# API destinations as targets in Amazon EventBridge
<a name="eb-api-destinations"></a>

EventBridge *API destinations* are HTTPS endpoints that you can invoke as the target of an event bus rule, or pipe, similar to how you invoke an AWS service or resource as a target. Using API destinations, you can route [events](eb-events.md) between AWS services, integrated software as a service (SaaS) applications, and public or private applications by using API calls. 

When you specify an API destination as a rule or pipe target, EventBridge invokes the HTTPS endpoint for any event that matches the [event pattern](eb-event-patterns.md) specified in the rule or pipe and then delivers the event information with the request. With EventBridge, you can use any HTTP method except CONNECT and TRACE for the request. The most common HTTP methods to use are PUT and POST. 

You can also use input transformers to customize the event to the parameters of a specific HTTP endpoint parameters. For more information, see [Amazon EventBridge input transformation](eb-transform-target-input.md).

![\[API destinations use a connection with authorization parameters to send events to HTTP endpoints.\]](http://docs.aws.amazon.com/eventbridge/latest/userguide/images/api-destinations-overview_eventbridge_conceptual.svg)


EventBridge API destinations use *connections* to define the authorization method and credentials and network connectivity for EventBridge to use when connecting to a given HTTPS endpoint. Connections support both public and private APIs. For more information, see [Connections](eb-target-connection.md).

**Note**  
EventBridge API destinations currently only support public domain names with publicly trusted certificates for HTTPS endpoints when using private APIs. API destinations do not support mutual TLS (mTLS).

**Important**  
EventBridge requests to an API destination endpoint must have a maximum client execution timeout of 5 seconds. If the target endpoint takes longer than 5 seconds to respond, EventBridge times out the request. EventBridge retries timed out requests up to the maximums that are configured on your retry policy.   
For event buses, by default the maximums are 24 hours and 185 times.
For pipes, retries are determined the pipe source type and its configuration. EventBridge will retry until the event expires from the source, or the maximum event age or retry attempts configured has reached.
After the maximum number of retries, events are sent to your [dead-letter queue](eb-rule-dlq.md) if you have one.Otherwise, the event is dropped.

 The following video demonstrates the use of API destinations:




## Service-linked role for API destinations
<a name="eb-api-destination-slr"></a>

When you create a connection for an API destination, the service-linked role [AmazonEventBridgeApiDestinationsServiceRolePolicy](eb-use-identity-based.md#api-destination-slr-policy) is added to your account. EventBridge uses this service-linked role to create and store a secret in Secrets Manager. To grant the necessary permissions to the service-linked role, EventBridge attaches the **AmazonEventBridgeApiDestinationsServiceRolePolicy** policy to the role. The policy limits the permissions granted to only those necessary for the role to interact with the secret for the connection. No other permissions are included, and the role can interact only with the connections in your account to manage the secret.

For more information about service-linked roles, see [Using service-linked roles](https://docs.aws.amazon.com//IAM/latest/UserGuide/using-service-linked-roles.html) in the *IAM User Guide*.

## Headers in requests to API destinations
<a name="eb-api-destination-headers"></a>

The following section details how EventBridge handles HTTP headers in requests to API destinations.

### Headers included in requests to API destinations
<a name="eb-api-destination-headers-included"></a>

In addition to the authorization headers defined for the connection used for an API destination, EventBridge includes the following headers in each request.


| Header key | Header value | 
| --- | --- | 
|  User-Agent  |  Amazon/EventBridge/ApiDestinations  | 
|  Content-Type  |  If no custom Content-Type value is specified, EventBridge includes the following default value as Content-Type: application/json; charset=utf-8  | 
|  Range  |  bytes=0-1048575  | 
|  Accept-Encoding  |  gzip,deflate  | 
|  Connection  |  close  | 
|  Content-Length  |  An entity header that indicates the size of the entity-body, in bytes, sent to the recipient.  | 
|  Host  |  A request header that specifies the host and port number of the server where the request is being sent.  | 

### Headers that cannot be overridden in requests to API destinations
<a name="eb-api-destination-headers-no-override"></a>

EventBridge does not allow you to override the following headers:
+ User-Agent
+ Range

