Docs Connect Components Inputs http_client http_client Type: InputOutput Available in: Cloud, Self-Managed Connects to a server and continuously requests single messages. Common Advanced # Common configuration fields, showing default values input: label: "" http_client: url: "" # No default (required) verb: GET headers: {} rate_limit: "" # No default (optional) timeout: 5s payload: "" # No default (optional) stream: enabled: false reconnect: true scanner: lines: {} auto_replay_nacks: true # All configuration fields, showing default values input: label: "" http_client: url: "" # No default (required) verb: GET headers: {} metadata: include_prefixes: [] include_patterns: [] dump_request_log_level: "" # Optional oauth: enabled: false consumer_key: "" # Optional consumer_secret: "" # Optional access_token: "" # Optional access_token_secret: "" # Optional oauth2: enabled: false client_key: "" # Optional client_secret: "" # Optional token_url: "" # Optional scopes: [] endpoint_params: {} basic_auth: enabled: false username: "" # Optional password: "" # Optional jwt: enabled: false private_key_file: "" # Optional signing_method: "" # Optional claims: {} headers: {} tls: enabled: false skip_cert_verify: false enable_renegotiation: false root_cas: "" # Optional root_cas_file: "" # Optional client_certs: [] extract_headers: include_prefixes: [] include_patterns: [] rate_limit: "" # No default (optional) timeout: 5s retry_period: 1s max_retry_backoff: 300s retries: 3 backoff_on: - 429 drop_on: [] successful_on: [] proxy_url: "" # No default (optional) disable_http2: false payload: "" # No default (optional) drop_empty_bodies: true stream: enabled: false reconnect: true scanner: lines: {} auto_replay_nacks: true Dynamic URL and header settings You can set the url and headers values dynamically using function interpolations. Pagination You can also add function interpolations to the url and headers fields to implement basic pagination, such as page numbers or tokens, where subsequent requests need to include data from previously-consumed responses. Example: input: http_client: url: >- https://api.example.com/search?query=allmyfoos&start_time=${! ( (timestamp_unix()-300).ts_format("2006-01-02T15:04:05Z","UTC").escape_url_query() ) }${! ("&next_token="+this.meta.next_token.not_null()) | "" } verb: GET rate_limit: schedule_searches oauth2: enabled: true token_url: https://api.example.com/oauth2/token client_key: "${EXAMPLE_KEY}" client_secret: "${EXAMPLE_SECRET}" rate_limit_resources: - label: schedule_searches local: count: 1 interval: 30s If pagination requires more complex logic, consider using the http processor combined with a generate input, which allows you to schedule the processor. Streaming messages If you enable streaming, Redpanda Connect consumes the body of the server response as a continuous stream of data, and breaks the stream down into smaller, logical messages using the specified scanner. This functionality allows you to consume APIs that provide long-lived streamed data feeds, such as stock market feeds. Fields auto_replay_nacks Whether to automatically replay rejected messages (negative acknowledgements) at the output level. If the cause of rejections persists, leaving this option enabled can result in back pressure. Set auto_replay_nacks to false to delete rejected messages. Disabling auto replays can greatly improve memory efficiency of high throughput streams as the original shape of the data is discarded immediately upon consumption and mutation. Type: bool Default: true backoff_on[] A list of status codes that indicate a request failure, and trigger retries with an increasing backoff period between attempts. Type: int Default: - 429 basic_auth Allows you to specify basic authentication. Type: object basic_auth.enabled Whether to use basic authentication in requests. Type: bool Default: false basic_auth.password A password to authenticate with. This field contains sensitive information that usually shouldn’t be added to a configuration directly. For more information, see Secrets. Type: string Default: "" basic_auth.username A username to authenticate as. Type: string Default: "" disable_http2 Whether to disable HTTP/2. By default, HTTP/2 is enabled. Requires version 4.44.0 or later. Type: bool Default: false drop_empty_bodies Whether to drop empty payloads received from the target server. Type: bool Default: true drop_on[] A list of status codes that indicate a request failure, where the input should not attempt retries. This helps avoid unnecessary retries for requests that are unlikely to succeed. In these cases, the request is dropped, but the message that triggered the request is retained. Type: int Default: [] dump_request_log_level EXPERIMENTAL: Set the logging level for the request and response payloads of each HTTP request. Requires version 4.12.0 or later. Type: string Default: "" Options: TRACE, DEBUG, INFO, WARN, ERROR, FATAL, `` extract_headers Specify which response headers to add to the resulting messages as metadata. Header keys are automatically converted to lowercase before matching, so make sure that your patterns target the lowercase versions of the expected header keys. Type: object extract_headers.include_patterns[] Provide a list of explicit metadata key regular expression (re2) patterns to match against. Type: array Default: [] # Examples: include_patterns: - .