API Integration
Connect your Appivo application with external systems
API Integration Guide
Learn how to connect your Appivo application with external services using the integration framework.
Integration Types
Appivo supports multiple integration methods:
| Type | Purpose |
|---|---|
| Webhooks | Send data to external systems |
| REST APIs | Call external services |
| SCIM 2.0 | User and group sync |
| SharePoint | Document management |
| OData | Data synchronization |
| Custom | Build your own |
Webhooks
Send data to external systems when events occur.
Creating a Webhook
- Navigate to Integrations
- Click Add Webhook
- Configure the webhook:
| Setting | Description |
|---|---|
| URL | External endpoint |
| Method | HTTP method (POST, PUT, etc.) |
| Headers | Authentication, content type |
| Payload | Data to send |
Example: Order Notification
Webhook: Notify Fulfillment
Trigger: Order created
URL: https://fulfillment.example.com/orders
Method: POST
Headers:
Authorization: Bearer {{config.api_key}}
Content-Type: application/json
Payload:
{
"order_id": "{{order.id}}",
"customer": "{{order.customer_name}}",
"items": {{order.items}},
"total": {{order.total}}
}
Webhook Security
Secure your webhooks:
- Use HTTPS endpoints only
- Include authentication headers
- Validate webhook signatures
- Implement retry logic
Calling External APIs
Use the WEBHOOK action to call external services.
Basic API Call
// In a SCRIPT action
const response = await context.http({
url: 'https://api.example.com/data',
method: 'GET',
headers: {
'Authorization': 'Bearer ' + context.getConfig('api_key')
}
});
if (response.status === 200) {
const data = response.data;
// Process data
}
POST Request
const response = await context.http({
url: 'https://api.example.com/orders',
method: 'POST',
headers: {
'Content-Type': 'application/json',
'Authorization': 'Bearer ' + context.getConfig('api_key')
},
data: {
customer_id: params.customerId,
items: params.items
}
});
Authentication Methods
API Keys
Simple token-based authentication:
Headers:
Authorization: Bearer YOUR_API_KEY
X-API-Key: YOUR_API_KEY
OAuth 2.0
For services requiring OAuth:
- Configure OAuth credentials
- Implement token refresh
- Store tokens securely
Basic Authentication
Username/password authentication:
Headers:
Authorization: Basic base64(username:password)
REST Rules
Create API endpoints that external systems can call.
Creating a REST Rule
- Navigate to Rules
- Click Add Rule
- Select REST type
- Configure:
| Setting | Description |
|---|---|
| Endpoint | URL path |
| Method | GET, POST, PUT, DELETE |
| Authentication | Required credentials |
Example: External Order Endpoint
Rule: Receive External Order
Type: REST
Endpoint: /api/orders/create
Method: POST
Authentication: API Key
Action: SCRIPT
1. Validate incoming data
2. Create order record
3. Trigger fulfillment
4. Return confirmation
Request Handling
exports.execute = async function(context, params) {
// Access request data
const orderData = params.body;
// Validate
if (!orderData.customer_id) {
return {
status: 400,
error: 'customer_id is required'
};
}
// Process
const order = await context.createRecord('Order', {
customer_id: orderData.customer_id,
items: orderData.items,
status: 'New'
});
return {
status: 201,
data: { order_id: order.id }
};
};
SCIM 2.0 Integration
Synchronize users and groups with identity providers.
Supported Operations
- User provisioning
- User updates
- User deprovisioning
- Group management
- Attribute mapping
Configuration
- Enable SCIM in Integrations
- Generate SCIM endpoint URL
- Create authentication token
- Configure in identity provider
Error Handling
Retry Configuration
Configure retry behavior for failed calls:
| Setting | Description |
|---|---|
| Max Retries | Number of attempts |
| Retry Delay | Wait between retries |
| Backoff | Exponential increase |
Error Responses
Handle errors gracefully:
try {
const response = await context.http({
url: 'https://api.example.com/data',
method: 'GET'
});
if (response.status !== 200) {
context.log.error('API error', {
status: response.status,
body: response.data
});
return { success: false, error: 'API call failed' };
}
return { success: true, data: response.data };
} catch (error) {
context.log.error('Request failed', error);
return { success: false, error: error.message };
}
Best Practices
Security
- Store credentials in configuration
- Use HTTPS for all calls
- Validate incoming data
- Log sensitive operations
Reliability
- Implement retry logic
- Handle timeouts
- Queue requests when needed
- Monitor for failures
Performance
- Cache responses when appropriate
- Use async processing
- Batch operations
- Set appropriate timeouts
Monitoring
- Log all API calls
- Track success/failure rates
- Alert on errors
- Review usage patterns
Common Patterns
Data Synchronization
Pattern: Sync External Data
Schedule: Every hour
Steps:
1. Fetch data from external API
2. Compare with local records
3. Create/update/delete as needed
4. Log sync results
Event Broadcasting
Pattern: Broadcast Events
Trigger: Record created/updated
Steps:
1. Event occurs in Appivo
2. Webhook sends to external systems
3. Wait for acknowledgment
4. Log delivery status
Two-Way Integration
Pattern: Bidirectional Sync
Components:
- Outbound: Webhooks for changes
- Inbound: REST endpoints for external changes
- Conflict: Resolution rules
Next Steps
- Rules and Actions - Create integration triggers
- Security - Secure your integrations
- Data Modeling - Design for integration