Region ID
The REGION_ID is an abbreviated code that Google assigns
based on the region you select when you create your app. The code does not
correspond to a country or province, even though some region IDs may appear
similar to commonly used country and province codes. For apps created after
February 2020, REGION_ID.r is included in
App Engine URLs. For existing apps created before this date, the
region ID is optional in the URL.
Learn more about region IDs.
This page describes how to issue HTTP(S) requests from your App Engine app using the URL Fetch service for second-generation runtimes.
Before following the instructions on this page, we recommend you use language idiomatic solutions to issue HTTP(S) requests before using the URL Fetch service. The primary use case for using the URL Fetch is when you want to issue HTTP(S) requests to another App Engine app and assert your app's identity on that request.
For details on request size limits and which headers are sent in a URL Fetch request, see Outbound requests.
Issue an HTTP request
To use the URL Fetch service to issue outbound HTTP(S) requests, declare the URL Fetch libraries.
The PHP language provides several functions for making remote HTTP requests. These are implemented in different ways in App Engine, and are subject to different quotas and costs.
See the Access legacy bundled services for PHP guide for instructions on how to use stream handlers.
Set a request timeout
Use the timeout option in
HTTP context to alter
the deadline.
Disable redirects
If you are using URL Fetch, the underlying URL Fetch service follows up to five redirects by default. These redirects could forward sensitive information, such as authorization headers, to the redirected destination. If your app does not require HTTP redirects, it is recommended that you disable the redirects.
To instruct the URL Fetch service to not follow redirects, your app must
set the follow_location parameter in the
HTTP context options
to false.
Issue an HTTPS request
By default, the underlying URL Fetch service validates the certificate of the host it contacts, and rejects requests if the certificate doesn't match. You don't need to explicitly secure your request.
Disable host certificate validation
By default, the App Engine implementation of the HTTPS wrapper attempts
to validate the certificate of the host, and rejects requests where the
certificate does not match. To disable this behavior, set the value of
verify_peer to false in the
SSL/TLS context options.
Issue a request to another App Engine app
When using URL Fetch to issue a request to another App Engine app, your
app can assert its identity by adding the header X-Appengine-Inbound-Appid to
the request.
If you instruct the URL Fetch service to not follow redirects, App Engine will add this header to requests automatically. See Disabling redirects for guidance on disabling redirects.
What's next
Learn about the URL Fetch service, such as the headers that are sent in a URL Fetch request in Outbound Requests.