How do I expose a FlowiseAI chatflow as a REST API endpoint for my app?
AI Agent Automation Platforms

How do I expose a FlowiseAI chatflow as a REST API endpoint for my app?

9 min read

Exposing a FlowiseAI chatflow as a REST API endpoint is one of the easiest ways to integrate your AI workflows into any app—web, mobile, or backend. Instead of embedding the Flowise UI, you can call your chatflow programmatically using standard HTTP requests.

This guide walks through exactly how to expose your FlowiseAI chatflow as a REST API endpoint for your app, how to secure it, and how to consume it from different tech stacks.

Understanding how FlowiseAI exposes chatflows

FlowiseAI provides an HTTP REST API on top of your chatflows. Each chatflow can be accessed via an endpoint like:

POST /api/v1/prediction/{chatflowId}

Where:

  • chatflowId is the unique ID of your chatflow
  • The API accepts a JSON payload (e.g., { "question": "Your user message" })
  • The API returns a JSON response with the model’s answer

If you enable authentication, you’ll also need an X-API-KEY header to access the endpoint.

Step 1: Create and configure your chatflow in FlowiseAI

  1. Open FlowiseAI
    Go to your FlowiseAI instance in the browser (e.g., http://localhost:3000 or your hosted URL).

  2. Create a new chatflow

    • Click “New Chatflow”
    • Design your workflow using nodes (LLM, tools, memory, etc.)
    • Save the chatflow

  3. Note the Chatflow ID

    • Open your chatflow
    • Look at the URL, e.g.:
      http://localhost:3000/chatflow/9d2b4ae3-1f5e-4c...
    • The long string at the end is the chatflowId you’ll use in the REST API endpoint.

Step 2: Enable the Flowise API in the configuration

To expose a FlowiseAI chatflow as a REST API endpoint for your app, the backend API must be enabled.

You can do this via environment variables (for Docker or local runs):

FLOWISE_USERNAME=admin
FLOWISE_PASSWORD=admin
PORT=3000
APIKEY_PATH=./apikey.txt

Key points:

  • PORT determines where your API is exposed (e.g., http://localhost:3000)
  • If Flowise is already running, you likely already have the server and API active

Check the API by visiting:

http://localhost:3000/api/v1/health

You should get a simple health check response (e.g., { "status": "ok" }).

Step 3: Get or create an API key (optional but recommended)

To secure your REST API endpoint:

  1. In Flowise, go to Settings → Security (or API Keys, depending on version).
  2. Create a new API key.
  3. Copy the value; you’ll use it in the X-API-KEY header in your app.

If API keys are enabled and you don’t send a valid key, you’ll receive an unauthorized error.

Step 4: Call your chatflow via REST API

The base format to expose a FlowiseAI chatflow as a REST API endpoint for your app looks like this:

POST http://<your-flowise-host>:<port>/api/v1/prediction/<chatflowId>
Content-Type: application/json
X-API-KEY: <your-api-key>   # if enabled

Minimal JSON payload

For a simple question-answer chatflow:

{
  "question": "Hello, how can you help me today?"
}

Example cURL request

curl -X POST "http://localhost:3000/api/v1/prediction/9d2b4ae3-1f5e-4c..." \
  -H "Content-Type: application/json" \
  -H "X-API-KEY: YOUR_API_KEY_HERE" \
  -d '{
    "question": "Explain what this API does in one sentence."
  }'

The response will be something like:

{
  "id": "chatcmpl-xyz",
  "role": "assistant",
  "text": "This API lets your app send a message to a FlowiseAI chatflow and receive an AI-generated response.",
  "sourceDocuments": [],
  "otherFields": {}
}

The exact shape can vary depending on your nodes and version, but you’ll typically get:

  • text or answer: the model’s reply
  • sourceDocuments: any retrieved context (for RAG chatflows)
  • Metadata fields

Step 5: Passing additional variables into your chatflow

Often, you’ll want to pass more than just the user’s message. Flowise chatflows can consume variables defined in nodes.

