API Endpoint Flows
API Endpoint Flows are Flows that can be triggered from an outside source. Unlike Flows that start with events associated with an application, these Flows can be triggered at any time, so long as the client is hitting the appropriate endpoint with the appropriate security setting.
The client calling the endpoint causes the Flow to execute and the client receives back the output of that execution of the Flow.
You can expose this API endpoint in three ways, with varying levels of security. From most secure to least secure, they are:
Exposed as a Secure Endpoint
- A Flow exposed at this security level will only be able to be accessed with a full Azuqua signature (description found here) using your access key and secret. To find your access key and secret, go to “Account Settings” in the upper right, and select “Developer”.
Exposed as a Webhook
- A Flow exposed at this security level will only be able to be accessed if the client making an invoke/resume/retry request is passing along the proper client token along with the proper invoke URL (which includes a Flow alias). For more information about the client token, see “What’s a client token?” below. For more information about the Flow alias, see “What’s an alias?” below.
Exposed as a Public Service
- A Flow exposed at this security level will be available to anyone with the invoke URL. This invoke URL is built off of the Flow alias. For more information about the Flow alias, see “What’s an alias?” below.
The API Endpoint by default is exposed in the most secure way, but may be changed in the API settings menu.
Once you’ve decided how you want your API Endpoint to be properly exposed, you may then invoke the Flow. For more information on invoking the Flow, see “How to invoke a Flow” below.
You may also use these API Endpoint settings to change how someone may resume a paused Flow. For more information on that, see “How to resume a Flow” below.