HTTP Request
Type key: http_request
Group: Integrations
Category: integration
Tier: CORE
The HTTP Request node sends HTTP requests to any external API or service. It supports all standard HTTP methods, multiple authentication types, custom headers, query parameters, and request bodies in various formats.
Credentials (optional)
If the target API requires authentication, create a credential first in Voodflow → Credentials and select it via credential_id. The node supports API Key, Bearer Token, Basic Auth, and OAuth2 credential types.
Handles
| Handle | Direction | Description |
|---|---|---|
input | Input | Receives data used for template resolution in URL, headers, and body |
output | Output | Emits the parsed response body |
Configuration
| Field | Type | Default | Description |
|---|---|---|---|
url | string | "" | The target URL; supports {{tags}} |
method | enum | GET | HTTP method: GET, POST, PUT, PATCH, DELETE, HEAD |
credential_id | integer | null | Reference to a stored Credential |
headers | array | [] | Custom HTTP headers (key-value pairs) |
query_params | array | [] | URL query parameters (key-value pairs) |
body_type | enum | json | Request body format: json, form, raw, input |
body_data | array/string | [] | Request body data |
timeout | integer | 30 | Request timeout in seconds |
response_type | enum | auto | Response parsing: auto, json, text, binary |
Authentication
The node resolves credentials in the following priority order:
- System Credential (via
credential_id) — recommended for production - Inline auth — configured directly in the node (for quick testing)
Supported Credential Types
| Type | HTTP Mechanism |
|---|---|
bearer_token / api_token | Authorization: Bearer <token> |
basic_auth | Authorization: Basic <base64(user:pass)> |
oauth2 | Authorization: Bearer <oauth_access_token> (auto-refreshed) |
api_key_header | Custom header (e.g. X-API-Key: <key>) |
api_key_query | Query parameter (e.g. ?api_key=<key>) |
Request Body Types
json
Body is serialized as JSON. Content-Type: application/json is set automatically.
{
"model": "llm-model",
"messages": [{ "role": "user", "content": "{{input.prompt}}" }]
}form
Body is URL-encoded form data. Content-Type: application/x-www-form-urlencoded.
input
The body is taken directly from an input field of the execution context (resolved via {{tags}}).
raw
Raw string body. Set Content-Type manually in headers.
Response Handling
| Mode | Behavior |
|---|---|
auto | Attempts JSON parse; falls back to raw text |
json | Strict JSON parse; fails if response is not valid JSON |
text | Returns raw response body as string |
binary | Returns base64-encoded binary data |
Output Format
Successful response:
{
"status": 200,
"headers": {
"content-type": "application/json",
"x-request-id": "abc123"
},
"body": {
"id": "chatcmpl-123",
"choices": [{ "message": { "content": "Hello!" } }]
}
}On HTTP error (4xx / 5xx), the node returns ExecutionResult::failure() with the status code and body — use a Catch node to handle these gracefully.
Template Support
The url, header values, and body fields all support {{tags}}:
URL: https://api.example.com/users/{{input.user_id}}/profile
Header: X-Tenant-ID: {{variables.tenant_id}}
Body: { "query": "{{input.search_term}}" }Examples
Call LLM Provider
URL: https://api.your-llm-provider.com/v1/chat/completions
Method: POST
Credential: LLM Provider (bearer_token)
Body Type: json
Body:
{
"model": "llm-model",
"temperature": 0.7,
"messages":
[
{ "role": "system", "content": "You are a helpful assistant." },
{ "role": "user", "content": "{{input.user_message}}" },
],
}Fetch User from REST API
URL: https://api.example.com/users/{{input.id}}
Method: GET
Credential: Example API (api_token)POST Form Data
URL: https://hooks.example.com/submit
Method: POST
Body Type: form
Body:
name: { { input.name } }
email: { { input.email } }Notes
- The node uses Laravel's
Httpfacade internally (powered by Guzzle) - SSL certificate verification is enabled by default; disable only in development via PHP Code node
- Timeouts default to 30 seconds; increase for slow AI or third-party APIs
- Response headers are always included in the output for downstream use (e.g. reading pagination headers)