Understanding APIs: What is an API? How Wiresk Uses APIs?
In Wiresk, Triggers are used to start a Flow. To trigger a Flow from external systems, Wiresk uses a secure combination of three key elements: API Keys, HTTP Triggers, and Routing Keys. These work together to ensure that Flows are addressable, callable, and protected from unauthorized access.
This guide explains what each of these elements does and how to use them properly.
What Is an API Key? Copy Link
An API Key in Wiresk is a unique, randomly generated token used to authenticate requests made to Wiresk’s platform. It confirms the identity of the caller, whether a connected application or system.
Role of API Keys: Copy Link
- Authentication: Confirms the request is from a trusted source.
- Reusable Across Flows: API Keys are not tied to a single Flow, they are scoped to the Group level.
- Validation Requirement: For a Flow to be triggered, it must contain an HTTP Trigger that accepts the API Key.
Purpose and Benefits of Reusable API Keys Copy Link
Wiresk’s API key system is designed for flexibility. You can reuse the same API key across multiple Flows, making it easier to integrate Wiresk into environments where many Flows need to be automated, without having to manage dozens of individual keys.
Example Use Case:
You might generate one API Key for a webhook integration, and use that same key to trigger multiple Flows:
- Flow A: Sync data between platforms
- Flow B: Handle CRM webhook input
- Flow C: Generate and send internal reports
This works because the Routing Key (defined by the HTTP Trigger) identifies which Flow should run, while the API Key only verifies whether the request is authorized. The API Key does not determine which Flow is triggered.
Why You Might Still Want Multiple API Keys Copy Link
While reusable API keys are convenient, creating separate API keys per use case offers practical benefits, even for non-technical users:
Best Practices for Managing API Keys:
| Strategy | Description |
|---|---|
| One Key per Environment | Simplifies key management, but lacks granularity if a specific key needs revocation. |
| One Key per Source App | Recommended. Offers balance between clarity and security. If one system is compromised, only its Flows are affected. |
| One Key per Flow | High isolation and control, but may introduce overhead in key management. |
Key Benefits:
- Easy rotation and revocation
- Better visibility and control
- Separation of concerns per system
● Use a reusable API key when simplicity and speed are your top priority.
● Use multiple, purpose-specific keys when you want better visibility, control, and security.
● Name your API keys and HTTP triggers clearly for easy maintenance.
● Regularly review and rotate API keys for security.
You can always see which Flows are using a key by clicking on the key name in the API Key tab of your Flows Group.
How to Create an API Key Copy Link
- Go to your Group.
- Open the API Key tab.
- Click + Create and give it a clear, descriptive name (e.g., “CRM Integration” or “Slack Trigger”).
- After creation, your API key will appear in the list.
- Click on any API key to see which Flows are using it.
What Is an HTTP Trigger Copy Link
An HTTP Trigger in Wiresk is a configuration that allows you to start a Flow using an external HTTP request. It acts as the entry point for webhooks or to manually initiate a Flow.
You typically add an HTTP Trigger during Flow creation. When configuring it, you provide a description and select or create an API Key. This forms the basis of a secure, addressable endpoint that can be used to trigger the Flow remotely or manually.
Purpose of the HTTP Trigger Copy Link
- Provides a unique URL endpoint that can be called by connected apps.
- Associates a specific Flow with a trusted API Key.
- Supports secure integration without exposing internal configuration.
HTTP Triggers vs Authenticated Integrations Copy Link
| Feature | HTTP Trigger | Authenticated App Integration |
|---|---|---|
| Starts the Flow? | Yes | Yes |
| Requires Auth in Wiresk? | Only an API key | Yes (OAuth or token) |
| Used for | External systems calling Wiresk | Wiresk calling connected apps |
| Example | A webhook from HubSpot hitting Wiresk | Wiresk fetching pages from Notion |
What is a Routing Key Copy Link
In Wiresk, the Routing Key is a unique identifier generated for each HTTP Trigger. It is embedded in the URL and tells Wiresk which Flow should be triggered.
The Routing Key is not something you choose manually; Wiresk generates it when you configure the HTTP Trigger. It maps directly to a specific Flow and is what enables external systems (your connected apps) to address the correct Flow at runtime.
How Routing Keys and HTTP Triggers Work Together Copy Link
- You create an HTTP Trigger inside a Flow.
- Wiresk assigns a Routing Key to that Trigger.
- The combination of Routing Key and API Key defines a secure, callable endpoint.
- When an external system calls that endpoint, Wiresk uses:
- The Routing Key to identify which Flow to execute
- The API Key to verify whether the caller has permission
How Routing Keys Are Used in Wiresk Copy Link
The Routing Key defines the route and used in:
Webhooks Copy Link
Your connected apps (like CRMs, e-commerce platforms, or form builders) send data to Wiresk using HTTP POST requests. They call the endpoint URL that includes the Routing Key.
Example Use Case:
- Your CRM sends a deal update to a Wiresk Flow called “Update Lead Status”
- The CRM is configured with the Routing Key to that Flow’s HTTP Trigger
Run Once for Testing Copy Link
When you manually test a Flow in Wiresk using the Run Once feature, you select the appropriate Routing Key. This tells Wiresk which HTTP Trigger (and therefore which Flow) to simulate a request against.
It ensures you’re triggering the right version of the Flow, especially if multiple Flows share the same API Key.
● The Routing Key is what determines which Flow runs
● The API Key is what determines if the request is allowed to run any Flow
● Both are required for secure and correct execution
● Sharing Routing Keys publicly can expose your Flows, so treat them as sensitive information
Don’t stop here! Copy Link
If you need an integration that you cannot find in Wiresk, you can make a request to our team, and we will try our best to satisfy your needs.