Make.com API Integration Automation

January 12, 2026 6 min read Automation

How to Connect Make.com to Any REST API in

Struggling to connect Make.com to a service that's not in the official catalog? The HTTP module unlocks thousands of additional integrations. This guide walks through authentication methods, request configuration, and troubleshooting common errors - so you can build custom API workflows without coding.

Make.com HTTP request tutorial screenshot

Why Use the HTTP Module?

Most businesses discover Make.com's limitations when they need to connect to a niche or proprietary system not listed in the official app catalog. The HTTP module solves this by providing direct access to any REST API endpoint. Unlike pre-built connectors, it gives you complete control over request configuration.

The module supports all standard HTTP methods (GET, POST, PUT, DELETE) and automatically parses JSON responses. This means you can integrate with internal tools, lesser-known SaaS platforms, or even build your own microservices that communicate with Make.com.

Key benefit: The HTTP module reduces dependency on Make.com's native integrations, future-proofing your automation as your tech stack evolves. It's particularly valuable for businesses using custom-built software or industry-specific platforms.

4 Authentication Methods Explained

API security begins with choosing the right authentication type in your HTTP module. Make.com offers four variants of the HTTP module, each designed for a different authentication protocol:

1. Make a Request (No Auth)

For public APIs that don't require authentication. Use this for read-only endpoints that don't expose sensitive data. Example: Fetching public weather data or stock prices.

2. Make an API Key Auth Request

The most common option for SaaS APIs. Configure your API key in the Authorization header, typically as "Bearer [token]" or in a custom header like "X-API-Key".

3. Make a Basic Auth Request

For APIs using username/password authentication. Make.com will automatically encode credentials in Base64 and add the proper Authorization header.

4. Make an OAuth 2.0 Request

For services like Google, Facebook, or Microsoft that use OAuth. Requires initial setup of OAuth credentials in Make.com's connections panel.

Pro tip: Always check the API documentation's authentication section before selecting your module type. Using the wrong variant will result in 401 Unauthorized errors.

Step-by-Step Configuration

Configuring your first API connection in Make.com involves six key steps:

Step 1: Add the HTTP Module

Create a new scenario or open an existing one. Click the plus button and search for "HTTP". Select the variant that matches your API's authentication method.

Step 2: Set the Request Method

Choose GET (retrieve data), POST (create), PUT (update), or DELETE based on the API endpoint's requirements. Most data retrieval uses GET, while modifications use POST or PUT.

Step 3: Enter the Endpoint URL

Paste the complete API endpoint URL, including any path parameters. For query parameters, use Make.com's built-in URL builder to dynamically insert values.

Step 4: Configure Headers

Add required headers like Content-Type (usually application/json) and Authorization. Use Make.com's secure storage for sensitive values like API keys.

Step 5: Set the Request Body (if needed)

For POST/PUT requests, add the body content in the format the API expects (typically JSON). You can use Make.com's JSON editor or map fields from previous modules.

Step 6: Enable Response Parsing

Set "Parse response" to Yes so Make.com automatically converts JSON responses into mappable fields. For non-JSON responses, you may need additional processing modules.

Configuration checklist: Method → URL → Headers → Body → Parse setting. Test each change with "Run once" before proceeding to the next step.

Headers & Body Settings

Proper header configuration is where most API integrations succeed or fail. Two headers are particularly crucial:

Content-Type Header

Specifies the format of your request body. For JSON APIs, set to "application/json". For form data, use "application/x-www-form-urlencoded". Mismatched Content-Type headers are a leading cause of 400 Bad Request errors.

Authorization Header

Format varies by API. Common patterns include "Bearer [token]", "Token [token]", or custom headers like "X-API-Key". Always verify the exact format in the API documentation.

For the request body, most modern APIs expect JSON payloads. Make.com's JSON editor provides syntax highlighting and validation to help craft properly formatted requests:

 {   "name": "John Doe",   "email": "[email protected]",   "preferences": {     "newsletter": true,     "notifications": false   } }

Remember: Some APIs require specific field names or nested structures. Always test with minimal data first, then build up to complex requests.

Testing & Troubleshooting

The "Run once" feature is your best friend when setting up API connections. It lets you test the module in isolation before integrating it with the rest of your scenario. Here's how to interpret common responses:

Successful Response (200 OK)

If you see the expected data structure, your configuration is correct. Check that all necessary fields are exposed for mapping in subsequent modules.

Authentication Error (401 Unauthorized)

Verify your Authorization header format matches the API's requirements exactly. Check for typos in API keys or tokens.

Bad Request (400)

Usually indicates malformed JSON or incorrect Content-Type header. Validate your request body structure against the API documentation.

Not Found (404)

Check the endpoint URL for typos. Verify you're using the correct API version path if applicable.

Debugging tip: Use Make.com's "Show advanced settings" to view raw request and response details. This often reveals subtle configuration issues.

Real-World Examples

Here are three practical applications of the HTTP module in business automation:

1. Custom CRM Integration

Connect Make.com to a proprietary CRM system by calling its private API. Sync new leads from web forms, update contact records, or trigger follow-up sequences based on CRM events.

2. Internal System Notifications

Post alerts to a company Slack channel when your ERP system detects low inventory by calling Slack's Webhook API. Format messages with rich attachments and interactive buttons.

3. Data Enrichment Workflow

Enhance customer records by calling multiple APIs sequentially: first verify email addresses, then lookup company details, finally append social media profiles - all in one automated flow.