### Headers EventBridge removes from requests to API destinations
<a name="eb-api-destination-headers-removed"></a>

EventBridge removes the following headers for all API destination requests:
+ A-IM
+ Accept-Charset
+ Accept-Datetime
+ Accept-Encoding
+ Cache-Control
+ Connection
+ Content-Encoding
+ Content-Length
+ Content-MD5
+ Date
+ Expect
+ Forwarded
+ From
+ Host
+ HTTP2-Settings
+ If-Match
+ If-Modified-Since
+ If-None-Match
+ If-Range
+ If-Unmodified-Since
+ Max-Forwards
+ Origin
+ Pragma
+ Proxy-Authorization
+ Range
+ Referer
+ TE
+ Trailer
+ Transfer-Encoding
+ User-Agent
+ Upgrade
+ Via
+ Warning

## API destination error codes
<a name="eb-api-destination-error-codes"></a>

When EventBridge tries to deliver an event to an API destination and an error occurs, EventBridge does the following:
+ Retries events associated with error codes `401`, `407`, `409`, `429`, and `5xx`.
+ Does not retry events associated with error codes `1xx`, `2xx`, `3xx`, and `4xx` (other than those noted above).

EventBridge API destinations read the standard HTTP response header `Retry-After` to find out how long to wait before making a follow-up request. For event buses, EventBridge chooses the more conservative value between the defined retry policy and the `Retry-After` header. If `Retry-After` value is negative, EventBridge stops retrying delivery for that event.

## How invocation rate affects event delivery
<a name="eb-api-destination-event-delivery"></a>

If you set the invocation rate per second to a value much lower than the number of invocations generated, events may not be delivered within the 24 hour retry time for events. For example, if you set the invocation rate to 10 invocations per second, but thousands of events per second are generated, you will quickly have a backlog of events to deliver that exceeds 24 hours. To ensure that no events are lost, set up a dead-letter queue to send events with failed invocations to so you can process the events at a later time. For more information, see [Using dead-letter queues to process undelivered events in EventBridge](eb-rule-dlq.md).

## Region availability
<a name="eb-api-destination-regions"></a>

API destinations to public HTTPS endpoints are supported in the following AWS Regions:
+ US East (N. Virginia)
+ US East (Ohio)
+ US West (N. California)
+ US West (Oregon)
+ Africa (Cape Town)
+ Asia Pacific (Hong Kong)
+ Asia Pacific (Tokyo)
+ Asia Pacific (Seoul)
+ Asia Pacific (Osaka)
+ Asia Pacific (Mumbai)
+ Asia Pacific (Hyderabad)
+ Asia Pacific (Singapore)
+ Asia Pacific (Sydney)
+ Asia Pacific (Jakarta)
+ Canada (Central)
+ China (Beijing)
+ China (Ningxia)
+ Europe (Frankfurt)
+ Europe (Zurich)
+ Europe (Stockholm)
+ Europe (Milan)
+ Europe (Spain)
+ Europe (Ireland)
+ Europe (London)
+ Europe (Paris)
+ Middle East (UAE)
+ Middle East (Bahrain)
+ South America (São Paulo)

# Create an API destination in Amazon EventBridge
<a name="eb-api-destination-create"></a>

Creating an API destination enables you to specify an HTTP endpoint as the target of a rule.

Each API destination requires a connection. A *connection* specifies the authorization type and credentials to use to authorize with the API destination endpoint. You can choose an existing connection, or create a connection at the same time that you create the API destination. For more information, see [Connections for API targets in Amazon EventBridge](eb-target-connection.md)

**To create an API destination using the EventBridge console**

1. Log in to AWS using an account that has permissions to manage EventBridge and open the [EventBridge console](https://console.aws.amazon.com/events).

1. In the left navigation pane, choose **API destinations**.

1. Scroll down to the **API destinations** table, and then choose **Create API destination**.

1. On the **Create API destination** page, enter a **Name** and Description for the API destination. 

   The name must be unique to your account in the current Region. You can use up to 64 uppercase or lowercase letters, numbers, dot (.), dash (-), or underscore (\$1) characters.
**Important**  
When creating a new API destination for your connection, ensure that the connection reaches the AUTHORIZED state before creating the API destination.

1. Enter an **API destination endpoint** for the API destination. 

   The **API destination endpoint** is an HTTP invocation endpoint target for events. The authorization information you include in the connection used for this API destination is used to authorize against this endpoint. The URL must use HTTPS.

1. Enter the **HTTP method** to use to connect to the **API destination endpoint**.

1. (Optional) For **Invocation rate limit per second** field, enter the maximum number of invocations per second to send to the API destination endpoint.

   The rate limit you set may affect how EventBridge delivers events. For more information, see [How invocation rate affects event delivery](eb-api-destinations.md#eb-api-destination-event-delivery).