* - _timestamp_unix$ extract_headers.include_prefixes[] Provide a list of explicit metadata key prefixes to match against. Type: array Default: [] # Examples: include_prefixes: - foo_ - bar_ - kafka_ - content- follow_redirects Whether or not to transparently follow redirects, i.e. responses with 300-399 status codes. If disabled, the response message will contain the body, status, and headers from the redirect response and the processor will not make a request to the URL set in the Location header of the response. Type: bool Default: true headers A map of headers to add to the request. This field supports interpolation functions. Type: string Default: {} # Examples: headers: Content-Type: application/octet-stream traceparent: ${! tracing_span().traceparent } jwt BETA: Allows you to specify JSON Web Token (JWT) authentication. Type: object jwt.claims A value used to identify the claims that issued the JWT. Type: object Default: {} jwt.enabled Whether to use JWT authentication in requests. Type: bool Default: false jwt.headers Add key/value headers to the JWT (optional). Type: object Default: {} jwt.private_key_file A file with the PEM encoded using PKCS1 or PKCS8 as private key. Type: string Default: "" jwt.signing_method A method used to sign the token, such as RS256, RS384, RS512 or EdDSA. Type: string Default: "" max_retry_backoff The maximum period to wait between failed requests. Type: string Default: 300s metadata Specify matching rules that determine which metadata keys to add to the HTTP request as headers (optional). Type: object metadata.include_patterns[] Provide a list of explicit metadata key regular expression (re2) patterns to match against. Type: array Default: [] # Examples: include_patterns: - .* - _timestamp_unix$ metadata.include_prefixes[] Provide a list of explicit metadata key prefixes to match against. Type: array Default: [] # Examples: include_prefixes: - foo_ - bar_ - kafka_ - content- oauth Allows you to specify open authentication using OAuth version 1. Type: object oauth.access_token The value used to gain access to the protected resources on behalf of the user. Type: string Default: "" oauth.access_token_secret The secret that establishes ownership of the oauth.access_token. This field contains sensitive information that usually shouldn’t be added to a configuration directly. For more information, see Secrets. Type: string Default: "" oauth.consumer_key A value used to identify the client to the service provider. Type: string Default: "" oauth.consumer_secret The secret used to establish ownership of the consumer key. This field contains sensitive information that usually shouldn’t be added to a configuration directly. For more information, see Secrets. Type: string Default: "" oauth.enabled Whether to use OAuth version 1 in requests. Type: bool Default: false oauth2 Allows you to specify open authentication using OAuth version 2 and the client credentials token flow. Type: object oauth2.client_key A value used to identify the client to the token provider. Type: string Default: "" oauth2.client_secret The secret used to establish ownership of the client key. This field contains sensitive information that usually shouldn’t be added to a configuration directly. For more information, see Secrets. Type: string Default: "" oauth2.enabled Whether to use OAuth version 2 in requests. Type: bool Default: false oauth2.endpoint_params A list of endpoint parameters specified as arrays of strings (optional). Requires version 4.21.0 or later. Type: object Default: {} # Examples: endpoint_params: bar: - woof foo: - meow - quack oauth2.scopes[] A list of requested permissions (optional). Requires version 3.45.0 or later. Type: array Default: [] oauth2.token_url The URL of the token provider. Type: string Default: "" payload A payload to deliver for each request (optional). This field supports interpolation functions. Type: string proxy_url A HTTP proxy URL (optional). Type: string rate_limit A rate limit to throttle requests by (optional). Type: string retries