Zapier offers several ways to make API requests. The right choice depends on which Zapier product you're using, whether the app you're calling has a Zapier integration, and how you need to handle authentication.
Any API (with or without a Zapier integration)
Webhooks by Zapier and API by Zapier let you call any API endpoint, even if the service does not have a dedicated Zapier app.
| Webhooks by Zapier | API by Zapier | |
|---|---|---|
| Available in | Zaps Agents Zapier MCP | Zaps Agents Zapier MCP |
| Supported authentication | Basic Authentication None | OAuth2 API keys (static headers) None |
| Where credentials live | Stored within a Zap step or tool setup. | Stored within an app connection. |
| Best for | Receiving or sending payloads with simple or no authentication. | APIs that require OAuth2 or an API key When you want credentials out of the Zap or tool setup. |
| Triggers | Catch Hook (Instant) Catch Raw Hook (Instant) Retrieve Poll (Polling) | New Item from API (Polling). |
| Actions | Custom Request GET PUT POST | API Request |
| Request/response behavior | Payload type choice (form, JSON, XML, raw); auto-flattening with double-underscore conventions; XPath for extraction. | What you send is what gets sent; no format guessing; JQ for extraction (not XPath); clear error messages. |
Apps with an existing Zapier integration only
API Request actions and Custom Actions let you make raw HTTP requests to apps that already have a Zapier integration. They use the app's existing connection for authentication, so you do not need to manage credentials separately.
| API Request actions | Custom Actions | |
|---|---|---|
| Available in | Zaps Agents Zapier MCP | Zaps Zapier MCP |
| Works with | Supported public apps with a Zapier integration. | Supported public apps with a Zapier integration. |
| Where credentials live | Stored within an app connection. | Stored within an app connection. |
| Best for | A one-off API call in a single Zap. | A reusable action you want to share across Zaps and teammates. |
| Reusable | No, it's only available in the Zap where you created it. | Yes, you can share and reuse it across Zaps and teammates. |
| Setup | Manual configuration in the Zap editor. In Agents and MCP, you can configure the fields yourself or let AI fill them in for you. | AI-assisted setup with Copilot; optional code editor for Typescript. |
When to use which
- Use API by Zapier when the API you're calling does not have a Zapier integration and requires OAuth2 or an API key. Credentials stay in your connection and are never shown in the Zap.
- Use Webhooks by Zapier when the API does not have a Zapier integration and you only need Basic Authentication or no authentication, or you want to receive webhook-style payloads (e.g. a unique URL for an app to send data to). Webhooks stores credentials in plaintext step fields visible to anyone who can view the Zap. For authenticated outbound requests, API by Zapier is the more secure option.
- Use API Request actions when the app already has a Zapier integration but does not offer the specific action you need, and you only need it in a single Zap.
- Use Custom Actions when the app already has a Zapier integration but does not offer the specific action you need, and you want to reuse that action across multiple Zaps or share it with teammates.