# Passthrough APIs
Passthrough APIs in Frends are used when an API endpoint should forward requests directly to another backend API without running Process-based integration logic. This makes them useful when Frends should act as the public entry point for an API, while the actual request handling stays in another system. This reference article explains how Passthrough APIs work in Frends, how to use the Passthrough API editor, and what each configuration area in the editor means.
Passthrough API editor.
## What Passthrough APIs are
A Passthrough API forwards incoming requests from a Frends API endpoint to a target URL in another system. Unlike a Process-backed API operation, a Passthrough API does not execute business logic, data mapping, or transformation in a Frends Process. Instead, Frends acts as the API entry point and forwards the request according to the Passthrough configuration.
Passthrough APIs are configured per API and can be set either for individual operations or for all operations under the API base path. This allows you to choose between a more controlled endpoint-by-endpoint configuration and a broader proxy-style configuration for the full API.
Passthrough APIs are available only on cross-platform Agents. Legacy Agents do not support this feature.
## How Passthrough APIs work
Passthrough APIs are built on top of an API defined in API Management. The API itself is still described with an OpenAPI specification, and the API base path still comes from the API `server URL`. The difference is in how the request is fulfilled: instead of routing the operation to a Process through an API Trigger, Frends forwards the request to a configured target URL.
This means the API can still remain under the Frends-managed URL structure and can still use Frends API Management features around visibility and control. At the same time, the actual operation can remain implemented in another service, such as an internal backend API or a third-party system.
Passthrough requests are visible through API Monitoring, but they are not Process executions and do not appear in Process instance lists. API Monitoring also includes requests that do not reach a valid exposed endpoint.
### Security and policies
Passthrough APIs do not by themselves implement authentication logic for the backend service. Runtime access to the exposed Frends endpoint is controlled through API Policies, in the same way as for other APIs in Frends. This means authentication and access control are handled at the Frends API layer, while any backend-specific authentication required by the target system must be provided through the Passthrough configuration, such as forwarded or added headers.
## How to use Passthrough APIs
To configure a Passthrough API, you first create the API in Frends and then open the Passthrough API editor from API Management by selecting `Create Passthrough API` or `Modify Passthrough API`. In the editor, you choose whether the configuration applies to all operations or to a specific operation, and then define the forwarding target, optional CORS settings, and any headers that should be included in the forwarded request.
The editor supports plain text values as well as Handlebars with C# expressions and Frends reference values. This allows the target URL to be static, partially dynamic, or fully derived from the incoming request.
## Passthrough API editor
The Passthrough API editor is divided into two main areas. The left side shows the list of available operations in the API, including an `All operations` option. The right side contains the configuration for the currently selected item, including the target URL, preview, CORS settings, and passthrough headers.
The operation list makes it possible to configure forwarding separately for each API method and path. If `All operations` is selected, the configuration applies more broadly at the API base path level. In the screenshot, individual endpoints such as `/users`, `/users/{id}`, and `/webhooks` are listed alongside the shared `All operations` option.
### All operations
The `All operations` option is used when the whole API base path should act as a proxy to another API. In this mode, Frends forwards requests without requiring every possible target endpoint to be explicitly defined in the API specification. The final part of the incoming request path and the query parameters can be passed on to the target API as part of the target URL configuration.
This is useful when the backend API already exposes a broader set of operations and Frends should mainly provide the public entry point, shared domain, or policy enforcement layer.
### Single operation
When an individual operation is selected, the Passthrough configuration applies only to that specific method and path. This gives more control over how each operation is forwarded and makes it possible to point different endpoints to different targets if needed.
## Configure Passthrough API URL
The target URL defines where Frends forwards the incoming request. In the editor, the URL is built from separate parts instead of being entered as one free-form value. This makes it easier to combine static values and request-derived values in a predictable way.
The target URL is built in three or four sections. The first section is the server name or base URL of the target system. The second section is the base path or directory under that server. The third section is the operation-specific path. If query parameters are used, they form the fourth section. Path sections are separated with `/`, while query parameters are separated with `?`.
The editor also shows a `Preview` value, which helps verify what the final target URL will look like based on the current configuration. In the screenshot, the preview is shown directly under the target URL fields.
### Supported value types
Each target URL section can use plain text, Handlebars with C# expressions, and Frends reference values. This allows a fully fixed target URL, a partially dynamic one, or a target based on values from the incoming request.
Environment Variables can be referenced through `#env`. This is useful for storing target server names, environment-specific base URLs, or other reusable values outside the Passthrough configuration itself.
### `#api` reference values
Passthrough configuration provides API-specific reference values under `#api`. These values come from the original request that reached Frends.
`#api.BasePath` contains the API base path from the API specification, excluding the server name. An example value is `/api/crm/v1`.
`#api.OperationPath` contains the operation path of the selected endpoint, such as `/customers`.
`#api.QueryParameters` contains the full query string from the incoming request.
A specific query parameter value can also be referenced by name with syntax such as `#api.QueryParameters.id`. In that case, the value of the `id` query parameter is available directly for use in the target URL.
### Example target URL mapping
If the incoming request to Frends is:
```
https://frends-test.mycompany.com/api/crm/v1/customers?id=123456
```
the Passthrough reference values would resolve so that `#api.BasePath` is `api/crm/v1`, `#api.OperationPath` is `customers`, and `#api.QueryParameters.id` is `123456`.
If the target backend URL should be:
```
https://crm-company.com/api/client-access/v1/customer/123456
```
the configuration can be set so that the server name is `{{#env.crm_company.server}}`, the base path is `api/client-access/v1/customer`, the operation part is `{{#api.QueryParameters.id}}`, and query parameters are left empty.
## CORS
The Passthrough API editor includes a `CORS` setting and an `Allowed Origins` field. In the user interface, CORS can be toggled on or off, and allowed origins can then be defined for the configuration. This is used when browser-based clients need controlled cross-origin access to the exposed Frends API endpoint.
The available source material confirms that these settings are part of the Passthrough API editor view, but it does not describe the detailed runtime behavior or supported value formats further.
## Configure Passthrough API headers
The `Configure passthrough API headers` section defines how Frends manipulates HTTP headers before forwarding the request to the target backend. Each header entry has three fields: `Action`, `Header name`, and `Value`. Multiple header entries can be added to the same configuration.
The `Action` dropdown controls what Frends does with the named header. `Add` appends the header to the forwarded request without removing any existing header with the same name. `Overwrite` sets the header to the given value, replacing any existing header with that name that was present in the original request. `Remove` strips the named header from the forwarded request entirely, which is useful when a header should not be passed on to the backend for security or compatibility reasons.
`Header name` is the name of the HTTP header to act on, such as `Authorization` or `X-Api-Key`. `Value` is the header value to set when using `Add` or `Overwrite`. The `Value` field supports the same value types as the target URL fields, including plain text, Handlebars with C# expressions, and Frends reference values such as Environment Variables.
Passthrough API Header configuration options.
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.frends.com/reference/api-management/passthrough-apis.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.