The maximum number of retry attempts to make. Type: int Default: 3 retry_period The initial period to wait between failed requests before retrying. Type: string Default: 1s stream Enables streaming mode, where the HTTP connection remains open and messages are processed line-by-line. Type: object stream.enabled Enables streaming mode. Type: bool Default: false stream.reconnect Whether to automatically reestablish the HTTP connection if it is lost. Type: bool Default: true stream.scanner The scanner used to split the stream of bytes into individual messages. Scanners are useful for processing large data sources efficiently without holding the entire data set in memory. For example, the csv scanner processes individual rows in a CSV file without loading the entire file in memory. Requires version 4.25.0 or later. Type: scanner Default: lines: {} successful_on[] A list of HTTP status codes that should be considered as successful, even if they are not 2XX codes. This is useful for handling cases where non-2XX codes indicate that the request was processed successfully, such as 303 See Other or 409 Conflict. By default, all 2XX codes are considered successful unless they are specified in backoff_on or drop_on fields. Type: int Default: [] timeout A static timeout to apply to requests. Type: string Default: 5s tls Override system defaults with custom TLS settings. Type: object tls.client_certs[] A list of client certificates to use. For each certificate, specify values for either the cert and key fields, or cert_file and key_file fields. Type: object Default: [] # Examples: client_certs: - cert: foo key: bar - cert_file: ./example.pem key_file: ./example.key tls.client_certs[].cert A plain text certificate to use. Type: string Default: "" tls.client_certs[].cert_file The path of a certificate to use. Type: string Default: "" tls.client_certs[].key A plain text certificate key to use. This field contains sensitive information that usually shouldn’t be added to a configuration directly. For more information, see Secrets. Type: string Default: "" tls.client_certs[].key_file The path of a certificate key to use. Type: string Default: "" tls.client_certs[].password A plain text password for when the private key is password encrypted in PKCS#1 or PKCS#8 format. The obsolete pbeWithMD5AndDES-CBC algorithm is not supported for the PKCS#8 format. Because the obsolete pbeWithMD5AndDES-CBC algorithm does not authenticate the ciphertext, it is vulnerable to padding oracle attacks that can let an attacker recover the plaintext. This field contains sensitive information that usually shouldn’t be added to a configuration directly. For more information, see Secrets. Type: string Default: "" # Examples: password: foo password: ${KEY_PASSWORD} tls.enable_renegotiation Whether to allow the remote server to repeatedly request renegotiation. Enable this option if you’re seeing the error message local error: tls: no renegotiation. Requires version 3.45.0 or later. Type: bool Default: false tls.enabled Whether custom TLS settings are enabled. Type: bool Default: false tls.root_cas Specify a root certificate authority to use (optional). This is a string, representing a certificate chain from the parent-trusted root certificate, through possible intermediate signing certificates, to the host certificate. This field contains sensitive information that usually shouldn’t be added to a configuration directly. For more information, see Secrets. Type: string Default: "" # Examples: root_cas: |- -----BEGIN CERTIFICATE----- ... -----END CERTIFICATE----- tls.root_cas_file Specify the path to a root certificate authority file (optional). This is a file, often with a .pem extension, which contains a certificate chain from the parent-trusted root certificate, through possible intermediate signing certificates, to the host certificate. Type: string Default: "" # Examples: root_cas_file: ./root_cas.pem tls.skip_cert_verify Whether to skip server-side certificate verification. Type: bool Default: false url The URL to connect to. This field supports interpolation functions. Type: string verb A verb to connect with. Type: string Default: GET # Examples: verb: POST verb: GET verb: DELETE Back to top × Simple online edits For simple changes, such as fixing a typo, you can edit the content directly on GitHub. Edit on GitHub Or, open an issue to let us know about something that you want us to change. Open an issue Contribution guide For extensive content updates, or if you prefer to work locally, read our contribution guide . Was this helpful? thumb_up thumb_down group Ask in the community mail Share your feedback group_add Make a contribution 🎉 Thanks for your feedback! hdfs http_server