# Web Request

The **Web Request** [trigger](https://docs.getmesa.com/workflow-builder/triggers) creates a unique URL that you can call to execute a MESA workflow. Unlike the [Webhook](https://docs.getmesa.com/tools/webhook) trigger, the entire workflow will execute, and the result of the last step in the workflow will be returned as the response. Using the **Web Request** trigger, you can retrieve Shopify Customer Metadata values to use in your single page app, proxy an API call to a third party app, or even display an HTML table of data stored in a [Data](https://docs.getmesa.com/tools/data) table. If you would like to combine data retrieved from multiple steps in your response, we recommend making the last step of your workflow a Mapping or Editor [Transform](https://docs.getmesa.com/tools/transform) action.

## Configuration <a href="#configuring" id="configuring"></a>

### Passing Data <a href="#passing-data" id="passing-data"></a>

Querystring parameters appended to your URL will be available as [Variables](https://docs.getmesa.com/workflow-builder/fields/variables) in your workflow. For example, if you append `&limit=1` to the **Web Request URL**, it will be available as the `{{webrequest.querystring.limit}}` variable. To easily select the variable from the Variable selector modal, make a test request and refresh the builder. The querystring parameters sent in your previous workflow run will appear in the variable selector:

<figure><img src="https://3425906282-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F1H6u1HQc3Iew7ATmmiCi%2Fuploads%2F9QLvjGvV0iigfcM5g0Ib%2FDW-web-request-querystring.png?alt=media&#x26;token=a02b94df-36ef-4b06-842c-f2398c9ac6a9" alt=""><figcaption></figcaption></figure>

If you make a POST request to the **Web Request** trigger, all data passed will be available in the body variable. For example: `{{webrequest.querystring.id}}`. Similar to querystring parameters, to see these variables in the variable selector model, make a test request and refresh the builder.

All headers passed in the request are also available as variables. For example, you could use the `Authorization` header to authenticate requests in a [Custom Code](https://docs.getmesa.com/tools/custom-code) step

### Custom Response Headers <a href="#custom-headers" id="custom-headers"></a>

The Response Headers returned by the completed automation can be customized under the **More options** section. Change the `Content-Type` value to `text/xml` and end your workflow with a Transform Editor step to return an XML document. Change the `Content-Type` to `text/html` and end your workflow with a Transform Editor step to return an HTML document that will render in the browser:

<figure><img src="https://3425906282-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F1H6u1HQc3Iew7ATmmiCi%2Fuploads%2FTmf1c1boRORK8GQujVGi%2FEdit%20Automation%20Head%20Tag%20-%20Step%200.png?alt=media&#x26;token=428785b3-908e-4a91-abcf-f3dbe1c6fc2f" alt=""><figcaption></figcaption></figure>

You can make the response a redirect by including a `code` of either 301 or 302 and `location` in the response in the last step of your workflow:

<figure><img src="https://3425906282-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F1H6u1HQc3Iew7ATmmiCi%2Fuploads%2F28FR6liugMpHgiYeaGjk%2FTheshoppad%20Workflow%20-%20Step%200%20(1).png?alt=media&#x26;token=3c52326b-4201-45ad-a7d6-36f75311c255" alt=""><figcaption></figcaption></figure>

You can remove the `.json` in the URL or replace it with `.html` or `.xml` to improve the clarity of your endpoints as well, but simply changing the URL suffix will do nothing if the `Content-Type` header is not changed as well.

<figure><img src="https://3425906282-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F1H6u1HQc3Iew7ATmmiCi%2Fuploads%2FdtMloSu1iyQXtg1g88MY%2FDW-web-request-transform-editor.png?alt=media&#x26;token=d39c631b-7e04-4ca2-b8e9-876179558093" alt=""><figcaption></figcaption></figure>

The `Access-Control-Allow-Origin` and `Access-Control-Allow-Headers` headers can be customized to fine-tune your [CORS](https://en.wikipedia.org/wiki/Cross-origin_resource_sharing) security settings, and additional custom headers can be added with static values or values from variables passed from other steps.

### Technical Notes <a href="#technical-details" id="technical-details"></a>

* Each request executes a workflow and counts as an automation run. You can see a history of all automation runs within the[ Activity](https://docs.getmesa.com/workflow-activity) tab.
* Requests are rate-limited based on the [Incoming rate limit](https://docs.getmesa.com/going-further/platform-thresholds-and-limits#limits) of your plan.
* The maximum request time is limited based on the [Task compute](https://docs.getmesa.com/going-further/platform-thresholds-and-limits#limits) limit of your plan. There is also a limit of 60 seconds per request, even if your plan allows longer requests. Requests that take more time to execute will be timed out, and no response will be returned.
* Certain actions, including Loop and Delay, are not supported by the Web Request tool. If you need to delay a couple of seconds, you might be able to use [Mesa.request.sleep](https://docs.getmesa.com/tools/custom-code/sdk?q=sle#vendor-mesa.js-mesa.request.sleep) in a Custom Code step.
* The URL of your Web Request trigger is static and includes a mandatory `apikey` querystring parameter. If you want a shorter URL, we recommend using a URL shortener service like [bit.ly](http://bit.ly/).


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.getmesa.com/tools/web-request.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.