1. For **Connection**, do one of the following:
   + Choose **Use an existing connection**, and then select the connection to use for this API destination.
   + Choose **Create a new connection**, and then enter the details for the connection to create. 

     For detailed instructions, see [Creating connections](eb-target-connection-create.md).

1. Choose **Create**.

# Creating rules that send events to an API destination in EventBridge
<a name="eb-create-rule-api-destination-target"></a>

After you create an API destination, you can select it as the target of a [rule](eb-rules.md). To use an API destination as a target, you must provide an IAM role with the correct permissions. For more information, see [Permissions required for EventBridge to access targets using IAM roles](eb-events-iam-roles.md#eb-target-permissions)

Selecting an API destination as a target is part of creating the rule.

**To create a rule that sends events to an API destination using the console**

1. Follow the steps in the [Creating rules in Amazon EventBridge](eb-create-rule-visual.md) procedure.

1. In the [Select targets](eb-create-rule-wizard.md#eb-create-rule-target) step, when prompted to choose an API destination as the target type:

   1. Select **EventBridge API destination**.

   1. Do one of the following:
      + Choose **Use an existing API destination** and select an existing API destination
      + Choose **Create a new API destination** and specify the necessary setting to define your new API destination.

        For more information on specifying the required settings, see [Create an API destination in Amazon EventBridge](eb-api-destination-create.md).

   1. (Optional): To specify header parameters for the event, under **Header Parameters** choose **Add header parameter**.

      Next, specify the key and value for the header parameter.

   1. (Optional): To specify query string parameters for the event, under **Query string parameters** choose **Add query string parameter**.

      Next, specify the key and value for the query string parameter.

1. Complete creating the rule following the [procedure steps](eb-create-rule-visual.md).

# Sending CloudEvents events to API destinations
<a name="eb-api-destinations-cloudevents"></a>

CloudEvents is a vendor-neutral specification for event formatting, with the goal of providing interoperability across services, platforms and systems. You can use EventBridge to transform AWS service events to CloudEvents before they are sent to a target, such as an API destination.

**Note**  
The following procedure explains how to transform source events into *structured-mode* CloudEvents. In the CloudEvents specification, a structured-mode message is one where the entire event (attributes and data) is encoded into the payload of the event.

For more information on the CloudEvents specification, see [cloudevents.io](https://cloudevents.io/).

**To transform AWS events to the CloudEvents format using the console**

To transform events to the CloudEvents format prior to delivery to a target, you start by creating an event bus rule. As part of defining the rule, you use an input transformer to have EventBridge transform events prior to sending to the target you specify.

1. Follow the steps in the [Creating rules in Amazon EventBridge](eb-create-rule-visual.md) procedure.

1. In the [Select targets](eb-create-rule-wizard.md#eb-create-rule-target) step, when prompted to choose an API destination as the target type:

   1. Select **EventBridge API destination**.

   1. Do one of the following:
      + Choose **Use an existing API destination** and select an existing API destination
      + Choose **Create a new API destination** and specify the necessary setting to define your new API destination.

        For more information on specifying the required settings, see [Create an API destination in Amazon EventBridge](eb-api-destination-create.md).

   1. Specify the necessary Content-Type header parameters for the CloudEvents events:
      + Under **Header Parameters** choose **Add header parameter**.
      + For **key**, specify `Content-Type`. 

        For **value**, specify `application/cloudevents+json; charset=UTF-8`.

1. Specify an execution role for your target.

1. Define an input transformer to transform the source event data into the CloudEvents format:

   1. Under **Additional settings**, for **Configure target input**, choose **Input transformer**.

      Then choose **Configure input transformer**.

   1. Under **Target input transformer**, specify the **Input path**.

      In the input path below, the region attribute is a custom *extension attribute* of the CloudEvents format. As such it is not required for adherence to the CloudEvents specification.

      CloudEvents allows you to use and create extension attributes not defined in the core specification. For more information, including a list of known extension attributes, see [CloudEvents Extension Attributes](https://github.com/cloudevents/spec/tree/main/cloudevents/extensions) in the [CloudEvents specification documentation](https://github.com/cloudevents/spec/tree/main) on GitHub.

      ```
      {
        "detail": "$.detail",
        "detail-type": "$.detail-type",
        "id": "$.id",
        "region": "$.region",
        "source": "$.source",
        "time": "$.time"
      }
      ```

   1. For **Template**, enter the template to transform the source event data to the CloudEvents format. 

      In the template below, `region` is not strictly required, since the `region` attribute in the input path is an extension attribute to the CloudEvents specification.

