As mentioned in the previous article, there're 2 types of setup to JSON API in a flow

API Response

You can use API response to execute the following for example: 

  1. Redirect your user to a specific flow. 
  2. Customize the flow’s content with dynamic data. 
  3. Send variable types of responses such as receipts. 
  4. Update user’s attributes according to system operations. 

You also need to make sure your response doesn’t take longer than 10 seconds so it doesn’t timeout.

Below are objects you can include in your response, you can include one or all of these objects:

-“Attributes” object

  • It is how you can set or change values for your previously created attributes. 
  • You can set a list of attributes at a time, each attribute as a pair of key and value.
  • Make sure that your key is a previously created valid attribute name.

-"FlowName" object 

  • It’s how you can go to a specific flow after your API request succeed
  • Make sure you set a previously created valid flow name

-“FacebookResponse” object

  • It’s how you can customize your own message objects you want to send to your user.
  • For recipient Id, just leave it “{psid}” as it is, we’ll replace it for you.
  • Know more about available Facebook responses from messenger platform documentation.

Your API response must be in a valid format such as below: 


"attributes":{"Key1":"Value", "Key2":"Value"},

"FlowName" : "My new Flow",

"FacebookResponse" : {

"messaging_type": "<MESSAGING_TYPE>",





"text":"hello, world!"


Callback Request

A callback request will allow you to make actions to the bot later within up to 2 minutes. 

You can use a callback request for the same reasons you can use an API response, adding operations that can take longer time, such as payment transactions and complex sheet operations. 

Enabling callback request unlocks two extra headers for you: 

  1. Callback URL: The endpoint your callback request will go back to. The header key for it will have the format: “callbackurl
  2. Token: This makes sure the request is actually from you and is okay to proceed with. Tokens expire in two minutes and have to be specifically included in your callback request’s header. The header key will be: “x-bot-token

You can make multiple requests to the callback URL as long as the token hasn’t expired yet.

Both the API response and the callback request’s bodies must be of a valid format. “x-bot-token” must be included in the request’s header.

Did this answer your question?