A request trigger makes a Logic Apps workflow callable from another system over HTTPS. Instead of waiting for a schedule or connector event, the workflow starts when someone sends a request to its generated endpoint. The request can carry JSON, headers, query parameters, and path values. Teams use it when a workflow needs to behave like a lightweight API, webhook target, or automation receiver. It is powerful, but the endpoint URL and authentication model must be protected like a secret-backed service entry point.
Logic Apps Request trigger, When an HTTP request is received, HTTP request trigger, request-based trigger, callable workflow endpoint
Difficulty
intermediate
CLI mappings
5
Last verified
2026-05-22T04:15:00Z
Microsoft Learn
In Azure Logic Apps, the Request built-in trigger starts a workflow when an HTTPS request reaches its generated endpoint. It can validate an optional JSON schema, expose a callback URL, and pair with a Response action when the workflow needs to behave like an API. securely.
In Azure architecture, a request trigger sits at the integration boundary of a Logic Apps workflow. It is part control-plane definition, part runtime endpoint. The workflow definition contains the trigger and optional schema, while Azure generates a callback URL after the workflow is saved or deployed. Standard and Consumption logic apps differ in hosting and networking options, but the design problem is similar: callers, authentication, request shape, response behavior, run history, API Management fronting, private networking, and monitoring all shape whether the endpoint is safe and reliable.
Why it matters
Request triggers matter because they turn automation into an externally callable surface. That is useful when systems need to submit claims, alerts, orders, approvals, or operational events without building a full custom API. It is also risky when teams copy the callback URL into emails, logs, client apps, or long-lived configuration. A request trigger can become a hidden integration hub that no one documents until a partner call starts failing. Understanding this term helps architects decide when Logic Apps is the right receiver, how to validate payloads, how to secure the endpoint, and how to monitor workflow runs before integration failures become business outages. It becomes a contract.
⌁
Where you see it
Signals, screens, and Azure surfaces where this term usually becomes operational.
Signal 01
In the Logic Apps designer, the trigger appears as When an HTTP request is received, with optional JSON schema, generated HTTP URL fields, and method settings.
Signal 02
In workflow JSON, the triggers object contains a Request type definition, schema inputs, method behavior, relative paths, and names used by deployment automation and source control.
Signal 03
In run history and diagnostic logs, each inbound call creates a workflow run with trigger inputs, status, caller metadata, start time, duration, and downstream action results.
✦
When this becomes relevant
Specific situations where this term helps solve real Azure design, operations, migration, security, reliability, cost, or governance problems.
Expose a controlled HTTPS endpoint for another system to submit orders, alerts, claims, or approval requests into a workflow.
Build a lightweight webhook receiver that validates JSON and routes events without deploying a custom web API.
Put API Management in front of a request-triggered workflow to enforce authentication, throttling, versioning, and caller analytics.
Accept monitoring alerts or Event Grid-style payloads and fan out remediation steps through Logic Apps connectors.
Create callable child workflows so multiple integration processes can reuse one validated orchestration pattern.
◆
Real-world case studies
Different enterprise-style examples that show the term being used to hit measurable objectives.
Case study 01
Airport operations routes gate-change alerts through workflows
Scenario, objectives, solution, measured impact, and takeaway.
📌Scenario
RunwayBridge managed gate-change notifications for several airport tenants. Operations teams needed an HTTPS endpoint that partners could call when aircraft assignments changed, but a custom API backlog was blocking delivery.
🎯Business/Technical Objectives
Receive partner gate-change payloads without building a new web service.
Validate payload shape before notifying ground crews and display systems.
Return a clear response status within the partner timeout window.
Keep request evidence available for incident review.
✅Solution Using Request trigger
Integration architects created a Logic Apps workflow that started with a Request trigger and required a JSON schema for flight, gate, terminal, and event timestamp fields. API Management fronted the trigger URL, applied subscription validation, and logged caller identity. The workflow responded immediately after validation, then continued asynchronous updates to Teams, Service Bus, and terminal display APIs. Azure CLI and az rest were used in deployment validation to confirm the workflow, trigger name, and callback URL operation without pasting secrets into release notes. Failed runs were routed to an operations workbook for replay decisions. The team documented retry behavior with each partner before enabling production traffic.
📈Results & Business Impact
Partner onboarding finished three weeks earlier than the custom API estimate.
Invalid payloads were rejected before downstream systems changed gate displays.
Median caller response time stayed under 600 milliseconds during schedule disruptions.
Incident review time fell by 65 percent because each request-triggered run kept a clear payload and action trail.
💡Key Takeaway for Glossary Readers
A request trigger is a practical API edge when workflow orchestration matters more than custom application code.
Scenario, objectives, solution, measured impact, and takeaway.