Scalability note: For high-volume API calls, implement error handling and rate limiting to avoid hitting API quotas. Make.com's router and error handler modules help build resilient workflows.

Security Best Practices

When working with APIs in Make.com, security should be your top priority - especially when handling customer data or internal systems. Follow these guidelines:

1. Secure Credential Storage

Never hardcode API keys or passwords in scenario notes. Use Make.com's built-in credential storage for sensitive values, which provides encryption at rest.

2. Principle of Least Privilege

Configure API keys with only the permissions your scenario requires. If the API supports scopes, restrict to read-only where possible.

3. IP Whitelisting

For private APIs, restrict access to Make.com's IP addresses (documented in their help center). This prevents unauthorized access even if credentials are compromised.

4. Regular Key Rotation

Schedule periodic updates for API keys and OAuth tokens. Make.com's connection management makes it easy to update credentials without breaking scenarios.

Critical reminder: Audit your HTTP modules quarterly. Remove unused connections and verify all active integrations still follow security best practices.

Watch the Full Tutorial

See the HTTP module in action with a live configuration demo (starting at 1:15 in the video). The tutorial walks through authenticating with a sample API, configuring headers, and mapping response data to subsequent modules.

Key Takeaways

The HTTP module transforms Make.com from a platform with limited integrations to one that can connect with virtually any web service. By mastering REST API configuration, you unlock thousands of potential automation use cases beyond the official app catalog.

In summary: Choose the right authentication module, configure headers precisely, test with "Run once", and secure your credentials. With these fundamentals, you can integrate Make.com with both public APIs and internal business systems.

Frequently Asked Questions

Common questions about Make.com API connections

What types of APIs can I connect to Make.com?

Make.com's HTTP module can connect to any REST API that accepts standard HTTP requests (GET, POST, PUT, DELETE). This includes both public APIs and private/internal APIs your company uses.

The API must return data in a format Make can parse, typically JSON. SOAP APIs and GraphQL require additional configuration or preprocessing modules to work effectively with Make.com.

Works with 90% of modern web APIs
Requires JSON or parseable response format
Supports custom headers and authentication

How do I authenticate with an API in Make.com?

Make.com supports four authentication methods: API key (sent in headers), Basic Auth (username/password), OAuth 2.0, and unauthenticated requests.

Choose the HTTP module variant that matches your API's authentication method. For API keys, use the 'Make an API key auth request' module and add your key in the Authorization header following the API's specified format.

API key: Most common for SaaS platforms
Basic Auth: Legacy systems often use this
OAuth 2.0: Required for Google, Facebook etc.

What's the most common mistake when setting up API connections?

The most frequent errors are incorrect Content-Type headers (not matching the request body format) and malformed authorization headers.

Always verify the API documentation specifies the exact header format required. For JSON APIs, set Content-Type to application/json and ensure your request body is valid JSON with proper quoting and structure.

Content-Type mismatch causes 400 errors
Authorization header typos cause 401 errors
Test with minimal requests first

How do I handle pagination in API responses?

For paginated APIs, you'll need to create a loop in your scenario that checks for a 'next page' token or URL in the response.

Use Make.com's iterator or router tools to handle subsequent requests until all data is retrieved. Some APIs include pagination details in response headers rather than the body, requiring you to parse Link headers or X-Total-Count values.

Offset/limit: Common in database APIs
Cursor-based: Used by Twitter, Slack
Header-based: GitHub uses Link headers

Can I use Make.com to connect to private/internal APIs?

Yes, Make.com can connect to internal APIs if they're accessible from the internet. For extra security, use IP whitelisting if your API supports it.

Store credentials in Make.com's secure storage rather than hardcoding them. For APIs behind a corporate firewall, you may need to use a self-hosted proxy or Make.com's on-premises agent to establish the connection.

IP whitelisting recommended
VPN/proxy options available
On-premises agent for local networks

What should I do if my API request returns an error?

First check the HTTP status code and error message in the response. Common fixes include verifying the endpoint URL is correct and ensuring all required headers are included.

Use Make.com's error handling routes to manage failed requests gracefully. Implement retry logic for temporary failures (5xx errors) and alerting for configuration issues (4xx errors) that require manual intervention.

4xx errors: Configuration issues
5xx errors: Server-side problems
Implement retries for transient failures

How can I test API connections before building a full scenario?

Use the 'Run once' feature in the HTTP module to test your configuration. This lets you verify the request works and inspect the raw response before mapping fields to other modules.

For complex APIs, tools like Postman can help prototype requests before implementing in Make.com. Once you have a working Postman collection, you can often translate the settings directly to Make.com's HTTP module configuration.

Start with 'Run once' testing
Use Postman for prototyping
Validate response structure early

How can GrowwStacks help implement this for your business?

GrowwStacks specializes in building custom API integrations with Make.com. Our team can design secure, scalable connections to both public and private APIs, implement error handling, and optimize performance.

We'll handle the technical setup so you can focus on using the data in your workflows. A typical engagement includes API documentation review, secure credential setup, endpoint testing, and integration with your existing Make.com scenarios.

API integration specialists
Security-focused implementation
Free consultation to assess your needs

Need Custom API Integrations for Your Business?

Manual API configuration wastes valuable developer time and often breaks with service updates. Let GrowwStacks build resilient, secure API connections that power your automation workflows 24/7.

Book Free Consultation → Read More Articles