---
title: "HTTP Client - Configuring HTTP Requests in cURL Format | ThreatConnect"
slug: "http-client-configuring-http-requests-in-curl-format"
description: "This article provides sample HTTP requests that use cURL and demonstrates how to configure each request in the HTTP Client Playbook App."
tags: ["Orchestration and Automation"]
updated: 2024-11-07T20:48:31Z
published: 2024-11-07T20:48:31Z
canonical: "knowledge.threatconnect.com/http-client-configuring-http-requests-in-curl-format"
---

> ## Documentation Index
> Fetch the complete documentation index at: https://knowledge.threatconnect.com/llms.txt
> Use this file to discover all available pages before exploring further.

# HTTP Client - Configuring HTTP Requests in cURL Format

## Overview

ThreatConnect users can leverage the **HTTP Client** Playbook App to connect to an external HTTP-based server using standard HTTP methods, customized headers, and a URL. When making HTTP requests, users may want to use [cURL](https://curl.se/), a command-line tool used for transferring data with URLs. This article provides sample HTTP requests that use cURL and demonstrates how to configure each request in the **HTTP Client**Playbook App.

## Before You Start

| Minimum Role(s) | Organization role of Standard User |
| --- | --- |
| Prerequisites | Playbooks enabled by a System Administrator |

## Adding the HTTP Client App to a Playbook

To add the **HTTP Client**App to a [Playbook](https://knowledge.threatconnect.com/docs/playbooks), click [**Apps**](https://knowledge.threatconnect.com/docs/parts-of-a-playbook)![Icon Description automatically generated](https://cdn.document360.io/dfc206c8-1c9f-4725-b74d-a66f83432320/Images/Documentation/Playbook%20Designer%20Apps%20icon.png)in the side navigation bar of the [**Playbook Designer**](https://knowledge.threatconnect.com/docs/the-playbook-designer) and select the **HTTP Client**App, which can be located by entering "http client" in the search bar or scrolling down to the **Utility**section.

## Configuring a GET Request

The following request to [ThreatConnect's TAXII 2.1 server](https://knowledge.threatconnect.com/docs/taxii-21-server) will retrieve all objects in the **Demo Organization**collection. Note the inclusion of the `limit` query parameter for pagination:

```shell
curl --location --request GET 'https://app.threatconnect.com/api/services/taxii2/v1/tc_taxii/collections/Demo%20Organization/objects?limit=5' \
--header 'Accept: application/taxii+json;version=2.1' \
--header 'Authorization: Basic <credentials>'
```

Double-click the **HTTP Client**App in the design pane of the **Playbook Designer**. The **Action**section of the **Edit App**pane will be displayed. Toggle the **Inline Steps**slider on to display all steps in the **Edit App**pane (Figure 1).

NoteTo view descriptions for each parameter in the **HTTP Client** App, click the **Display Documentation**![Icon  Description automatically generated](https://cdn.document360.io/dfc206c8-1c9f-4725-b74d-a66f83432320/Images/Documentation/Playbooks_Display%20Documentation%20icon.png)icon at the upper-right corner of the **Edit App** pane.

![Figure 1_HTTP Client - Configuring HTTP Requests in cURL Format_7.7.1](https://cdn.document360.io/dfc206c8-1c9f-4725-b74d-a66f83432320/Images/Documentation/Figure%201_HTTP%20Client%20-%20Configuring%20HTTP%20Requests%20in%20cURL%20Format_7.7.1.png)