📌Scenario
NorthHarbor Mutual received repair-estimate files through shared inboxes, then manually launched claim workflows. Missing attachments and duplicate emails caused adjusters to lose time on avoidable triage.
🎯Business/Technical Objectives
Accept claim-intake requests directly from partner repair systems.
Prevent duplicate processing when partners retry after timeout.
Keep sensitive request data out of broad mailbox access.
✅Solution Using Request trigger
The claims platform team built a Logic Apps workflow with a Request trigger protected behind API Management and partner-specific keys. The trigger schema rejected incomplete payloads, while the workflow checked idempotency against a storage table before starting document retrieval. A Response action returned the intake tracking identifier immediately, and longer document checks continued asynchronously. The generated callback URL was stored only in protected deployment automation, not partner documentation. Operators used CLI to list recent runs, confirm workflow state, and export failure summaries for partner-review meetings. Run-history access was limited to claims operations and security administrators. Dispatch operators received a dashboard showing accepted callbacks, rejected callbacks, and partner-specific retries.
📈Results & Business Impact
Manual email triage volume dropped by 71 percent in the first month.
Duplicate claim workflows fell from 19 per week to two because idempotency ran immediately after the trigger.
Incomplete repair-estimate submissions were rejected with actionable response messages.
Sensitive intake payloads moved out of shared inboxes and into governed workflow history.
💡Key Takeaway for Glossary Readers
Request triggers help replace fragile email-driven processes with validated, observable, and secure integration endpoints.
Case study 03
Facilities team automates sensor escalation without opening inbound servers
Scenario, objectives, solution, measured impact, and takeaway.
📌Scenario
MetroVale Properties wanted building sensors to escalate freezer-temperature events into maintenance workflows. The facilities team lacked staff to host and patch an inbound API server.
🎯Business/Technical Objectives
Create a secure HTTPS receiver for vendor sensor gateways.
Route urgent temperature events to technicians within two minutes.
Avoid exposing a virtual machine or custom app to the internet.
Capture each alert payload for warranty and compliance records.
✅Solution Using Request trigger
The Azure integration team configured a Logic Apps Request trigger as the vendor-facing event receiver and placed API Management in front for caller authentication, IP filtering, and rate limits. The workflow validated device ID, site ID, temperature, and timestamp, then sent urgent cases to Service Bus and technician notifications. Normal readings were acknowledged and discarded to control run volume. Azure CLI checks verified the workflow was enabled before vendor cutover, and run history was connected to Log Analytics for evidence reports. Callback URL rotation was added to the quarterly vendor-security calendar. The team tested expired reservations and duplicate requests before launch.
📈Results & Business Impact
Critical freezer alerts reached technicians in a median of 54 seconds.
The team avoided deploying and maintaining an always-on custom API host.
Rate limiting blocked a misconfigured gateway that sent 18,000 duplicate readings overnight.
Warranty evidence reports could show exact alert payloads and technician-notification timing.
💡Key Takeaway for Glossary Readers
A request trigger can provide a clean integration doorway when the business needs automation, not another server to operate.
Why use Azure CLI for this?
After ten years of Azure engineering work, I use CLI around request triggers because the trigger URL, workflow definition, identity, and diagnostics must be handled carefully. The portal can show the designer, but CLI and ARM output help confirm the workflow exists, the trigger name matches automation, and deployment slots or environments did not drift. For Logic Apps Standard, CLI also checks app settings, managed identity, private networking, and hosting state around the workflow. For Consumption workflows, az rest can inventory callback URL metadata without pasting secrets into notes. That creates repeatable integration checks while supporting safer rotation during partner escalations.
CLI use cases
Show a workflow definition and confirm the request trigger name used by deployment or callback URL automation.
List workflow runs after a partner test to verify the inbound request reached the correct Logic App.
Use az rest to call the management API that lists a trigger callback URL for controlled automation.
Export workflow metadata for evidence before rotating request-trigger URLs or changing payload schema.
Check App Service settings and runtime state for Standard logic apps when request-trigger latency changes.
Before you run CLI
Confirm tenant, subscription, resource group, Logic App type, workflow name, trigger name, region, and whether the target is Consumption or Standard.
Check permissions to read workflow definitions, list runs, access callback URL operations, and view inputs or outputs that may contain sensitive data.
Treat callback URLs and signatures as secrets; avoid printing them in logs, command history, screenshots, or unprotected pipeline output.
Validate provider registration, private networking, API Management fronting, and output format before changing automation that callers depend on.
What output tells you
Workflow state and definition output confirm whether the request trigger exists, what it is named, and whether the workflow is enabled.
Callback URL output contains the callable endpoint, method, base path, and query signature values that must be handled securely.
Run-list output shows status, start time, duration, correlation, and whether inbound calls are failing before or after downstream actions.
App settings and hosting metadata explain Standard workflow behavior such as runtime configuration, identity, and plan-level constraints.
