API Connections in Code

Overview

The rule logic you define will run on your end user's browser. You may want certain network requests in your rule logic to be performed from Feathery's servers instead for security reasons, such as hiding authorization information from the user. To do so, you can leverage API connectors, which allow you to run API requests securely from Feathery's servers.

To create a connector, go to API Connectors on the Logic page and define the API you would like your rule to use. You need to define the method (ex: get, post), and any headers or query parameters you'd like to automatically include for all requests to that endpoint.

Any data you define in the headers or query parameters (such as sensitive API keys) will not be exposed client side to people filling your form.

After defining the API you want to use, you will be asked to map the response. If you intend to use our Javascript editor to make the API calls, then you can skip this step by pressing the "Skip" button. If you want to use our no-code API connectors feature (which is what this screen below is for), click here for relevant documentation.

Then, go to your rule code and make a network request to the API connector via the feathery.http interface. Allowed methods include get, patch, post, put, and delete. See example below. By defining the API connector, it will automatically pass in the relevant authentication header needed in a secure manner.

Usage

You can use the feathery.http interface in the following way in your logic rules:feathery.http.<method>(<url>, <data>, <headers>)

• data is the request body, which you should pass in an Object or Array format.

  • For example, {email: <email>, name: <name>}

• headers are additional headers you'd like to pass in an Object format.

  • For example, {Authorization: 'Bearer <token>', 'Accept-Encoding': 'gzip'}

Every allowed method has the same interface.

For get requests, make sure to append query and URL parameters directly to the URL rather than attempting to set it via data, which is only used for the request body.

Note that for write requests, only application/json types are supported currently. To use other request types like multipart/form-data, you should call fetch from your rule directly.

IP Address Whitelist

All API connector requests originate from the static IP address 54.177.134.134. You may whitelist this IP address to improve the security of your endpoint that's receiving Feathery API connector requests.

Variables

When defining and using your connectors, you may also have access to backend environment variables such as authentication tokens. You may define these via double curly braces in either the API connector headers or the url being passed into the feathery.http interface.

Variables that you have access to include:

• {{feathery_user_id}} - the unique ID of the current submission / form end-user

• {{feathery_auth_email}} - the authenticated email address of your current user, if an auth integration like Stytch or Firebase is turned on

• {{salesforce_token}} - your Salesforce integration auth token, if active

• {{hubspot_token}} - your Hubspot integration auth token, if active

• {{<integration>_token}} - access the auth token of any integration you have active

Example

You're looking to fetch a list of dog breeds via https://dog.ceo/api/breeds/list/all from Feathery's servers. First, create the API connector.

Then, use the feathery.http interface to access the API connector from your logic rule.