API by Zapier and Zapier let you call APIs that do not have an integration. Unlike Webhooks by Zapier, you can make API requests using OAuth2 or API keys; your credentials are stored securely in an app connection and injected automatically.
Prerequisites
To use the API by Zapier app on Zapier, you must have:
- A Zapier account.
- The API endpoint URL you want to call and, if required, your API key or OAuth2 client details from the API provider.
Connect API by Zapier to Zapier
To create an app connection to API by Zapier on Zapier:
- Go to the Apps page.
- Click + Add connection.
- A new dialog box will appear. Search for and select API by Zapier.
- Click Add connection.
- A Connect an Account page will open. Choose an authentication type and complete the fields below.
For APIs that require no authentication:
- In the Authentication type field, select None.
-
Domain filter (optional): Enter the domain(s) this connection can access (e.g.,
api.example.comor*.example.com). Use a comma to separate multiple domains. Limit this to only the domains you need. - Test URL (optional): Enter a URL that returns a 2xx response when the connection is valid. Zapier uses this to verify the connection works.
For APIs that expect an API key or other static token in headers:
- In the Authentication type field, select Static Headers (API key).
- In Headers, enter key-value pairs for your auth headers (e.g.,
X-API-Key: 123). Use one header per line. -
Domain filter (optional): Enter the domain(s) this connection can access (e.g.,
api.example.comor*.example.com). Use a comma to separate multiple domains. Limit this to only the domains you need. - Test URL (optional): Enter a URL that returns a 2xx response when the connection is valid. Zapier uses this to verify the connection works.
For APIs that require OAuth2:
- In the Authentication type field, select OAuth2.
- Client ID: Your OAuth2 application client ID.
- Client secret: Your OAuth2 application client secret.
-
Authorize URL: The OAuth2 authorization endpoint (e.g.,
https://example.com/oauth/authorize). -
Token URL: The OAuth2 token endpoint (e.g.,
https://example.com/oauth/token). -
Scopes: Space-separated OAuth2 scopes (e.g.,
read write profile). -
Domain filter (optional): Enter the domain(s) this connection can access (e.g.,
api.example.comor*.example.com). Use a comma to separate multiple domains. Limit this to only the domains you need. - Test URL (optional): Enter a URL that returns a 2xx response when the connection is valid. Zapier uses this to verify the connection works.
Note
NoteYour OAuth2 app must accept this redirect URI: https://zapier.com/dashboard/auth/oauth/return/App235435CLIAPI/
- Click Yes, Continue to API by Zapier.
Your API by Zapier connection is now ready to use in your workflows.
About API by Zapier's app
Triggers, searches, and actions
- New Item from API (Polling) — Triggers when a new item appears in an API response. Use the Response Filter to extract the array and Dedupe Key to identify new items.
- No searches available for this app.
- API Request — Make an authenticated HTTP request to any API. Your connection's credentials are automatically included.
Limitations
- When you build a JSON body with mapped fields (e.g.
{"name": "{{name}}"}), you must ensure the result is valid JSON, including proper quoting. Variable interpolation does not auto-format JSON. - Each connection can only send requests to the domain(s) you set in the connection. This limits where credentials can be used and improves security.