API Tool Calling: 6 Effective Steps using Goldfinch AI
December 2, 2025Overview
The API Tool Calling Tool in Goldfinch AI enables agents to seamlessly interact with external APIs, retrieve real-time information, and present it to users in a natural, conversational form.
This tool serves as a bridge between Goldfinch AI and third-party services – allowing for dynamic data retrieval and intelligent processing within the same workflow using the AI API Tool.
Purpose
The purpose of the AI API Tool Calling Tool is to call external REST APIs based on user prompts, process the received data, and deliver relevant, human-readable results.
This tool is flexible, configurable, and supports multiple authentication mechanisms such as No Auth, Basic Auth, and OAuth 2.0 (with Refresh Token), making the AI API Tool suitable for complex workflows.
It enables users to define API requests directly from the Goldfinch UI by setting parameters, headers, body, authentication, schema, and settings — all in one place.
Key Features
- Multi-step API Workflow – Supports sequential API calls, where the output of one step can be passed as input to another (e.g, API -> LLM).
- Dynamic Parameter Mapping – Automatically replaces placeholders such as (%goldfinch_user_question%} with real-time user input.
- Flexible Authentication – Supports multiple authentication types including No Auth, Basic Auth, Token-based Auth, etc.
- Configurable Headers & Body – Allows users to define custom headers, body formats (JSON, form-data), and query parameters.
- Response Filtering – Enables selective extraction of response data using filter expressions like [‘choices’][0] [‘message’] [‘content’].
- LLM Integration – Integrates with large language models to interpret and present API responses in natural language.
API Calling Workflow
- External API Call:
Sends a request to the configured endpoint with user-defined parameters, headers, and body. - Response Processing:
The response is either returned directly to the user or processed further by Goldfinch AI to generate a natural-language summary.
Authentication Types Supported
| Authentication Type | Description | Example Usage | Security Level |
|---|---|---|---|
| No Auth | No credentials required. Used for open APIs. | Weather API | Low |
| Basic Auth | Username and password encoded in Base64 and sent in the Authorization header. | Internal APIs | Medium |
| OAuth 2.0 (Refresh Token) | Token-based authentication. Uses Access Token and Refresh Token to securely authorize API calls. | Enterprise APIs (Google, Salesforce) | High |
Goldfinch API Calling UI Configuration
The Goldfinch AI interface for configuring API calls consists of six major sections: Params, Auth, Headers, Body, Schema, and Settings. Each section plays a specific role in defining how the API request is executed and how the data is handled.
Params (Parameters)
Purpose: Used to send additional data along with the API request — often as query strings or URL parameters.
Fields commonly provided:
- query: Contains the dynamic user input (e.g., city name, ID, keyword).
- access_key: Used for authorization in public APIs (hidden for security).
Example:
{
"query": "{%goldfinch_user_question%}",
"access_key": "************"
}
Auth (Authentication)
Purpose: Defines the type of authentication used to access the API endpoint.
Options available:
- No Auth: For public APIs.
- Basic Auth: Enter username and password.
- OAuth 2.0: Configure Access Token and Refresh Token fields for secure authentication.
Headers
Purpose: Used to send additional metadata about the request, such as content type or authorization credentials.
Example:
{
"Content-Type": "application/json"
}
Body
Purpose: Used to send data to the server (especially in POST, PUT, or PATCH methods).
Supported Formats:
- JSON Format
- Text Format
Example:
{
"city": "Bengaluru",
"units": "metric"
}
Schema
Purpose: Defines how the response from the API should be handled, filtered, and validated.
Fields included:
- Response Type
- Filter Response
- Parameters
- Required Payload
- Expected Payload
Settings
Key Fields:
- HITL (Human In The Loop)
- API HITL
- STM (Short-Term Memory)
Configuration steps for API Calling
The API Calling Tool in Goldfinch AI allows users to configure and connect to APIs that use different authentication methods.
Configuration for “No Auth”
Use Case: Fetching public data from a Weather API.
API reference: https://openweathermap.org/api
- Open the API Calling tool in Goldfinch.
- Select No Auth.
- Add Params: query & access_key.
- Set Header: Content-Type: application/json.
- Set Method: GET.
- Leave Body empty.
- Settings: HITL=0, STM=1.
Configuration for “Basic Auth”
Use Case: Accessing a User Details API requiring username/password.
Example: Access a User Details API. Learn
Configuration for “OAuth 2.0 (with Refresh Token)”
Use Case: Retrieving data from a testing API that uses token-based authentication.
Example: Token-based testing API. Learn
Security Aspects
- Credential Protection
- No Local Storage
- Access Control
- Token Rotation
- Controlled Execution
Advantages Over Other Tools
- Unified Workflow
- Simplified Usage
- Automation-Friendly
- Easy Configuration
Conclusion
The API Calling Tool in Goldfinch AI provides a secure, configurable, and intelligent way to interact with external APIs. By combining robust API handling with AI-driven data interpretation, it allows users to access real-world information and insights seamlessly – turning complex technical operations into smooth, human-like interactions.
For more details, visit eZintegrations: https://ezintegrations.ai/
FAQ
A tool in Goldfinch AI that lets agents call external REST APIs and return responses in natural language.
It sends requests to configured APIs, processes the response, and presents it conversationally to the user.
It supports No Auth, Basic Auth, and OAuth 2.0 with Refresh Token.
Yes, it can chain multiple API calls and pass outputs between steps.
It dynamically maps placeholders like {%goldfinch_user_question%} to real user input.
Users who need real-time external data retrieval, automation, and AI-driven interpretation within one workflow.