Skip to main content
Actions do the actual work in a workflow: API calls, transformations, notifications, flow control, and integrations. Use this action when your workflow needs to perform an operation, call an external service, or transform data for downstream nodes.

โ€‹
When To Use

  • Launch immediate scans after threat intelligence updates.
  • Scan newly discovered assets in onboarding workflows.

โ€‹
Configuration Checklist

  1. Provide target site and list of IP addresses.
  2. Optionally pre-filter IP list to keep scan scope focused.
  3. Trigger scan and capture returned job/result identifiers.
  4. Notify security teams with scan initiation or findings summary.

โ€‹
Inputs

  • Required node.data metadata: uiId, componentId, and operation (for actions that define an operation).
  • Action-specific configuration fields from the node editor.
  • Upstream context values from triggers or previous nodes (for example trigger.* or prior action outputs).

โ€‹
Outputs

  • Adds action result data to the workflow context for downstream nodes.
  • May produce external side effects (API updates, notifications, scripts, SSH commands, etc.).
  • Can emit structured values consumed by conditions or subsequent actions.

โ€‹
Failure Modes

  • Missing required configuration or invalid parameter values.
  • Missing/invalid context variable references from upstream nodes.
  • External dependency failures (HTTP errors, auth failures, timeouts, rate limits).
  • Payload validation/parsing errors during request or response handling.

โ€‹
Best Practices

  • Prefer small, composable actions over one large action with many responsibilities.