Nebula is in beta — new features are shipping every week.
NebulaNebula
RecipesDevelopment

Connect Any REST API to Your Agent

Connect any REST API to your Nebula AI agent using API keys, tokens, or custom auth. Call external services directly from any agent conversation.

What you'll build

Connect any REST API that isn't in the OAuth catalogue — self-hosted monitoring tools, internal company APIs, or any service that uses an API key or token. Once connected, your agent can call the API in any conversation.

What to say

You

I want my agent to pull data from our self-hosted Grafana instance at https://grafana.internal.acme.com. I have an API key for authentication.

Build Custom APIAgent Creator

Creating a custom API connection for your Grafana instance...

Add EndpointsAgent Creator

Discovered 12 endpoints from the Grafana API. Adding grafana-get-dashboards, grafana-query-datasource, and grafana-list-alerts.

Set AuthenticationAgent Creator

A credential popup will appear to securely enter your API key. Configured API key authentication via the Authorization header.

Create AgentAgent Creator

Created a Grafana Agent with access to the Grafana API endpoints.

Nebula
Nebula

Your Grafana API is connected. I've created a Grafana Agent that can query dashboards, pull metrics, and check alerts. What would you like to do first?

What happens

You describe your API

Tell Nebula the service name and base URL. If the service has public API documentation, the Agent Creator can discover the endpoints automatically.

Nebula discovers or you define the endpoints

The Agent Creator reads the API docs or you describe what you need — "I want to query dashboards and get alert status." It creates endpoint definitions with action keys like grafana-get-dashboards and grafana-query-datasource.

You configure authentication

A secure credential popup appears where you enter your API key, token, or password. Nebula never asks for secrets in the chat. The Agent Creator sets up the auth method — header, query parameter, Bearer token, Basic auth, or JWT.

The Agent Creator creates a dedicated agent for the API

The Agent Creator creates a new agent (like "Grafana Agent") with the API endpoints as its tools. The agent shows up in your agent list just like built-in agents.

Nebula delegates to the agent when you ask

From here on, just ask Nebula to do things with the connected service. Nebula delegates to the dedicated agent, which calls the right endpoints using run_action. No need to repeat the setup.

What kind of auth works

Nebula supports several authentication methods for custom APIs:

  • API key — passed as a header or query parameter
  • Bearer token — standard Authorization: Bearer <token> header
  • Basic auth — username and password encoded in the header
  • JWT — with key splitting, custom claims, and HMAC signing

More APIs to try

Connect my Sentry instance and alert me when new errors spike.

Add our internal employee directory API so my agent can look up team members.

Connect my Ghost blog so I can draft and publish posts through Nebula.

Hook up PostHog so my agent can pull product analytics on demand.

Make it automatic

You

Every morning, pull the latest error count from Sentry and post a summary to Slack if anything spiked overnight.

Create Trigger

Creating scheduled trigger: every day at 8:00 AM UTC. Task: query Sentry via Grafana Agent, check for spikes, post summary to Slack if thresholds exceeded.

Nebula
Nebula

Your trigger is live. Every morning at 8 AM, I'll check Sentry for overnight error spikes and alert you in Slack if anything looks off. You can pause or edit this from the Triggers page.

Combine a custom API connection with a scheduled trigger to get regular reports from any service, even if it's not in the Integrations page.

Troubleshooting

Auth errors (401/403): Open the tool's credential popup from your agent settings and double-check the value. Make sure you're using the right header name — some services expect Authorization: Bearer <token>, others use a custom header like X-API-Key. Also check that the key hasn't expired or been revoked.

Timeout or connection refused: Nebula needs to reach your API over the internet. If the service is self-hosted behind a firewall or VPN, you'll need to expose it through a tunnel (Cloudflare Tunnel, ngrok) or allow-list Nebula's IP range.

Rate limits (429): Nebula retries automatically when it hits a rate limit. If your API has aggressive rate limits, mention that when setting up the connection and Nebula will add delays between requests.

Wrong response format: If the API returns data in an unexpected shape, tell Nebula what the response should look like. For example: "The response has a data array where each item has name and email fields."

SSL or certificate issues: If your API uses a self-signed certificate, mention that during setup. Nebula can be configured to accept self-signed certs for your specific endpoint.

Internal Tools

Connect your company's internal APIs — employee directories, inventory systems, internal wikis.

Webhook Triggers

Give your agent a webhook URL so external services like Stripe and GitHub can trigger it automatically.

API Chaining

Pull data from multiple APIs in sequence and combine the results into one answer.

Automate Browser Tasks with 1Password

Automate browser tasks with Nebula's AI agent. Open websites, retrieve 1Password credentials, log in, fill forms, and extract data automatically.

Receive Webhooks from Any Service

Set up webhook triggers for your Nebula AI agent. Let Stripe, GitHub, Shopify, and other services trigger automations with a single webhook URL.

On this page

What you'll buildWhat to sayWhat happensYou describe your APINebula discovers or you define the endpointsYou configure authenticationThe Agent Creator creates a dedicated agent for the APINebula delegates to the agent when you askWhat kind of auth worksMore APIs to tryMake it automaticTroubleshootingRelated recipes