Developer Activities

Last updated Oct 20, 2025

HTTP Request

UiPath.Web.Activities.Http.NetHttpClient

Important: This activity is available in WebAPI package versions starting with 2.0.0-preview and 2.3.0 GA. For the legacy experience, use the previous HTTP Request (legacy) activity included in WebAPI versions earlier than 2.0.0-preview.

Description

Use the HTTP Request activity in WebAPI 2.0.0-preview to automate and simplify making requests to web servers or APIs. The HTTP Request activity helps you:

Send and receive data securely between systems.
Upload files and data using forms.
Handle errors gracefully by retrying requests if something goes wrong.
Connect securely using SSL to protect data.
Manage cookies and proxies automatically to handle sessions and network restrictions.

Project compatibility

Windows | Cross-platform

Windows, Cross-platform configuration

Activity body properties
Request method *	Select how your HTTP request should interact with the server: GET—Retrieves data without modifying it. POST—Sends data to the server, usually to create or update a resource. PUT—Updates an existing resource. DELETE—Removes a specified resource from the server. HEAD—Similar to GET, but retrieves only headers without the body content. OPTIONS—Provides information about communication options available on the server. PATCH—Partially updates an existing resource. TRACE—Used for diagnostic purposes, echoing the received request back to the client.
Request URL *	Provide the web address of the server where you want to send your request. For example, `https://store.example.com/search`.
Parameters	Add server-specific details to your request as key-value pairs. For example, `query: "laptop"`, `sortBy: "price"`.
Headers	Add server-specific instructions or authentication details as key-value pairs. For example, `Authorization: "Bearer <your_access_token>"`, `Accept: "application/json"`.
Request body type *	Select the type of content you want to send to the server: None—Sends no data, usually for retrieving methods. Text—Sends data in plain text, usually for POST and PUT methods. Once selected, the following fields are displayed: Text content type—Select the format of the text you want to send in your HTTP request, so the server knows how to interpret it: text/plain—Regular plain text. text/html—HTML formatted text. text/css—CSS formatted text. text/csv—Structured data formatted as CSV. text/xml—XML formatted text, intended for humans to read. application/xml—XML formatted text, intended for applications to process. application/json—JSON formatted text. Text—Write the actual text or data you want to send in your request. Text encoding—Select the encoding format for the text payload, such as Unicode, ASCII, or ISO. This ensures the receiving server accurately reads your text payload. Form URL encoded—Sends data formatted as simple key-value pairs. Once selected, the following field is displayed: Url-encoded form data—Provide the key-value pairs. For example, `searchQuery: "Smartphone"`, `brand: "XYZ"`, `inStock: "true"`. Multipart form data—Sends files or complex data. Use it when you need to combine different data types into your request. Once selected, the following fields are displayed: Resource files—Provide the name of the files that are stored within your project as IResource objects. Local files—Provide the path to a file located on your device. For example, `"C:/Images/product-photo.jpg"`. Form data parts—Provide a collection of FormDataPart objects: TextFormDataPart— For string payloads, such as JSON or plain text. BinaryFormDataPart —For raw byte arrays. FileFormDataPart—For file streams based on a given path. For example, a FormDataPart collection using the Expression Editor: `#VB New List(Of FormDataPart) From { New TextFormDataPart("{""jsonKey"":""jsonValue""}", "textPart", Encoding.UTF8, "application/json"), New BinaryFormDataPart(Encoding.UTF8.GetBytes("binaryContent"), "binaryPart", "application/octet-stream"), New FileFormDataPart("C:/Work/testfile.txt", "filePart", "text/plain") }`#VB New List(Of FormDataPart) From { New TextFormDataPart("{""jsonKey"":""jsonValue""}", "textPart", Encoding.UTF8, "application/json"), New BinaryFormDataPart(Encoding.UTF8.GetBytes("binaryContent"), "binaryPart", "application/octet-stream"), New FileFormDataPart("C:/Work/testfile.txt", "filePart", "text/plain") } Each FormDataPart type comes with several constructors, allowing you to benefit from commonly used defaults. The activity automatically assigns the correct Content-Type header for each FileFormDataPart. You can override this header manually. For file lists, you cannot override the automatically assigned header. For resource file lists, the activity uses the available MIME type. Url-encoded form data—Provide simple key-value pairs. Binary—Sends raw data. Once selected, the following field is displayed: Binary payload—Provide the raw data payload, such as images, videos, large files, or streaming data. For example, sending an image in binary: `File.ReadAllBytes("C:/Images/product-image.jpg")`File.ReadAllBytes("C:/Images/product-image.jpg") Stream—Sends continuous data, such as uploading a large file (audio or video), when data cannot be loaded entirely into memory at once. Once selected, the following field is displayed: Local file—Provide the large file path, for example: `File.OpenRead("C:/Videos/large-video.mp4")`File.OpenRead("C:/Videos/large-video.mp4") The activity automatically assigns the correct Content-Type header for the uploaded file. You can override this header manually.