      ```
      {
        "specversion":"1.0",
        "id":<id>,
        "source":<source>,
        "type":<detail-type>,
        "time":<time>,
        "region":<region>,
        "data":<detail>
      }
      ```

1. Complete creating the rule following the [procedure steps](eb-create-rule-visual.md).

# API destination partners in Amazon EventBridge
<a name="eb-api-destination-partners"></a>

Use the information provided by the following AWS Partners to configure an API destination and connection for their service or application.

## Cisco Cloud Observability
<a name="eb-api-destination-cisco-cloud-observability"></a>

**API destination invocation endpoint URL:**  
`https://tenantName.observe.appdynamics.com/rest/awsevents/aws-eventbridge-integration/endpoint`

**Supported authorization types:**   
OAuth client credentials  
OAuth tokens are refreshed when a 401 or 407 response is returned

**Additional authorization parameters required:**  
Cisco AppDynamics Client ID and Client Secret  
OAuth endpoint:  
`https://tenantName.observe.appdynamics.com/auth/tenantId/default/oauth2/token`  
The following OAuth key/value pair parameters:      
[\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/eventbridge/latest/userguide/eb-api-destination-partners.html)

**Cisco AppDynamics documentation:**  
[AWS events ingestion](https://docs.appdynamics.com/display/CLOUD/AWS+Events+Ingestion)

**Commonly used API operations:**  
Not applicable

**Additional information:**  
Choosing **Cisco AppDynamics** from the **Partner destinations** drop-down menu prefills the necessary OAuth information, including the header and body key/value pairs required for API calls.  
For additional information, see [AWS events ingestion](https://docs.appdynamics.com/display/CLOUD/AWS+Events+Ingestion) in the *Cisco AppDynamics* documentation.

## Confluent
<a name="api-destination-confluent"></a>

**API destination invocation endpoint URL:**  
Typically the following format:  
`https://random-id.region.aws.confluent.cloud:443/kafka/v3/clusters/cluster-id/topics/topic-name/records`  
For more information, see [Find the REST endpoint address and cluster ID](https://docs.confluent.io/cloud/current/kafka-rest/krest-qs.html#step-1-find-the-rest-endpoint-address-and-cluster-id) in the Confluent documentation.

**Supported authorization types:**   
Basic

**Additional authorization parameters required:**  
Not applicable

**Confluent documentation:**  
[Produce Records](https://docs.confluent.io/cloud/current/api.html#tag/Records-(v3)/operation/produceRecord)  
[Confluent REST Proxy for Apache Kafka](https://docs.confluent.io/platform/current/kafka-rest/api.html#records-v3)

**Commonly used API operations:**  
`POST`

**Additional information:**  
To transform the event data into a message that the endpoint can process, create a target [input transformer](eb-transform-target-input.md).  
+ To generate a record without specifying a Kafka partitioning key, use the following template for your input transformer. No input path is required. 

  ```
  {
    "value":{
        "type":"JSON",
        "data":aws.events.event.json
    },
  }
  ```
+ To generate a record using an event data field as the Kafka partitioning key, follow the input path and template example below. This example defines the input path for the `orderId` field, and then specifies that field as the partition key.

  First, define the input path for the event data field:

  ```
  {
    "orderId":"$.detail.orderId"
  }
  ```

  Then, use the input transformer template to specify the data field as the partition key:

  ```
  {
    "value":{
      "type":"JSON",
      "data":aws.events.event.json
    },
    "key":{
      "data":"<orderId>",
      "type":"STRING"
    }
  }
  ```

## Coralogix
<a name="eb-api-destination-coralogix"></a>

**API destination invocation endpoint URL**  
For a full list of endpoints, see [Coralogix API Reference](https://coralogix.com/docs/log-query-simply-retrieve-data/).

**Supported authorization types**   
API Key

**Additional authorization parameters required**  
Header `"x-amz-event-bridge-access-key"`, the value is the Coralogix API Key

**Coralogix documentation**  
[Amazon EventBridge authentication](https://coralogix.com/docs/amazon-eventbridge/)

**Commonly used API operations**  
US: https://ingress.coralogix.us/aws/event-bridge  
Singapore: https://ingress.coralogixsg.com/aws/event-bridge  
Ireland: https://ingress.coralogix.com/aws/event-bridge  
Stockholm: https://ingress.eu2.coralogix.com/aws/event-bridge  
India: https://ingress.coralogix.in/aws/event-bridge

**Additional information**  
The events are stored as log entries with `applicationName=[AWS Account]` and `subsystemName=[event.source]`.

