The webtrigger module invokes a function as the result of an HTTP request.
Within your app, you can programatically obtain the URL to call the web trigger using the web trigger runtime API.
Forge invocation limits also apply to web triggers (scheduled and unscheduled). Refer to our platform invocation limits for more details.
To manually obtain a web trigger URL for development purposes, perform the following steps:
In the terminal, navigate to the app directory and get the app's installation ID by running:
1 2forge install list
Copy the Installation ID for the site and product you want the web trigger URL for.
Get the web trigger URL by running:
1 2forge webtrigger
You'll be provided with a URL that you can use to invoke the web trigger. See
webtrigger for more information about
the forge webtrigger command.
By default, the URLs provided by forge webtrigger have no built-in authentication. As such, anyone can use the URL (and, by extension, invoke its related function) without providing an authentication token. You should keep these URLs secure.
Alternatively, you can also implement authentication inside the trigger itself. For example, you can add a check for an Authorization header in the request and validate any provided token.
You can also schedule a web trigger to repeatedly invoke a function on a specific interval. See Scheduled trigger for more information.
| Property | Type | Required | Description |
|---|---|---|---|
key |
| Yes |
A key for the module, which other modules can refer to. Must be unique within the manifest. Regex: |
function | string | Required if using UI Kit 1 or triggers. | A reference to the function module that defines the module. |
security (EAP) | Security | No | An object that allows for the definition of additional security features for web triggers. |
Optional security properties are now available as part of Forge Early Access Program (EAP).
Use these properties for apps using the webtrigger module, to make such apps eligible for the
Runs on Atlassian program.
To start testing this feature, sign up using this form.
For more details, see Forge EAP, Preview, and GA.
Inside the security object, you can define optional properties to further improve the security
of your web triggers.
| Property | Type | Required | Description |
|---|---|---|---|
egress | Egress | No |
An object containing properties that allow for no-egress web triggers and static response definition. |
| Property | Type | Required | Description |
|---|---|---|---|
allowDataEgress | boolean | Yes |
When set to false, the web trigger will be prevented from egressing any dynamic data in the web trigger response. |
allowedResponses | Array<{ statusCode: number, body: string }> | No |
The When web triggers return a response matching the |
The web trigger function's response requires a statusCode field. For information about
web trigger request and response, see
Web trigger events.
1 2modules: webtrigger: - key: no-egress-web-trigger function: no-egress-function security: egress: allowDataEgress: false allowedResponses: - statusCode: 200 body: '{"body": "Allowed static response"}'
https://4a6d16a1-bf25-4ddb-9a1a-3a781c11af3d.hello.atlassian-dev.net/x1/XUBR5WnG2Hk2V52APDdGaRSDm
Explore these tutorials and examples to enhance your understanding of web triggers.
Rate this page: