An API Trigger in Zoho Flow creates a unique REST API endpoint for the flow. When an external application or script makes an HTTP POST request to this endpoint with a JSON payload, the flow is triggered with the payload data. This is similar to a Webhook Trigger but is designed for direct API calls from code rather than app-to-app webhooks.
Both accept HTTP POST requests and both provide unique URLs. The distinction in Zoho Flow is primarily in intent and usage context — Webhook Triggers are designed for passive receiving of events pushed by external apps; API Triggers are designed for active calls from code or scripts. In practice, both work similarly for most integration scenarios.
Protect API Trigger endpoints by including an authentication check in the flow (verify a secret token in the request headers). Without authentication, anyone who discovers the URL can trigger your flow with arbitrary data, potentially causing unintended actions in connected systems.
Aaxonix is a certified Zoho implementation partner based in Pune. Architecture-first, no surprises.