Properties panel
cURL Import and design time testing This section helps you configure the activity via the cURL code snippets, and perform design time testing of the request.	cURL Command Text—Multiline design-time text field where a full cURL command can be pasted. Supports both `cm and bash styles. cURL import button—Action button that immediately triggers parsing/import of the current cURL Command Text into the activity (method, URL, headers, body, auth, files). Test request button—Action button that executes the configured request at design time. While running, it toggles to Cancel. On completion or cancellation it reverts to Test and updates Report field with formatted response or error. Report—Multiline text area used to display the outcome of the last cURL import or design-time test execution (success summary, mapping details, warnings, or errors).
Client options This section helps you define connection-related settings.	Disable SSL verification—Skips SSL security checks. Useful for testing (True), not recommended for production (False, default). TLS protocol—Selects the TLS protocol for secure connections. Available options are Automatic (default), TLS 1.2, and TLS 1.3. Enable cookies—By default, enables automatic cookie handling (True). Set to False to disable automatic cookie handling. Client certificate—Indicates the path to the client certificate for authentication with secure APIs. For example, `"C:/certificates/client-cert.pfx"`. Client certificate secure password—Stores the secure password for the provided client certificate provided. For example, `"certPassword"`. Switch between plain and secure passwords by selecting the plus icon and choosing the desired option: Use plain string and Use secure string. Proxy configuration—Configures custom proxies, including support for authentication and bypass lists. For example, `"http://proxy.example.com:8080"`.
Authentication This section helps you define how the activity authenticates itself with the server.	Authentication—Select the authentication method. Available options are: No authentication—The server does not require user validation to accept your request. Basic authentication—Provides user validation to the receiving sever through Username and Secure Password. Switch between plain and secure passwords by selecting the plus icon and choosing the desired option: Use plain string and Use secure string. Bearer token—Provides user validation to the receiving server through a unique Bearer token generated after login. Negotiated authentication—Use the HTTP Negotiate scheme for the runtime to select Kerberos or NTLM (and optionally Digest) based on server challenges. When Authentication is set to Negotiated authentication and Use operating system credentials = True, the current OS user context is used (Windows logon token; on Linux/macOS an existing Kerberos ticket, e.g. from kinit). Set Use operating system credentials = False to enable the Custom credentials field; supply a NetworkCredential (domain / username / password or secure password).
Request options This section helps you define the behavior of the request.	Additional cookies—Manually specify extra cookies as key-value pairs. Request timeout—Specify the maximum wait time, in milliseconds, before the request aborts. Default value is 10,000 milliseconds (10 seconds). Continue on error—Decide if the automation should continue even when the activity throws an error (True, default option). To stop the automation when an error occurs, use False. Follow redirects—Decide if your request should automatically follow URL redirects provided by the server (True, default option). To ignore redirects and use the initial response, use False. Maximum redirects—Specify how many automatic redirects you request should follow before stopping. Default value is 3.
Retry policy This section helps you define the retrying mechanism in case of request failure.	Retry policy type—Specify the method for retrying requests. Available options are: No retry—Your request calls the server only once. If it fails, no further attempts occur. Basic retry—Retries the request after failures using a fixed delay. Retry count—Specify the number of times to retry. Default value is 3. Delay—Specify the fixed time between retries in milliseconds. Default value is 500 milliseconds (0.5 seconds). Use Retry-After header—Decide if the request should use the Retry-After header recommended by the server (True, default option). To ignore the Retry-After header value, use False. Delay limit—Specify the maximum allowed delay between Retry-After retries, in milliseconds. Default value is 30,000 milliseconds (30 seconds). Retry status codes—Specify the status codes that should trigger retries. Exponential backoff—Retries with increasing delays between each attempt. Retry count—Specify the number of times to retry. Default value is 3. Inital delay—Specify the delay time before the first retry, in milliseconds. Default value is 500 milliseconds (0.5 seconds). Multiplier—Specify the number used to increase the delay after each failed request. Default value is 2, which doubles the delay each time. Use jitter—For delays, decide if you want to add a random offset between 0 and 100 milliseconds to avoid synchronized retries (True, default). Use Retry-After header—Decide if the request should use the Retry-After header recommended by the server (True, default option). To ignore the Retry-After header value, use False. Delay limit—Specify the maximum allowed delay between Retry-After retries, in milliseconds. Default value is 30,000 milliseconds (30 seconds). Retry status codes—Specify the status codes that should trigger retries.
Response options This section helps you customize how the response will be returned by the server.	Always save tesponse as file—Force writing the response body to disk even when an attachment filename is not inferred. Enable debugging info—Enable extended debug capture (raw request/response metadata, headers snapshot, timing, retry details) and output to the response object or during design time testing. Output file name—Override the server-provided filename (e.g. from Content-Disposition). Output file target folder—Control destination folder for the saved response files. If the file already exists—Define collision strategy when a file with the resolved name already exists in the target folder. Options: Auto rename—Append incremental suffix (_1, _2, …) to produce a unique filename. Replace—Overwrite existing file. Stop and discard— Abort the save operation (and workflow if the exception is not handled) leaving existing file intact.
Output This section helps you capture and store the response returned by the server.	Response content—Captures the response from the server and stores it to a variable, for future processing. It includes: StatusCode—HTTP response status code. TextContent—Response as plain text (if available). BinaryContent—Raw response data for non-text content. File—Response saved as a file (ILocalResource) in your Downloads folder. The filename is from response headers or auto-generated to avoid overwriting files. Headers—All HTTP response headers. ContentHeaders—Headers specifically related to the response content. For example, Content-Type and Content-Length. RawRequestDebuggingInfo—Optional string containing captured low-level request/response details (e.g. constructed request line, headers, retries, timing) populated only when debugging is enabled; empty string otherwise.

On this page

Description
Project compatibility
Windows, Cross-platform configuration

Was this page helpful?

PREVIOUSHTTP Request (legacy)

NEXTSOAP Request

Support and Services

Get The Help You Need

UiPath Academy

Learning RPA - Automation Courses

UiPath Forum

UiPath Community Forum

Trust and Security

Cookies Policy