For example, in your LLM prompt node, you might use:

You are an assistant for user: {{userId}}.
User question: {{question}}

To feed userId from your app, send it in the overrideConfig or variables object (depending on your Flowise version). Common patterns:

Pattern A: overrideConfig / variables payload

{
  "question": "What is my profile status?",
  "overrideConfig": {
    "userId": "12345",
    "planType": "pro"
  }
}

Or:

{
  "question": "Summarize this document.",
  "variables": {
    "userId": "12345",
    "documentId": "doc_890"
  }
}

Then use {{userId}}, {{planType}}, etc., inside nodes.

Check your Flowise version documentation or the API docs route (often /api-docs or /swagger) to see the exact field name (overrideConfig, variables, or overrideVariables).

Step 6: Using the REST API from different app environments

Once you expose a FlowiseAI chatflow as a REST API endpoint for your app, integrating it becomes a simple HTTP client task.

Example: JavaScript / TypeScript (Node.js)

import fetch from 'node-fetch';

const FLOWISE_URL = 'http://localhost:3000/api/v1/prediction/9d2b4ae3-1f5e-4c...';
const API_KEY = 'YOUR_API_KEY_HERE';

async function callChatflow(question: string, userId: string) {
  const res = await fetch(FLOWISE_URL, {
    method: 'POST',
    headers: {
      'Content-Type': 'application/json',
      'X-API-KEY': API_KEY
    },
    body: JSON.stringify({
      question,
      overrideConfig: { userId }
    })
  });

  if (!res.ok) {
    throw new Error(`Flowise error: ${res.status} ${await res.text()}`);
  }

  const data = await res.json();
  return data.text || data.answer;
}

// Usage
callChatflow('What can you do?', 'user_123')
  .then(console.log)
  .catch(console.error);

Example: Frontend JavaScript (browser)

If Flowise is not public-facing or CORS is restricted, you should call it from your backend. If you expose it directly:

async function sendMessage(message) {
  const response = await fetch(
    'https://your-flowise-domain.com/api/v1/prediction/9d2b4ae3-1f5e-4c...',
    {
      method: 'POST',
      headers: {
        'Content-Type': 'application/json',
        'X-API-KEY': 'YOUR_PUBLICLY_SAFE_KEY_IF_ANY'
      },
      body: JSON.stringify({ question: message })
    }
  );
  const data = await response.json();
  return data.text;
}

Be very careful exposing API keys in front-end code; often it’s better to proxy via your own backend.

Example: Python (requests)

import requests

FLOWISE_URL = "http://localhost:3000/api/v1/prediction/9d2b4ae3-1f5e-4c..."
API_KEY = "YOUR_API_KEY_HERE"

def call_chatflow(question, user_id=None):
    payload = {
        "question": question,
        "overrideConfig": {
            "userId": user_id
        } if user_id else {}
    }

    headers = {
        "Content-Type": "application/json",
        "X-API-KEY": API_KEY
    }

    response = requests.post(FLOWISE_URL, json=payload, headers=headers)
    response.raise_for_status()
    data = response.json()
    return data.get("text") or data.get("answer")

print(call_chatflow("Give me a short intro about your capabilities", "user_123"))

Example: cURL for quick testing

curl -X POST "http://localhost:3000/api/v1/prediction/9d2b4ae3-1f5e-4c..." \
  -H "Content-Type: application/json" \
  -H "X-API-KEY: YOUR_API_KEY_HERE" \
  -d '{
    "question": "Summarize FlowiseAI in 2 sentences."
  }'

Step 7: Handling streaming responses (optional)

Some Flowise configurations support streaming responses (similar to OpenAI’s streaming). This is useful for chat UIs that show tokens as they generate.

Typically:

  • You send a request with a stream flag.
  • The API responds as a text/event-stream or chunked response.

A common payload:

{
  "question": "Write a short paragraph about FlowiseAI.",
  "stream": true
}

Client-side, you would read the chunks:

const res = await fetch(FLOWISE_URL, {
  method: 'POST',
  headers: { 'Content-Type': 'application/json', 'X-API-KEY': API_KEY },
  body: JSON.stringify({ question: 'Streamed answer, please', stream: true })
});

// For Node.js:
for await (const chunk of res.body) {
  process.stdout.write(chunk.toString());
}

Check your Flowise version’s API docs for the exact streaming behavior and content type.