## Datadog
<a name="eb-api-destination-datadog"></a>

**API destination invocation endpoint URL**  
For a full list of endpoints, see [Datadog API Reference](https://docs.datadoghq.com/api/latest/).

**Supported authorization types**   
API Key

**Additional authorization parameters required**  
None

**Datadog documentation**  
[Authentication](https://docs.datadoghq.com/api/latest/authentication/)

**Commonly used API operations**  
POST https://api.datadoghq.com/api/v1/events  
POST https://http-intake.logs.datadoghq.com/v1/input

**Additional information**  
Endpoint URLs differ depending on the location of your Datadog organization. For the correct URL for your organization, see [documentation](https://docs.datadoghq.com/api/latest/).

## Dynatrace
<a name="api-destination-dynatrace"></a>

**API destination invocation endpoint URL:**  
+ Logs: https://*environment-id*.live.dynatrace.com/api/v2/logs/ingest
+ Davis events: https://*environment-id*.live.dynatrace.com/platform/ingest/v1/events
+ SDLC events: https://*environment-id*.live.dynatrace.com/platform/ingest/v1/events.sdlc
+ Security events: https://*environment-id*.live.dynatrace.com/platform/ingest/v1/events.security

**Supported authorization types:**   
API Key

**Additional authorization parameters required:**      
[\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/eventbridge/latest/userguide/eb-api-destination-partners.html)

**Dynatrace documentation:**  
+ [Log ingestion](https://docs.dynatrace.com/docs/observe-and-explore/logs/lma-log-ingestion)
+ [How to ingest data (events)](https://docs.dynatrace.com/docs/platform/openpipeline/getting-started/how-to-ingestion)
+ [Ingest Amazon ECR vulnerability findings and scan events](https://docs.dynatrace.com/docs/platform-modules/application-security/security-events-ingest/ingest-aws-ecr-data)

**Commonly used API operations:**  
POST

**Additional information:**  
Each endpoint type has its token scope, which is required for successful authentication. For more information, see [Ingestion APIs](https://docs.dynatrace.com/docs/platform/openpipeline/reference/api-ingestion-reference) in the Dynatrace documentation.

## Freshworks
<a name="eb-api-destination-freshworks"></a>

**API destination invocation endpoint URL**  
For a list of endpoints, see [https://developers.freshworks.com/documentation/](https://developers.freshworks.com/documentation/)

**Supported authorization types**   
Basic, API Key

**Additional authorization parameters required**  
Not applicable

**Freshworks documentation**  
[Authentication](https://developers.freshdesk.com/api/#authentication)

**Commonly used API operations**  
https://developers.freshdesk.com/api/\$1create\$1ticket  
https://developers.freshdesk.com/api/\$1update\$1ticket  
https://developer.freshsales.io/api/\$1create\$1lead  
https://developer.freshsales.io/api/\$1update\$1lead

**Additional information**  
None

## MongoDB
<a name="eb-api-destination-mongodb"></a>

**API destination invocation endpoint URL**  
https://data.mongodb-api.com/app/*App ID*/endpoint/

**Supported authorization types**   
API Key  
Email/Password  
Custom JWT Authentication

**Additional authorization parameters required**  
None

**MongoDB documentation**  
[Atlas Data API](https://www.mongodb.com/docs/atlas/app-services/data-api/)  
[Endpoints](https://www.mongodb.com/docs/atlas/app-services/data-api/generated-endpoints/#endpoints)  
[Custom HTTPS Endpoints](https://www.mongodb.com/docs/atlas/app-services/data-api/custom-endpoints/)  
[Authentication](https://www.mongodb.com/docs/atlas/app-services/data-api/generated-endpoints/#authentication)

**Commonly used API operations**  
None

**Additional information**  
None

## Momento
<a name="api-destination-momento"></a>

**API destination invocation endpoint URL:**  
https://api.cache.*region*.prod.a.momentohq.com/cache/*cacheName*  
https://api.cache.*region*.prod.a.momentohq.com/topics/*cacheName*/*topicName*

**Supported authorization types:**   
API Key

**Additional authorization parameters required:**      
[\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/eventbridge/latest/userguide/eb-api-destination-partners.html)

