Request Method

You should use the Request method to avoid exposing sensitive information, such as API keys or user credentials, when you make HTTP requests to third-party domains as agents will be able to inspect these values in a browser and access them. The other benefit is Cross-Origin Resource Sharing (CORS) support as requests are routed through a proxy.

Note:
1. All apps that make requests to third-party domains must use the Request method or they will not be published in Freshworks Marketplace.
2. The timeout for requests is six seconds.
3. There is a rate limit of 50 requests per minute per app per account.
4. In the response of a request call made using the Request API, the Content-Type header attribute specifies the response format. The accepted response formats are:
- application/json
- application/jsonp
- application/vnd.api+json
- application/xml
- text/plain
- text/html
- text/xml
- text/javascript

Take a look at the Request Freshdesk sample app for a demonstration of this feature. The same functionality is available in Freshteam.

Usage

The Request method should be defined in the server.js file by using the following syntax.

Copied Copy 
1
2
3
4
5
6
7
8
9
10
$request.get("URL", options)
  .then(
    function(data) {
      //handle "data"
      //"data" is a json string with status, headers, and response.
    },
    function(error) {
      //handle failure
    }
  );

The following table lists the parameters and their description.

PARAMETER DESCRIPTION
URL Is mandatory to make the Request method call.
options Is a JSON object and can include the following properties:
  • headers: HTTP Headers
  • body: Entity body, applicable for PATCH, POST, and PUT requests. Should be a string.
  • staticIP: A boolean value used to make requests with a static outgoing IP.
  • maxAttempts: The maximum number of times a request will try to retrieve a response if a network or 429/5xx HTTP error occurs. The maximum permissible value for this argument is 5.
  • retryDelay: The delay between retry requests, specified in milliseconds. The maximum permissible value for this argument is 1500 ms.
data Data received from the Request method if the request is successful.
error Message received from the request if an error is encountered.
Using Iparams

Iparams can be used in requests as part of the following:

  • Header
  • URL Copied Copy 
    1
    		https://passport-office.com/user?id=<%= iparam.passport %>
  • Body Copied Copy 
    1
    2
    3
    4
    5
    6
    7
    		$request.post("https://api.freshteam.com/agents", {
  headers: {
    Authorization: "Bearer <%= encode(iparam.freshteamApiToken) %>"
  },
  body: JSON.stringify({
    <valid JSON object>
});

Note:
Secure iparams can only be used in the request header. If secure iparams are present in the request body or URL, the fdk run command displays an error message Secure iparam cannot be used in request body or URL.

Sample Requests

For API requests that require authentication, you may need to encode the auth header in base64 format.

1. GET request with authentication Copied Copy 
1
2
3
4
5
6
7
8
9
10
11
var headers = {"Authorization": "Basic <%= encode(iparam.api_key) %>"};
  var options = { headers: headers };
  var url = "https://sample.crm.com/contacts/5.json";
  $request.get(url, options)
  .then (
  function(data) {
    console.log(data);
  },
  function(error) {
    console.log(error);
  });
EXPAND ↓

If the request is successful, data is returned in the following format. In case a network or 429/5xx HTTP error occurs, the app will retry the request a number of times to obtain the response. Here, attempts is the number of times after which the request has returned a response.

Copied Copy 
1
2
3
4
5
6
7
8
9
10
{
    "status" : 200,
    "headers":
    {
      "Content-Length": 20,
      "Content-Type": "application/json;charset=utf-8"
    },
    "response": "{ "Name": "Rachel"}",
    "attempts": 1
  }

If the request fails due to an error from the platform, an error response is returned in the following format.

Copied Copy 
1
2
3
4
5
6
7
8
9
10
{
    "status" : 502,
    "headers":
    {
      "Content-Type": "application/json;charset=utf-8"
    },
    "response": "Error in establishing the connection.",
    "attempts": 1,
    "errorSource": "PLATFORM"
  }

If the request fails due to an error from the app, the error response is returned in the following format.

Copied Copy 
1
2
3
4
5
6
7
8
9
10
{
    "status" : 400,
    "headers":
    {
      "Content-Type": "application/json;charset=utf-8"
    },
    "response": "This domain has not been whitelisted.",
    "attempts": 2
    "errorSource": "APP"
  }

2. GET request without authentication Copied Copy 
1
2
3
4
5
6
7
8
9
10
var options = {};
  var url = "https://httpbin.org/get?arg1=hello_world";
  $request.get(url, options)
  .then (
  function(data) {
    console.log(data);
  },
  function(error) {
    console.log(error);
  });

3. POST request with authentication Copied Copy 
1
2
3
4
5
6
7
8
9
10
11
var headers = {"Authorization": "Basic <%= encode(iparam.api_key) %>"};
  var options = { headers: headers, body: "Hello world"};
  var url = "https://sample.crm.com/contacts.json";
  $request.post(url, options)
  .then (
  function(data) {
    console.log(data);
  },
  function(error) {
    console.log(error);
  });
EXPAND ↓

OAuth Request

For information on how to make an OAuth request, see Usage in the OAuth section.

Testing

In the local testing of apps that use the Request Method to make third-party HTTP requests, you can specify a value for the request timeout.

To configure the request timeout to a suitable value, perform one of the following:
  • Use the REQUEST_TIMEOUT parameter along with the fdk run command as follows:
    Syntax REQUEST_TIMEOUT=<timeout in milliseconds> fdk run Example: REQUEST_TIMEOUT=10000 fdk run
  • Navigate to the .env file and add the following:
    export REQUEST_TIMEOUT=<timeout in milliseconds> Example: export REQUEST_TIMEOUT=10000
Minimum value for REQUEST_TIMEOUT: 5000
Maximum value for REQUEST_TIMEOUT: 10000
Notes:
  • If you specify a REQUEST_TIMEOUT value that breaches the min or max limits, the timeout is defaulted to the min or max value and a warning message is displayed.
  • If you don’t specify a value for REQUEST_TIMEOUT, the timeout value is 5 seconds.

For information on how to test an app that uses the Request API feature, see Test the App.

IP Ranges

Here is the list of IPs you must whitelist when using the Request method if IP whitelisting is enabled on the Freshteam Account or you wish to whitelist requests from your app.

Region IPs
United States 18.233.117.211 and 35.168.222.30
Europe-Central 18.197.138.225 and 52.57.69.21
India 13.232.159.149 and 13.233.170.242
Australia 13.211.182.225 and 52.63.187.64

Errors

In case of failure when making requests, a status code is displayed along with a message to help troubleshoot the issue.

An example of a status code and message is as follows.

Copied Copy 
1
2
3
4
5
6
7
8
{
  "status": 401,
  "headers": {
    "Content-Type": "text/plain"
  },
  "response": "Session expired or invalid",
  "errorSource": "APP/PLATFORM"
}

The following table lists all the supported status code.

STATUS CODE DESCRIPTION
400 Is returned due to invalid input. For example, if you are making a request to a domain that has not been whitelisted or if the request is passing secure iparams in the body or URL, you will receive this status.
401 Is returned if you performed an unauthorized request.
429 Is returned when the number of requests exceeds the threshold.
500 Is returned if the server encountered an unexpected error. If this error persists, contact us at support@freshteam.com.
502 Is returned when there is a network error. If this error persists, contact us at support@freshteam.com.
503 Is returned when the service is temporarily unavailable.
504 Is returned when there is a timeout error while processing the request.