HTTP Requests

Workflow Automation is not supported for your selected Datadog site ().

Use the Make request action to make a custom request to an HTTP endpoint. You can control the request method and its contents, how it is authenticated and processed, and how it should respond to scenarios like expired certificates or redirects. If you need to add Datadog IP address ranges to your allowlist so that the HTTP action works as expected, use the IPs listed in the webhooks object. See the IP Ranges API for details.

To add an HTTP Request:

  • In a new workflow, click Add step and search for Make request. Select the Make request action to add it to your workflow.
  • In an existing workflow, click + and search for Make request. Select the Make request action to add it to your workflow.

Specify the request method and any necessary authentication. Read the sections below for further information about the available configuration options. Optionally, the request can wait on conditions that you specify in the Conditional wait section, and retry at a given interval if the condition is not satisfied.

Authentication

If you need to authenticate your request, use the action’s Connection to configure the authentication method. You can either select a preconfigured connection from the dropdown, or create a connection.

Create an AWS connection

  1. In the Connection section, click the plus icon (+).
  2. Select AWS.
  3. Enter a Connection Name, Account ID, and AWS Role Name.
  4. Click Create.

Create an Azure connection

  1. In the Connection section, click the plus icon (+).
  2. Select Azure.
  3. Enter a Connection Name, Tenant ID, Client ID, and Client Secret.
  4. Optionally, enter the Custom Scope to be requested from Microsoft when acquiring an OAuth 2 access token. A resource’s scope is constructed using the identifier URI for the resource and .default, separated by a forward slash (/). For example, {identifierURI}/.default. For more information, see the Microsoft documentation on .default scope.
  5. Click Create.

Create an HTTP token authentication connection

The Token Auth connection uses a bearer token to authenticate the HTTP request.

  1. In the Connection section, click the plus icon (+).
  2. Select HTTP.
  3. Enter a Connection Name.
  4. Enter the Base URL for authentication.
  5. From the Authentication Type dropdown, select Token Auth.
  6. Enter a Token Name and Token Value. You can enter multiple tokens. To reference your token in a header, parameter, or the request body, use the syntax {{ secretTokenName }}.
  7. Optionally, add additional Request Headers, URL parameters and a Body to your request.
  8. Click Create.

Create an HTTP basic authentication connection

The Basic Auth connection uses an authorization header with a username and password to authenticate the HTTP request.

  1. In the Connection section, click the plus icon (+).
  2. Select HTTP.
  3. Enter a Connection Name.
  4. Enter the Base URL for authentication.
  5. From the Authentication Type dropdown, select Basic Auth.
  6. Enter a Username and Password. The required authorization request header is automatically populated using your username and password.
  7. Click Create.

Create a 2 Step HTTP authentication connection

The HTTP 2 step connection allows you to make a preliminary request to retrieve an access token with which to authenticate the HTTP request. This is useful for authenticating JSON Web Token (JWT) and OAuth applications.

  1. In the Connection section, click the plus icon (+).
  2. Select HTTP.
  3. Enter a Connection Name.
  4. Enter the Base URL for authentication.
  5. From the Authentication Type dropdown, select 2 Step Auth.

Configure the preliminary access token query:

  1. From the Secret Type dropdown, select Token Auth.
  2. Enter a Token Name and Token Value
  3. Enter the Request URL and specify the type of request as either GET or POST.
  4. Optionally, add additional Request Headers, URL parameters and a Body to the request.

Get the access token from the response:

  1. Under Variable Path to Access Token, enter the path to the access token in the response. This is the path through which your access token is returned after making the authentication call. For example, if the access token is returned as the body of the access request, use body. If the access token is returned in a property called token of the response body, use body.token. Paths are case sensitive.
  2. Optionally, enter a Refresh Interval. This is the duration until the access token expires, specified in seconds. When the token expires, the connection automatically requests a new access token. Setting an interval of 0 disables token refresh.

Use your retrieved token to authenticate your connection:

  1. Under Request Detail, enter Request Headers, URL parameters and a Body to complete your request using the retrieved access token.
  2. Click Create.

Configure the preliminary authentication query:

  1. From the Secret Type dropdown, select Basic Auth.
  2. Enter a Username and Password. The Request Headers section is automatically populated using your username and password.

Configure the authentication request:

  1. Enter the Request URL and specify the type of request as either GET or POST.
  2. Optionally, add additional Request Headers, URL parameters and a Body to the request.

Get the access token from the response:

  1. Under Variable Path to Access Token, enter the path to the access token in the response. This is the path through which your access token is returned after making the authentication call. For example, if the access token is returned as the body of the access request, use body. If the access token is returned in a property called token of the response body, use body.token. Paths are case sensitive.
  2. Optionally, enter a Refresh Interval. This is the duration until the access token expires, specified in seconds. When the token expires, the connection automatically requests a new access token. Setting an interval of 0 disables token refresh.

Use your retrieved token to authenticate your connection:

  1. Under Request Detail, enter Request Headers, URL parameters and a Body to complete your request using the retrieved access token.
  2. Click Create.

Create an HTTP mTLS connection

The Mutual TLS (mTLS) Auth connection allows you to use a private key and TLS certificate to authenticate the HTTP request.

The client certificate (.crt, .pem) and private key (.key, .pem) must use the PEM format.
  1. In the Connection section, click the plus icon (+).
  2. Select HTTP.
  3. Enter a Connection Name.
  4. Enter the Base URL for authentication.
  5. From the Authentication Type dropdown, select mTLS Auth.
  6. Click Upload File to upload your Private Key.
  7. Click Upload File to upload your Certificate.
  8. Click Create.

Inputs

A URL and request method are required for your request. Optionally, you can enter:

  • URL parameters
  • headers
  • the content type
  • a request body
  • cookies

You can also select whether you want to allow expired certificates, or follow redirects.

Response options

Under Error on Status, enter a comma-delineated list of any status codes on which to return an error. Use the Response Parsing dropdown to override the default response parsing method inferred from the headers, and Response Encoding if the target server specifies the wrong encoding in its response headers.

Private actions

Join the Preview!

Private Actions are in Preview. Use this form to request access today.

Request Access

You can use a private HTTP action to interact with services hosted on your private network without exposing your services to the public internet. Private actions make use of a private action runner which you install on a host in your network using Docker and pair with a Datadog Connection. For more information, see Private Actions.

To configure a private HTTP request:

  1. Add an HTTP action to your app.

  2. In the Connection section, click the plus icon (+).

  3. Select HTTP.

  4. Enter a Connection Name.

  5. Enter the Base URL for the host in your private network.

  6. For Type, ensure that Private Action Runner is selected.

  7. From the Private Action Runner dropdown, select your private action runner.

  8. From the Authentication Type dropdown, select an Authentication type and fill in the required fields. Private HTTP requests support the following authentication types:

    For information on configuring credentials for Token authentication, see Handling Private Action Credentials.

  9. Click Next, Confirm Access and configure access to the query.

  10. Click Create.

Further reading

Additional helpful documentation, links, and articles:


Do you have questions or feedback? Join the #workflows channel on the Datadog Community Slack.

PREVIEWING: Cyril-Bouchiat/add-vm-package-explorer-doc