**Momento documentation:**  
[Momento \$1 Amazon EventBridge](https://docs.momentohq.com/cache/integrations/amazon-eventbridge)  
[Using the Momento Topics API](https://docs.momentohq.com/topics/develop/api-reference)  
[API reference for Momento Cache](https://docs.momentohq.com/cache/develop/api-reference)

**Commonly used API operations:**  
For caches: `PUT`, `DELETE`  
For topics: `POST`

**Additional information:**  
When updating or deleting a cache, include the following query string parameters in the configuration of your rule target:   
+ The key you want to update in your Momento cache
+ The Time-To-Live (TTL) for the cache item
For example, if your input event included a `details` field with those values:  
`key: $.details.key ttl_seconds: $.details.ttl_seconds`

## New Relic
<a name="api-destination-new-relic"></a>

**API destination invocation endpoint URL**  
For more information, see [Our EU and US region data centers](https://docs.newrelic.com/docs/using-new-relic/welcome-new-relic/get-started/our-eu-us-region-data-centers/).  
**Events**  
**US–** https://insights-collector.newrelic.com/v1/accounts/*YOUR\$1NEW\$1RELIC\$1ACCOUNT\$1ID*/events  
**EU–** https://insights-collector.eu01.nr-data.net/v1/accounts/*YOUR\$1NEW\$1RELIC\$1ACCOUNT\$1ID*/events  
**Metrics**  
**US–** https://metric-api.newrelic.com/metric/v1  
**EU–** https://metric-api.eu.newrelic.com/metric/v1  
**Logs**  
**US–** https://log-api.newrelic.com/log/v1  
**EU–** https://log-api.eu.newrelic.com/log/v1  
**Traces**  
**US–** https://trace-api.newrelic.com/trace/v1  
**EU–** https://trace-api.eu.newrelic.com/trace/v1

**Supported authorization types**   
API Key

**New Relic documentation**  
[Metric API](https://docs.newrelic.com/docs/telemetry-data-platform/ingest-manage-data/ingest-apis/report-metrics-metric-api/)  
[Event API](https://docs.newrelic.com/docs/telemetry-data-platform/ingest-manage-data/ingest-apis/introduction-event-api/)  
[Log API](https://docs.newrelic.com/docs/logs/log-management/log-api/introduction-log-api/)  
[Trace API](https://docs.newrelic.com/docs/understand-dependencies/distributed-tracing/trace-api/introduction-trace-api/)

**Commonly used API operations**  
[Metric API](https://docs.newrelic.com/docs/telemetry-data-platform/ingest-manage-data/ingest-apis/report-metrics-metric-api/)  
[Event API](https://docs.newrelic.com/docs/telemetry-data-platform/ingest-manage-data/ingest-apis/introduction-event-api/)  
[Log API](https://docs.newrelic.com/docs/logs/log-management/log-api/introduction-log-api/)  
[Trace API](https://docs.newrelic.com/docs/understand-dependencies/distributed-tracing/trace-api/introduction-trace-api/)

**Additional information**  
[Metric API limits](https://docs.newrelic.com/docs/telemetry-data-platform/get-data/apis/metric-api-limits-restricted-attributes/)  
[Event API limits](https://docs.newrelic.com/docs/telemetry-data-platform/ingest-manage-data/ingest-apis/introduction-event-api/#limits)  
[Log API limits](https://docs.newrelic.com/docs/logs/log-management/log-api/introduction-log-api/#limits)  
[Trace API limits](https://docs.newrelic.com/docs/understand-dependencies/distributed-tracing/trace-api/trace-api-general-requirements-limits/)

## Operata
<a name="api-destination-operata"></a>

**API destination invocation endpoint URL:**  
https://api.operata.io/v2/aws/events/contact-record

**Supported authorization types:**   
Basic

**Additional authorization parameters required:**  
None

**Operata documentation:**  
[How do I create, view, change and revoke API Tokens?](https://help.operata.com/en/articles/5542797-how-do-i-create-view-change-and-revoke-api-tokens)  
[Operata AWS Integration using Amazon EventBridge Scheduler Pipes](https://docs.operata.com/docs/aws-integration)

**Commonly used API operations:**  
`POST https://api.operata.io/v2/aws/events/contact-record`

**Additional information:**  
The `username` is the Operata Group ID and the password is your API token.

## Salesforce
<a name="api-destination-salesforce"></a>

**API destination invocation endpoint URL**  
**Sobject–** https:// *myDomainName*.my.salesforce.com/services/data/*versionNumber*/sobjects /*SobjectEndpoint*/\$1  
**Custom platform events–** https://*myDomainName*.my.salesforce.com/services/data /*versionNumber*/sobjects/*customPlatformEndpoint*/\$1  
For a full list of endpoints, see [Salesforce API Reference](https://developer.salesforce.com/docs/atlas.en-us.api_rest.meta/api_rest/resources_list.htm)

**Supported authorization types**   
OAuth client credentials  
OAUTH tokens are refreshed when a 401 or 407 response is returned.

