Setting a workflow to Public allows external systems to invoke it without an API token. This is how you let untrusted callers — web forms, third-party webhook providers, embedded widgets — trigger your workflows.
Enabling public execution
The Private / Public toggle in the top bar of the builder controls whether the workflow is publicly accessible.
By default, all workflows are Private. Toggle to Public to allow unauthenticated access.
Only make a workflow public if you understand the security implications. Public workflows can be invoked by anyone with the URL.
Public endpoint
Once public, the workflow can be invoked at:
POST /workflow/public/workflows/{workflow_id}/{version}/execute
No Authorization header required.
curl -X POST https://api.anyreach.ai/workflow/public/workflows/{workflow_id}/{version}/execute \
-H "Content-Type: application/json" \
-d '{
"input_data": { "name": "Alice", "email": "alice@example.com" }
}'