- **Job Name**: By default, the name is **HTTP Client**. It is recommended to update the name to specify the type and nature of the HTTP request the App will submit (**TAXII 2.1: Retrieve Objects from a Collection**in this example).
- **Retry until successful completion**: Leave this checkbox cleared.
- **URL**: Enter the full URL (i.e., the endpoint) to which the HTTP request will be sent. For this request, the URL is `https://app.threatconnect.com/api/services/taxii2/v1/tc_taxii/collections/Demo%20Organization/objects`.NoteEnsure that the URL is manually encoded.
- **HTTP Method**: Select **GET**.
- **Query Parameters**: For the `limit` query parameter included in this request, set **limit**as the **Key** and **5**as the **Value**, and then click the **plus![](https://cdn.document360.io/dfc206c8-1c9f-4725-b74d-a66f83432320/Images/Documentation/Plus icon_Black.png)**icon to save it in the App.
- **Exclude Empty/Null Parameters**: Leave this checkbox cleared.
- **Headers**: For the `Accept` header included in this request, set **Accept**as the **Key**and **application/taxii+json;version=2.1** as the **Value**, and then click the **plus![](https://cdn.document360.io/dfc206c8-1c9f-4725-b74d-a66f83432320/Images/Documentation/Plus icon_Black.png)**icon to save it in the App.NoteThis request also includes an `Authorization` header; however, this header will be configured in the **Advanced Settings** parameter of the **Edit App** pane.
- **Fail for Status**: Selecting this checkbox will cause the Playbook to fail if it receives a 4*XX* or 5*XX* response status code (e.g., **400 Bad Request**). It is recommended to leave this checkbox selected.
- **Advanced Settings**: For this request, which uses [basic authentication](https://swagger.io/docs/specification/authentication/basic-authentication/), configure the settings in the accompanying table as key/value pairs. After entering the **Key** and **Value** for each setting, click the **plus**![](https://cdn.document360.io/dfc206c8-1c9f-4725-b74d-a66f83432320/Images/Documentation/Plus icon_Black.png)icon to save the pair in the App.NoteTo view a list of valid settings for the **Advanced Settings** parameter, click the **Display Documentation**![Icon  Description automatically generated](https://cdn.document360.io/dfc206c8-1c9f-4725-b74d-a66f83432320/Images/Documentation/Playbooks_Display%20Documentation%20icon.png)icon at the upper-right corner of the **Edit App** pane.

| Key | Value |
| --- | --- |
| username | The username of the TAXII user account that is authenticating with the API. |
| password | The password of the TAXII user account that is authenticating with the API. |
- **Verify SSL**: Leave this checkbox selected.
- **Use System Proxy**: Select this checkbox to use system-defined proxy servers for the request, if desired.
- Click the **SAVE**button to complete the configuration process.

The **HTTP Client**App is now configured to submit the example GET request in this section. You may also follow these steps to configure other types of API requests, such as GET, HEAD, and OPTIONS, in the **HTTP Client**App.

## Configuring a POST Request

The following request will create a Report Group named **Phishing Report** in ThreatConnect via the [ThreatConnect v3 API](https://knowledge.threatconnect.com/docs/api-documentation):

```shell
curl --location --request POST 'https://app.threatconnect.com/api/v3/groups' \
--header 'Content-Type: application/json' \
--data-raw '{
    "type": "Report",
    "name": "Phishing Report",
    "fileName": "phishing-report.pdf"
}'
```

Double-click the **HTTP Client**App in the design pane of the **Playbook Designer**. The **Action**section of the **Edit App**pane will be displayed. Toggle the **Inline Steps**slider on (orange) to display all steps in the **Edit App**pane (Figure 2).

NoteTo view descriptions for each parameter in the **HTTP Client** App, click the **Display Documentation**![Icon  Description automatically generated](https://cdn.document360.io/dfc206c8-1c9f-4725-b74d-a66f83432320/Images/Documentation/Playbooks_Display%20Documentation%20icon.png)icon at the upper-right corner of the **Edit App** pane.

![Graphical user interface, application Description automatically generated](https://cdn.document360.io/dfc206c8-1c9f-4725-b74d-a66f83432320/Images/Documentation/Figure%202_HTTP%20Client%20-%20Configuring%20HTTP%20Requests%20in%20cURL%20Format_7.7.1.png)

- **Job Name**: By default, the name is **HTTP Client**. It is recommended to update the name to specify the type and nature of the HTTP request the App will submit (**Create Report Group**in this example).
- **Retry until successful completion**: Leave this checkbox cleared.
- **URL**: Enter the full URL (i.e., the endpoint) to which the HTTP request will be sent. For this request, the URL is `https://app.threatconnect.com/api/v3/groups`.
- **HTTP Method**: Select **POST**.
- **Query Parameters**: Leave this parameter blank, as there are no query parameters included in this request.
- **Exclude Empty/Null Parameters**: Leave this checkbox cleared.
- **Headers**: For this request, configure the headers in the accompanying table as key/value pairs. After entering the **Key**and **Value**for each header, click the **plus![](https://cdn.document360.io/dfc206c8-1c9f-4725-b74d-a66f83432320/Images/Documentation/Plus icon_Black.png)**icon to save the pair in the App.

| Key | Value |
| --- | --- |
| Content-Type | application/json |
| Authorization | TC-Token @tc_token |
- **Body**: Enter the body of the POST request. For this request, the following is the request body:

```none
{"type": "Report", "name": "Phishing Report", "fileName": "phishing-report.pdf"}
```
- **URL Encode JSON Body**: Leave this checkbox cleared.
- **Multi-part Form/File Data**: Leave this parameter blank, as no form or file data are being submitted in this example.
- **Fail for Status**: Selecting this checkbox will cause the Playbook to fail if it receives a 4*XX* or 5*XX* response status code (e.g., **400 Bad Request**). It is recommended to leave this checkbox selected.
- **Advanced Settings**: Leave this parameter blank, as there are no advanced settings to configure for this example.
- **Verify SSL**: Leave this checkbox selected.
- **Use System Proxy**: Select this checkbox to use system-defined proxy servers for the request, if desired.
- Click the **SAVE** button to complete the configuration process.