**Additional authorization parameters required**  
[Salesforce Connected App](https://developer.salesforce.com/docs/atlas.en-us.api_rest.meta/api_rest/intro_oauth_and_connected_apps.htm) Client Id and Client Secret.  
One of the following authorization endpoints:  
+ **Production–** https://*MyDomainName*.my.salesforce.com./services/oauth2/token
+ **Sandbox without enhanced domains–** https://*MyDomainName*--* SandboxName*.my. salesforce.com/services /oauth2/token
+ **Sandbox with enhanced domains–** https://*MyDomainName*--* SandboxName*.sandbox.my.salesforce.com/services/oauth2/token
The following key/value pair:      
[\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/eventbridge/latest/userguide/eb-api-destination-partners.html)

**Salesforce documentation**  
[REST API Developer Guide](https://developer.salesforce.com/docs/atlas.en-us.api_rest.meta/api_rest/intro_what_is_rest_api.htm)

**Commonly used API operations**  
[Working with Object Metadata](https://developer.salesforce.com/docs/atlas.en-us.api_rest.meta/api_rest/using_resources_working_with_object_metadata.htm)  
[Working with Records](https://developer.salesforce.com/docs/atlas.en-us.api_rest.meta/api_rest/using_resources_working_with_records.htm)

**Additional information**  
For a tutorial explaining how to use the EventBridge console to create a connection to Salesforce, an API Destination, and a rule to route information to Salesforce, see [Tutorial: Send events to Salesforce from Amazon EventBridge](eb-tutorial-salesforce.md).

## Slack
<a name="eb-api-destination-slack"></a>

**API destination invocation endpoint URL**  
For a list of endpoints and other resources, see [Using the Slack Web API](https://api.slack.com/web)

**Supported authorization types**   
OAuth 2.0  
OAUTH tokens are refreshed when a 401 or 407 response is returned.  
When you create a Slack application and install it to your workspace, an OAuth bearer token will be created on your behalf to be used for authenticating calls by your API destination connection.

**Additional authorization parameters required**  
Not applicable

**Slack documentation**  
[Basic app setup](https://api.slack.com/authentication/basics)  
[Installing with OAuth](https://api.slack.com/authentication/oauth-v2)  
[Retrieving messages](https://api.slack.com/messaging/retrieving)  
[Sending messages](https://api.slack.com/messaging/sending)  
[Sending messages using Incoming Webhooks](https://api.slack.com/messaging/webhooks)

**Commonly used API operations**  
https://slack.com/api/chat.postMessage

**Additional information**  
When configuring your EventBridge rule there are two configurations to highlight:  
+ Include a header parameter that defines the content type as “application/json;charset=utf-8”.
+ Use an input transformer to map the input event to the expected output for the Slack API, namely ensure that the payload sent to the Slack API has “channel” and “text” key/value pairs.

## Shopify
<a name="eb-api-destination-shopify"></a>

**API destination invocation endpoint URL**  
For a list of endpoints and other resouces and methods, see [Endpoints and requests](https://shopify.dev/api/admin-rest#endpoints)

**Supported authorization types**   
OAuth, API Key  
OAUTH tokens are refreshed when a 401 or 407 response is returned.

**Additional authorization parameters required**  
Not applicable

**Shopify documentation**  
[Authentication and authorization overview](https://shopify.dev/apps/auth)

**Commonly used API operations**  
POST - /admin/api/2022-01/products.json  
GET - admin/api/2022-01/products/\$1product\$1id\$1.json  
PUT - admin/api/2022-01/products/\$1product\$1id\$1.json  
DELETE - admin/api/2022-01/products/\$1product\$1id\$1.json

**Additional information**  
[Create an app](https://shopify.dev/apps/getting-started/create)  
[Amazon EventBridge webhook delivery](https://shopify.dev/apps/webhooks/configuration/eventbridge)  
[Access tokens for custom apps in the Shopify admin](https://shopify.dev/apps/auth/admin-app-access-tokens)  
[Product](https://shopify.dev/api/admin-rest/2021-10/resources/product#top)  
[Shopify Admin API](https://shopify.dev/api/admin)

