To use external APIs in Replit, install an HTTP client like axios or the built-in fetch API, store your API key in the Secrets panel (never hardcode it), make requests using async/await, and parse the JSON response. This tutorial demonstrates fetching real-time weather data from the OpenWeatherMap API in a Node.js Repl, covering request setup, error handling, and displaying results.
Fetch and Display External API Data in Replit
This tutorial shows you how to consume external REST APIs from a Replit project. You will learn how to make HTTP requests, handle responses, parse JSON data, and display results. We use the OpenWeatherMap API as a practical example, but the patterns apply to any REST API. This guide is for intermediate developers who understand basic JavaScript and want to connect their Replit projects to real-time external data sources.
Prerequisites
- A Replit account with an active Repl (Node.js template recommended)
- A free OpenWeatherMap API key (sign up at openweathermap.org)
- Basic understanding of JavaScript async/await syntax
- Familiarity with JSON data format
Step-by-step guide
Create a Node.js Repl and install dependencies
Create a Node.js Repl and install dependencies
Start by creating a new Repl using the Node.js template. Once the workspace loads, open the Shell from the Tools dock and install axios, a popular HTTP client that simplifies API requests. While Node.js 18+ includes a built-in fetch API, axios provides cleaner error handling and automatic JSON parsing, which makes it a better choice for beginners working with APIs.
1npm install axios expressExpected result: axios and express appear in your package.json dependencies and node_modules directory.
Store your API key in the Secrets panel
Store your API key in the Secrets panel
Never hardcode API keys in your source code. In Replit, open the Tools dock on the left sidebar and click Secrets. In the App Secrets tab, add a new secret with the key OPENWEATHER_API_KEY and paste your API key as the value. This stores the key using AES-256 encryption. In your code, access it with process.env.OPENWEATHER_API_KEY. Secrets are available at runtime but not during the build phase.
Expected result: The secret appears in your Secrets panel list with the key name OPENWEATHER_API_KEY.
Write a basic API request with axios
Write a basic API request with axios
Create a file called api.js in your project root. Import axios and use it to fetch current weather data from the OpenWeatherMap API. The request uses your stored API key from the Secrets panel. Axios automatically parses the JSON response, so you can access data properties directly from response.data. Wrap the call in a try-catch block to handle network errors, invalid API keys, and rate limiting gracefully.
1const axios = require('axios');23async function getWeather(city) {4 const apiKey = process.env.OPENWEATHER_API_KEY;5 const url = `https://api.openweathermap.org/data/2.5/weather?q=${encodeURIComponent(city)}&appid=${apiKey}&units=metric`;67 try {8 const response = await axios.get(url);9 const data = response.data;10 return {11 city: data.name,12 temperature: data.main.temp,13 description: data.weather[0].description,14 humidity: data.main.humidity15 };16 } catch (error) {17 if (error.response) {18 console.error(`API error: ${error.response.status} - ${error.response.data.message}`);19 } else {20 console.error(`Network error: ${error.message}`);21 }22 return null;23 }24}2526module.exports = { getWeather };Expected result: The file is saved. No output yet since we have not called the function.
Create an Express server to display API data
Create an Express server to display API data
Create an index.js file that imports your API function and serves the results through a simple Express web server. The server listens on port 3000 and responds to requests at the /weather/:city endpoint. Make sure the server binds to 0.0.0.0 so Replit can detect the open port for the preview pane. This is a common gotcha: binding to localhost or 127.0.0.1 causes the preview and deployments to fail.
1const express = require('express');2const { getWeather } = require('./api');34const app = express();5const PORT = 3000;67app.get('/', (req, res) => {8 res.send('<h1>Weather API</h1><p>Try /weather/London</p>');9});1011app.get('/weather/:city', async (req, res) => {12 const weather = await getWeather(req.params.city);13 if (weather) {14 res.json(weather);15 } else {16 res.status(500).json({ error: 'Failed to fetch weather data' });17 }18});1920app.listen(PORT, '0.0.0.0', () => {21 console.log(`Server running on port ${PORT}`);22});Expected result: Clicking Run starts the server and the preview pane shows your Weather API homepage.
Test the API endpoint in the preview pane
Test the API endpoint in the preview pane
Once your server is running, the Replit preview pane opens automatically showing your app. Navigate to /weather/London in the preview URL bar to test the API integration. You should see a JSON response with the city name, temperature, weather description, and humidity. Try different city names to verify the API handles various inputs. If you see an error, check that your OPENWEATHER_API_KEY secret is set correctly and that the API key is active (new keys can take a few minutes to activate).