The **HTTP Client**App is now configured to submit the example POST request in this section. You may also follow these steps to configure other types of API requests, such as PUT, DELETE, and PATCH, in the **HTTP Client**App.

## Configuring a PUT Request

The following request will upload a PDF to the **Phishing Report** Group created in the previous example, which has an ID of **12345**, via a Playbook that uses a [WebHook Trigger](https://knowledge.threatconnect.com/docs/playbooks-the-webhook-trigger):

```shell
curl --location --request PUT 'https://app.threatconnect.com/api/v3/groups/12345/upload' \
--header 'Content-Type: application/octet-stream' \
--data-binary '@phishing-report.pdf'
```

Double-click the **HTTP Client**App in the design pane of the **Playbook Designer**. The **Action**section of the **Edit App**pane will be displayed. Toggle the **Inline Steps**slider on (orange) to display all steps in the **Edit App**pane (Figure 3).

NoteTo view descriptions for each parameter in the **HTTP Client** App, click the **Display Documentation**![Icon  Description automatically generated](https://cdn.document360.io/dfc206c8-1c9f-4725-b74d-a66f83432320/Images/Documentation/Playbooks_Display%20Documentation%20icon.png)icon at the upper-right corner of the **Edit App** pane.

![Graphical user interface, application Description automatically generated](https://cdn.document360.io/dfc206c8-1c9f-4725-b74d-a66f83432320/Images/Documentation/Figure%203_HTTP%20Client%20-%20Configuring%20HTTP%20Requests%20in%20cURL%20Format_7.7.1.png)

- **Job Name**: By default, the name is **HTTP Client**. It is recommended to update the name to specify the type and nature of the HTTP request the App will submit (**Upload PDF to Report Group**in this example).
- **Retry until successful completion**: Leave this checkbox cleared.
- **URL**: Enter the full URL (i.e., the endpoint) to which the HTTP request will be sent. For this request, the URL is `https://app.threatconnect.com/api/v3/groups/12345/upload`.
- **HTTP Method**: Select **PUT**.
- **Query Parameters**: Leave this parameter blank, as there are no query parameters included in this example.
- **Exclude Empty/Null Parameters**: Leave this checkbox cleared.
- **Headers**: For this request, configure the headers in the accompanying table as key/value pairs. After entering the **Key**and **Value**for each header, click the **plus![](https://cdn.document360.io/dfc206c8-1c9f-4725-b74d-a66f83432320/Images/Documentation/Plus icon_Black.png)**icon to save the pair in the App.

| Key | Value |
| --- | --- |
| Content-Type | application/octet-stream |
| Authorization | TC-Token @tc_token |
- **Body**: Leave this field blank, as this example does not include a body.
- **URL Encode JSON Body**: Leave this checkbox cleared.
- [**Multi-part Form/File Data**](https://threatconnect.readme.io/docs/http-client-playbook-use-cases): For this request, which is for uploading a file coming from a WebHook Trigger, set **Filedata** as the **Key**and **#trg.http.body**as the **Value**, and then click the **plus![](https://cdn.document360.io/dfc206c8-1c9f-4725-b74d-a66f83432320/Images/Documentation/Plus icon_Black.png)**icon to save it in the App.
- **Fail for Status**: Selecting this checkbox will cause the Playbook to fail if it receives a 4*XX* or 5*XX* response status code (e.g., **400 Bad Request**). It is recommended to leave this checkbox selected.
- **Advanced Settings**: Leave this parameter blank, as there are no advanced settings to configure for this example.
- **Verify SSL**: Leave this checkbox selected.
- **Use System Proxy**: Select this checkbox to use system-defined proxy servers for the request, if desired.
- Click the **SAVE** button to complete the configuration process.

The **HTTP Client**App is now configured to submit the example PUT request in this section. You may also follow these steps to configure other types of API requests that send file or form data in **HTTP Client**App.

---

*ThreatConnect® is a registered trademark of ThreatConnect, Inc.*

20131-01 v.01.C

## Related

- [Parts of a Playbook](/parts-of-a-playbook.md)
- [The Playbook Designer](/the-playbook-designer.md)
- [The WebHook Trigger](/the-webhook-trigger.md)