## Splunk
<a name="api-destination-splunk"></a>

**API destination invocation endpoint URL**  
https://*SPLUNK\$1HEC\$1ENDPOINT*:*optional\$1port*/services/collector/raw

**Supported authorization types**   
Basic, API Key

**Additional authorization parameters required**  
None

**Splunk documentation**  
For both authorization types, you need an HEC token ID. For more information, see [Set up and use HTTP Event Collector in Splunk Web](https://help.splunk.com/en/data-management/collect-http-event-data/use-hec-in-splunk-cloud-platform/set-up-and-use-http-event-collector-in-splunk-web).

**Commonly used API operations**  
POST https://*SPLUNK\$1HEC\$1ENDPOINT*:*optional\$1port*/services/collector/raw

**Additional information**  
API Key – When configuring the endpoint for EventBridge, the API key name is “Authorization” and value is the Splunk HEC token ID.  
Basic (Username/Password) – When configuring the endpoint for EventBridge, the username is “Splunk” and the password is the Splunk HEC token ID.

## Sumo Logic
<a name="api-destination-sumologic"></a>

**API destination invocation endpoint URL**  
HTTP Log and Metric Source endpoint URLs will be different for every user. For more information, see [ HTTP Logs and Metrics Source](https://help.sumologic.com/03Send-Data/Sources/02Sources-for-Hosted-Collectors/HTTP-Source).

**Supported authorization types**   
Sumo Logic doesn’t require authentication on their HTTP Sources because there’s a unique key baked into the URL. For this reason, you should make sure to treat that URL as a secret.  
When you configure the EventBridge API destination, an authorization type is required. To meet this requirement, select API Key and give it a key name of “dummy-key” and a key value of “dummy-value”.

**Additional authorization parameters required**  
Not applicable

**Sumo Logic documentation**  
Sumo Logic has already built hosted sources to collect logs and metrics from many AWS services and you can use the information on their website to work with those sources. For more information, see [Amazon Web Services](https://help.sumologic.com/03Send-Data/Sources/02Sources-for-Hosted-Collectors/Amazon-Web-Services).  
If you’re generating custom events from an application and want to send them to Sumo Logic as either logs or metrics, then use EventBridge API Destinations and Sumo Logic HTTP Log and Metric Source endpoints.  
+ To sign up and create a free Sumo Logic instance, see [Start your free trial today](https://www.sumologic.com/sign-up/).
+ For more information about using Sumo Logic, see [ HTTP Logs and Metrics Source](https://help.sumologic.com/03Send-Data/Sources/02Sources-for-Hosted-Collectors/HTTP-Source).

**Commonly used API operations**  
POST https://endpoint4.collection.us2.sumologic.com/receiver/v1/http/*UNIQUE\$1ID\$1PER\$1COLLECTOR*

**Additional information**  
None

## TriggerMesh
<a name="eb-api-destination-triggermesh"></a>

**API destination invocation endpoint URL**  
Use the information in the [Event Source for HTTP](https://docs.triggermesh.io/concepts/sources) topic to formulate the endpoint URL. An endpoint URL includes the event source name and user namespace in the following format:  
https://*source-name*.*user-namespace*.cloud.triggermesh.io  
Include the Basic authorization parameters in the request to the endpoint.

**Supported authorization types**   
Basic

**Additional authorization parameters required**  
None

**TriggerMesh documentation**  
[Event Source for HTTP](https://docs.triggermesh.io/concepts/sources)

**Commonly used API operations**  
Not applicable

**Additional information**  
None

## Zendesk
<a name="eb-api-destination-zendesk"></a>

**API destination invocation endpoint URL**  
https://developer.zendesk.com/rest\$1api/docs/support/tickets

**Supported authorization types**   
Basic, API Key

**Additional authorization parameters required**  
None

**Zendesk documentation**  
[Security and Authentication](https://developer.zendesk.com/rest_api/docs/support/introduction#security-and-authentication)

**Commonly used API operations**  
POST https://*your\$1Zendesk\$1subdomain*/api/v2/tickets

**Additional information**  
API requests EventBridge makes count against your Zendesk API limits. For information about Zendesk limits for your plan, see [Usage limits](https://developer.zendesk.com/rest_api/docs/support/usage_limits).   
To better safeguard your account and data, we recommend using an API key rather than basic sign-in credentials authentication.