in your flow, the cause might be related to connectivity or security issues. Use these tips to help with error resolution:

  • Verify that the network is available and that the HTTP server can be reached. For example, the error might be due to a network timeout.
  • If your HTTP account is configured to make requests through a Secure Gateway Client, ensure that the Secure Gateway Client is correctly configured to allow access to the HTTP endpoint’s host and port, and that it is running. For more information, see Configuring a private network for IBM App Connect on IBM Cloud.
  • If you can successfully call out to the HTTP endpoint using a utility such as Postman, verify that your request header specifications in that utility are identical to those specified in the Request headers field of your HTTP node.
  • Investigate whether the issue is caused by SSL certificate errors. App Connect uses Transport Layer Security (TLS) to establish a secure communication channel to the HTTP endpoint, and will reject the certificate that a target server presents if issues are detected; for example, if it’s untrusted or expired, or has missing intermediate (or chain) certificates.

    If you can successfully call out to the HTTP endpoint using an external utility, check whether SSL certificate checking is enabled for that utility. If it isn’t, you can enable it and test the call again to see whether it passes.

  • To help you determine the cause of the error, ensure that the Continue flow (non-2xx) field is set to true and then map to the HTTP response status code in a subsequent node in the flow. For example:

    Selecting the HTTP status code response

    Then run the flow again and check to see which status code is returned.


Event-driven flow with a JSON Parser node

Create an event-driven flow that parses the response from an HTTP endpoint

Learn how to use App Connect Designer to create an event-driven flow that parses the response from an HTTP endpoint so that some of the data can be inserted into an email to recipients.

Join The Discussion

Your email address will not be published. Required fields are marked *