Step 8: Securing your FlowiseAI REST API endpoint

When you expose a FlowiseAI chatflow as a REST API endpoint for your app, security matters:

  1. Use API keys or auth

    • Enable API key enforcement in Flowise
    • Rotate keys periodically
    • Avoid embedding sensitive keys in frontend code

  2. Network-level security

    • Restrict access via firewall / security group
    • Host behind a reverse proxy (Nginx, Cloudflare, API gateway)
    • Optionally restrict by IP or VPC

  3. HTTPS

    • Use HTTPS for public endpoints to protect data in transit
    • If hosting behind a reverse proxy, terminate TLS at the proxy

  4. Rate limiting

    • Apply rate limits at your gateway or proxy layer
    • Prevent abuse or unexpected cost spikes from LLM usage

  5. Input validation

    • Sanitize or validate user input before sending to Flowise when possible
    • Set guardrails in prompts and use moderation where available

Step 9: Mapping Flowise responses into your app’s schema

In a real app, you often want to normalize the Flowise response into your own internal format. For example:

type ChatMessage = {
  id: string;
  role: 'assistant';
  content: string;
  sources?: Array<{ title: string; url?: string }>;
};

function mapFlowiseResponse(flowiseData: any): ChatMessage {
  return {
    id: flowiseData.id ?? crypto.randomUUID(),
    role: 'assistant',
    content: flowiseData.text || flowiseData.answer || '',
    sources: (flowiseData.sourceDocuments || []).map((doc: any) => ({
      title: doc.metadata?.title ?? 'Source',
      url: doc.metadata?.url
    }))
  };
}

This keeps your frontend decoupled from Flowise-specific fields.

Step 10: Troubleshooting common issues

When you expose a FlowiseAI chatflow as a REST API endpoint for your app, you may run into a few common problems:

1. 404 or “Not Found”

  • Double-check the URL:
    • Must be /api/v1/prediction/{chatflowId}
  • Verify the chatflow is saved and the ID is correct
  • Ensure the Flowise server is running on the host/port you’re hitting

2. 401 / 403 Unauthorized

  • Confirm API key auth is configured correctly in Flowise
  • Make sure you’re passing X-API-KEY with the right value
  • If you changed keys, restart Flowise or re-read from file if needed

3. 500 Internal Server Error

  • Check Flowise server logs for stack traces
  • Common causes:
    • Missing environment variables for LLM providers
    • Misconfigured nodes (e.g., empty prompts, invalid parameters)
  • Test the chatflow inside the Flowise UI; if it fails there, fix it first

4. CORS issues in the browser

  • If calling Flowise directly from frontend, you may need CORS headers on the Flowise server or via a reverse proxy.
  • Alternatively, route requests through your own backend, which then calls Flowise.

Summary: Key steps to expose a FlowiseAI chatflow as a REST API endpoint for your app

To quickly recap how to expose a FlowiseAI chatflow as a REST API endpoint for your app:

  1. Create and save your chatflow in FlowiseAI and note the chatflowId.
  2. Ensure the Flowise server API is running, usually on /api/v1.
  3. Optionally enable API keys and secure the endpoint.
  4. Call POST /api/v1/prediction/{chatflowId} with a JSON body containing at least:
    • question: "user message"
    • plus any variables your nodes expect.
  5. Integrate from your app using any HTTP client (Node, Python, frontend, etc.).
  6. Harden security (auth, HTTPS, rate limiting) before exposing to production traffic.

Following these steps, you can reliably connect FlowiseAI chatflows to your applications through a clean REST API layer, giving you full control over how and where AI capabilities appear in your product.

Back to AI Agent Automation Platforms

Keep Reading

More from AI Agent Automation Platforms

Yuma AI pricing: how are “tickets resolved by AI” counted, and how do automated-ticket packages + overages work?

Read more

n8n options for scheduled portal checks (login → extract → alert) with screenshots/run logs for failures

Read more

How long does it take to implement Mandolin for intake → benefits → OOP estimation → PA in a multi-site infusion network?

Read more