Mapped Azure CLI commands
Logic Apps request-trigger inspection
adjacent
az logic workflow show --resource-group <resource-group> --name <workflow-name> --output json
az logic workflowdiscoverIntegration
az logic workflow run list --resource-group <resource-group> --name <workflow-name> --top 20 --output table
az logic workflow rundiscoverIntegration
az rest --method post --url "https://management.azure.com/subscriptions/<subscription-id>/resourceGroups/<resource-group>/providers/Microsoft.Logic/workflows/<workflow-name>/triggers/<trigger-name>/listCallbackUrl?api-version=2019-05-01"
az restoperateIntegration
az webapp config appsettings list --resource-group <resource-group> --name <standard-logic-app-name> --output table
az webapp config appsettingsdiscoverIntegration
az monitor metrics list --resource <logic-app-resource-id> --metric RunsCompleted --interval PT1M --aggregation Total
az monitor metricsdiscoverIntegration
Architecture context
An architect should treat a request trigger as an inbound API edge, even if the workflow designer makes it look simple. The design needs a caller identity model, request contract, payload validation, throttling expectations, retry behavior, and response pattern. For low-risk internal automation, the generated callback URL may be acceptable with tight handling. For customer-facing or partner-facing integrations, place API Management, Entra authentication, network restrictions, or a managed-identity pattern in front where supported. Run history, Application Insights, and Log Analytics should be part of the design, because the most common failure is not creating the trigger; it is not knowing which caller sent what when the workflow failed.
Security
Security impact is direct because the request trigger creates an HTTPS entry point into a workflow. The generated callback URL commonly includes signature material, so storing or logging it carelessly can allow unwanted workflow runs. For sensitive scenarios, front the workflow with API Management, Entra authentication, access restrictions, private networking, or expiring callback URL practices where appropriate. Validate request body shape, content type, and caller expectations before processing data. Do not put secrets in request bodies unless downstream handling is protected. Review who can list callback URLs, edit workflow definitions, view run history, and read inputs or outputs that may contain personal or regulated data.
Cost
Cost impact depends on the hosting model and the actions that run after the trigger. In Logic Apps Consumption, inbound requests can lead to billable action executions, connector calls, and retries. In Logic Apps Standard, the workload runs inside a hosting plan where sustained request volume, integration account usage, and connector choices still matter. A noisy partner system, retry storm, or unauthenticated public endpoint can create unexpected executions and logging volume. Cost control means validating callers, filtering early, limiting payload size, using asynchronous patterns when needed, and monitoring run volume, failed-run retries, payload size, connector usage, and diagnostic retention for request-triggered workflows.
Reliability
Reliability impact is direct because every external caller depends on the trigger endpoint, request contract, and workflow runtime. If the schema changes without coordination, callers can fail immediately. If the workflow responds too slowly, clients may timeout even while the run continues. Reliable designs use clear HTTP methods, versioned paths or API Management routes, response actions for synchronous callers, dead-letter or retry patterns for asynchronous work, and monitoring on failed runs. For Standard logic apps, plan hosting capacity, deployment slots, and app settings carefully. For Consumption workflows, understand connector limits and run-history retention before relying on the trigger for critical operations. Alerting should distinguish rejected triggers, failed actions, and delayed downstream dependencies.
Performance
Performance impact is practical because the request trigger becomes the caller-facing entry point. The trigger can validate payloads quickly, but the full workflow may call connectors, queues, databases, or external APIs that add latency. If the caller waits for the workflow response, every downstream action can become part of the client experience. Teams often improve performance by acknowledging quickly, pushing work to Service Bus or Event Grid, and returning a correlation ID. Operators should monitor trigger duration, run start delay, failed retries, connector latency, and caller timeout patterns. Do not assume a workflow endpoint performs like a custom low-latency API; test latency budgets before production onboarding.
Operations
Operators manage request triggers by checking workflow state, run history, callback URL handling, deployment definitions, authentication front doors, and diagnostic logs. They validate that the trigger name matches automation scripts, that the schema accepts expected payloads, and that the Response action returns the right status codes. During incidents, they inspect failed runs, inputs, outputs, caller timestamps, and downstream connector failures. Azure CLI helps show workflow metadata and list runs, while az rest can call management APIs that retrieve callback URL data for controlled automation. Good runbooks include URL rotation, payload replay rules, and a rollback path for trigger schema changes. They also document rotation procedures, caller contacts, and safe lower-environment test payloads.
Common mistakes
Pasting the generated callback URL into client-side code, tickets, or logs where anyone can reuse it.
Changing the request body schema without coordinating callers, causing integrations to fail during the next POST.
Using request-triggered workflows for long synchronous work until callers timeout and retry into duplicate processing.
Forgetting that run history can expose request inputs and outputs unless access and retention are governed.