Bitbucket modules
Common modules
Compass modules
Confluence modules
Jira modules
Jira Service Management modules
Rovo modules (Preview)

Web trigger

The webtrigger module invokes a function as the result of an HTTP request.

Within your app, you can programatically obtain the URL to call the web trigger using the web trigger runtime API.

Forge invocation limits also apply to web triggers (scheduled and unscheduled). Refer to our platform invocation limits for more details.

To manually obtain a web trigger URL for development purposes, perform the following steps:

  1. In the terminal, navigate to the app directory and get the app's installation ID by running:

    1
    2
    forge install list
    
  2. Copy the Installation ID for the site and product you want the web trigger URL for.

  3. Get the web trigger URL by running:

    1
    2
    forge webtrigger
    
    1. Enter the installation ID you copied in step 2.
    2. Select the web trigger that you want the URL for. The options come from the manifest.

    You'll be provided with a URL that you can use to invoke the web trigger. See webtrigger for more information about the forge webtrigger command.

    By default, the URLs provided by forge webtrigger have no built-in authentication. As such, anyone can use the URL (and, by extension, invoke its related function) without providing an authentication token. You should keep these URLs secure.

    Alternatively, you can also implement authentication inside the trigger itself. For example, you can add a check for an Authorization header in the request and validate any provided token.

You can also schedule a web trigger to repeatedly invoke a function on a specific interval. See Scheduled trigger for more information.

Properties

PropertyTypeRequiredDescription
key

string

Yes

A key for the module, which other modules can refer to. Must be unique within the manifest.

Regex: ^[a-zA-Z0-9_-]+$

functionstringRequired if using UI Kit 1 or triggers.A reference to the function module that defines the module.
security (EAP)SecurityNoAn object that allows for the definition of additional security features for web triggers.

Security reference (EAP)

Inside the security object, you can define optional properties to further improve the security of your web triggers.

PropertyTypeRequiredDescription
egressEgressNo

An object containing properties that allow for no-egress web triggers and static response definition.

Egress

PropertyTypeRequiredDescription
allowDataEgressbooleanYes

When set to false, the web trigger will be prevented from egressing any dynamic data in the web trigger response.

allowedResponsesArray<{ statusCode: number, body: string }>No

The allowedResponses list contains objects with a body property of type string and a statusCode property of type integer.

When web triggers return a response matching the statusCode and body pair, the statusCode and body is kept as is, with other forms of egress removed.

The web trigger function's response requires a statusCode field. For information about web trigger request and response, see Web trigger events.

Example

1
2
modules:
  webtrigger:
    - key: no-egress-web-trigger
      function: no-egress-function
      security:
        egress:
          allowDataEgress: false
          allowedResponses:
            - statusCode: 200
              body: '{"body": "Allowed static response"}'

Example web trigger URL

https://4a6d16a1-bf25-4ddb-9a1a-3a781c11af3d.hello.atlassian-dev.net/x1/XUBR5WnG2Hk2V52APDdGaRSDm

Explore these tutorials and examples to enhance your understanding of web triggers.

Rate this page: