Configuration
Complete reference for all HTTP Request node properties, authentication modes, and advanced settings.
Node Identity
| Property | Value |
|---|---|
| Resource | http |
| Operation | request |
| Node Type | Integration / Action |
| Output Ports | success, error |
Configuration Properties
| Property | Type | Required | Description |
|---|---|---|---|
url |
string | Required | The full endpoint URL. Supports BizFirst expressions for dynamic URL construction, e.g. https://api.example.com/orders/{{ vars.order_id }}. |
method |
enum | Optional | HTTP verb. One of GET, POST, PUT, DELETE, PATCH, HEAD, OPTIONS. Default: GET. |
headers |
key-value map | Optional | HTTP request headers. Each key and value supports BizFirst expressions. Common headers like Content-Type and Accept can be set here. |
body |
string | Optional | The request body payload. Can be a raw JSON string, URL-encoded form string, or plain text. Supports expressions for dynamic content. Only used with POST, PUT, PATCH. |
body_type |
enum | Optional | Content type of the request body. One of json, form, raw. When set to json, sets Content-Type: application/json automatically. Default: json. |
query_params |
key-value map | Optional | URL query parameters appended to the URL. Keys and values support expressions. Handles URL encoding automatically. |
auth_type |
enum | Optional | Authentication mode. One of none, basic, bearer, api_key, custom. Default: none. |
auth_credentials |
object | Optional | Credential configuration. For basic: {username, password}. For bearer: {token}. For api_key: {key, header_name}. Reference a stored credential via {credential_id: "my-cred"}. |
timeout_ms |
integer | Optional | Maximum time in milliseconds to wait for a response. If the server does not respond within this window, the node routes to the error port with a timeout error. Default: 30000 (30 seconds). |
follow_redirects |
boolean | Optional | Whether to automatically follow HTTP 301/302/307/308 redirects. Default: true. Set to false when the redirect location itself is meaningful data. |
max_redirects |
integer | Optional | Maximum number of redirects to follow when follow_redirects is true. Default: 5. |
ssl_verify |
boolean | Optional | Verify SSL/TLS certificate validity. Default: true. Disable only for internal development environments with self-signed certificates. |
response_encoding |
string | Optional | Expected character encoding of the response body. Default: utf-8. Change if working with legacy systems that return other encodings. |
parse_response |
boolean | Optional | When true, automatically parse JSON response bodies into structured objects accessible via expressions. Default: true. |
Authentication Modes
| Mode | Description | Required Fields |
|---|---|---|
none |
No authentication. Used for public APIs and open webhooks. | — |
basic |
HTTP Basic Authentication. Encodes username:password as Base64 in the Authorization header. |
username, password |
bearer |
Bearer token authentication. Sends Authorization: Bearer <token>. Use for OAuth2 access tokens and JWT-based APIs. |
token |
api_key |
API Key sent as a custom header. The header name is configurable (e.g. X-API-Key, x-auth-token). |
key, header_name |
custom |
Manually construct any authentication scheme by setting headers directly in the headers map using expressions. |
— |
Expression Support
All string-valued configuration fields support BizFirst expressions using {{ }} syntax. Expressions are evaluated at runtime against the current workflow context, including:
{{ vars.field_name }}— Workflow variables set upstream{{ input.field }}— Trigger or parent node input data{{ env.API_BASE_URL }}— Environment configuration values{{ now() }}/{{ utcnow() }}— Runtime timestamps{{ base64(vars.secret) }}— Built-in encoding/hashing functions
Dynamic body example: You can construct a complete JSON body using an expression:
{{ json({ orderId: vars.order_id, amount: vars.total, currency: "USD" }) }}
Example: Authenticated POST Configuration
{
"url": "https://api.mycrm.com/v2/leads",
"method": "POST",
"auth_type": "bearer",
"auth_credentials": {
"credential_id": "crm-bearer-token"
},
"headers": {
"Content-Type": "application/json",
"X-Source": "bizfirst-workflow"
},
"body": {
"first_name": "{{ vars.lead_first_name }}",
"last_name": "{{ vars.lead_last_name }}",
"email": "{{ vars.lead_email }}",
"source": "web_form",
"created_at": "{{ utcnow() }}"
},
"timeout_ms": 15000,
"follow_redirects": true
}
Timeout guidance: Set
timeout_ms conservatively. Very long timeouts can block workflow execution threads. For non-critical calls, use a shorter timeout and handle errors in the error port branch.