Your business runs on powerful automated workflows. You've automated sales reports, user onboarding sequences, and complex data processing tasks. These automations are efficient, reliable, and save countless hours. But what if they could do more? What if you could turn these internal processes into on-demand services, accessible to other applications, partners, or even customers?
This is the power of exposing your workflows as a public API. By doing so, you transform a background task into an interactive, composable web service. And the key to unlocking this capability is the humble webhook.
With an event-driven automation platform like trigger.do, what sounds complex becomes incredibly simple. Let's explore how you can turn any workflow into a secure, public-facing API.
You’ve already automated the logic; the hard part is done. Exposing it via an API endpoint simply puts a public "front door" on that logic, opening up a world of possibilities:
At its core, exposing a workflow as an API allows you to Trigger Anything. Automate Everything. It moves your automation from being a passive, internal process to an active, integrated service.
So, how do you create this "API"? The answer is a webhook trigger.
A webhook is essentially a URL that listens for incoming HTTP requests. When a service sends a request (typically a POST request with a JSON body) to that URL, it acts as an event. An event-driven platform like trigger.do can "catch" this event and use it to kick off a specific workflow.
This simple mechanism is what turns your workflow into an API:
Let's walk through turning an existing automation into a live API endpoint. While trigger.do is excellent for scheduled tasks, like running a report every morning, its real power for this use case comes from event-driven webhooks.
For context, here's how you might define a scheduled trigger that runs a workflow at 9 AM every day:
import { Trigger } from '@do-sdk/agent';
// Create a new trigger that runs a workflow every day at 9 AM UTC
const dailyReportTrigger = new Trigger({
name: 'daily-sales-report',
schedule: '0 9 * * *', // Cron expression for 9:00 AM daily
workflow: 'generate-sales-report',
input: {
period: 'daily',
recipients: ['team@example.com']
}
});
await dailyReportTrigger.enable();
console.log(`Trigger '${dailyReportTrigger.name}' is now active.`);
Now, let's adapt this concept to an on-demand API using a webhook.
First, ensure you have a workflow ready to go. Let's imagine a workflow named provision-new-user that takes a user's email and plan as input to create their account.
Creating a trigger for a webhook is just as easy as creating one for a schedule. The key difference is the type property.
import { Trigger } from '@do-sdk/agent';
// Create a trigger that listens for incoming webhooks
const apiTrigger = new Trigger({
name: 'user-provisioning-api',
type: 'webhook', // The magic is here!
workflow: 'provision-new-user'
// The 'input' will be dynamically supplied by the API call
});
await apiTrigger.enable();
console.log(`Webhook API for '${apiTrigger.name}' is now live.`);
Once enabled, trigger.do will provide a unique URL for this trigger, something like https://api.trigger.do/wh/xyz-123-abc.
Your API is live! Now, any application can trigger it with a simple POST request. The entire JSON body of the request is automatically passed as the input to your workflow.
For example, a calling service could send the following request:
curl -X POST \
https://api.trigger.do/wh/xyz-123-abc \
-H "Content-Type: application/json" \
-d '{
"email": "new.user@example.com",
"plan": "premium"
}'
Your provision-new-user workflow will now execute with the input { "email": "new.user@example.com", "plan": "premium" }.
"Public API" doesn't have to mean "insecure." This is where a robust platform matters. trigger.do ensures your webhook endpoints are protected. You can configure your trigger to require a secret key. The calling service must then include a special signature in the request headers, which trigger.do verifies using the secret. If the signature is invalid or missing, the request is rejected, preventing unauthorized use.
You no longer need to build complex backends with dedicated servers and routing logic just to expose your automated processes. With event-driven automation, any workflow can become a powerful, secure, and scalable web service.
By leveraging webhook automation, you can connect your internal logic to the outside world, creating more integrated, powerful, and valuable applications.
Ready to turn your automations into on-demand services? Explore trigger.do and see how easy it is to create your first workflow API.
Q: What kinds of events can I use with trigger.do?
A: You can use a variety of events, including time-based schedules (using cron syntax), incoming webhooks from external services, and internal system events from other .do agents or services.
Q: How do I create a trigger for a webhook?
A: You can define a new trigger and specify its type as 'webhook'. The platform will provide a unique URL to receive incoming HTTP POST requests, which will then execute your designated workflow.
Q: Can I pass data from the trigger to my workflow?
A: Yes. For webhooks, the entire request body is passed as input to the workflow. For scheduled triggers, you can define a static JSON object to be used as the input each time the workflow runs.
Q: How does trigger.do handle webhook security?
A: Security is paramount. Webhook triggers can be secured using secret keys for signature verification, ensuring that only authorized services can initiate your workflows.