Expected result: The preview shows JSON output like {"city":"London","temperature":12.5,"description":"overcast clouds","humidity":78}.
Add the alternative fetch API approach
Add the alternative fetch API approach
If you prefer not to use axios, Node.js 18+ in Replit includes a built-in fetch function. The syntax is slightly different: fetch returns a Response object, and you must call response.json() to parse the body. The fetch approach has no external dependencies but requires more manual error checking since it does not throw on HTTP error status codes like axios does. For projects with complex API integrations that require professional guidance, RapidDev can help architect robust API communication layers.
1async function getWeatherWithFetch(city) {2 const apiKey = process.env.OPENWEATHER_API_KEY;3 const url = `https://api.openweathermap.org/data/2.5/weather?q=${encodeURIComponent(city)}&appid=${apiKey}&units=metric`;45 try {6 const response = await fetch(url);7 if (!response.ok) {8 throw new Error(`HTTP ${response.status}: ${response.statusText}`);9 }10 const data = await response.json();11 return {12 city: data.name,13 temperature: data.main.temp,14 description: data.weather[0].description,15 humidity: data.main.humidity16 };17 } catch (error) {18 console.error(`Fetch error: ${error.message}`);19 return null;20 }21}Expected result: The function works identically to the axios version but uses the built-in fetch API.
Complete working example
1const express = require('express');2const axios = require('axios');34const app = express();5const PORT = 3000;67async function getWeather(city) {8 const apiKey = process.env.OPENWEATHER_API_KEY;9 if (!apiKey) {10 throw new Error('OPENWEATHER_API_KEY not set in Secrets');11 }12 const url = `https://api.openweathermap.org/data/2.5/weather?q=${encodeURIComponent(city)}&appid=${apiKey}&units=metric`;1314 try {15 const response = await axios.get(url);16 return {17 city: response.data.name,18 country: response.data.sys.country,19 temperature: response.data.main.temp,20 feels_like: response.data.main.feels_like,21 description: response.data.weather[0].description,22 humidity: response.data.main.humidity,23 wind_speed: response.data.wind.speed24 };25 } catch (error) {26 if (error.response) {27 console.error(`API error: ${error.response.status} - ${error.response.data.message}`);28 } else {29 console.error(`Network error: ${error.message}`);30 }31 return null;32 }33}3435app.get('/', (req, res) => {36 res.send(`37 <h1>Weather API</h1>38 <p>Usage: GET /weather/:city</p>39 <p>Example: <a href="/weather/London">/weather/London</a></p>40 `);41});4243app.get('/weather/:city', async (req, res) => {44 try {45 const weather = await getWeather(req.params.city);46 if (weather) {47 res.json(weather);48 } else {49 res.status(502).json({ error: 'Failed to fetch weather data from external API' });50 }51 } catch (error) {52 res.status(500).json({ error: error.message });53 }54});5556app.listen(PORT, '0.0.0.0', () => {57 console.log(`Weather API server running on port ${PORT}`);58});Common mistakes when using external APIs in Replit
Why it's a problem: Hardcoding API keys directly in JavaScript files
How to avoid: Use the Replit Secrets panel (Tools > Secrets) and access keys via process.env.YOUR_KEY_NAME. This keeps keys encrypted and out of version control.
Why it's a problem: Binding the server to localhost instead of 0.0.0.0
How to avoid: Always use app.listen(PORT, '0.0.0.0') in Express. Binding to localhost or 127.0.0.1 prevents Replit from detecting your server, breaking the preview and deployments.
Why it's a problem: Not handling API errors, causing the server to crash on bad responses
How to avoid: Wrap all API calls in try-catch blocks and check for error.response (axios) or response.ok (fetch) before accessing the response body.
Why it's a problem: Forgetting to add Secrets to the Deployment pane separately from workspace Secrets
How to avoid: Workspace secrets do not automatically carry to deployments. When deploying, add the same secrets in the Deployments pane under the Secrets section.
Why it's a problem: Using response.data directly with fetch instead of calling response.json() first
How to avoid: The fetch API returns a Response object. You must call await response.json() to parse the body. Axios handles this automatically.
Best practices
- Always store API keys in the Replit Secrets panel, never in source code or .env files
- Use encodeURIComponent for any user input placed into API URLs
- Implement proper error handling with try-catch for all API calls
- Bind your server to 0.0.0.0 so Replit preview and deployments can detect the open port
- Check response status codes before processing data, especially with the fetch API
- Add rate limiting to your server if it proxies external API calls to avoid burning through API quotas
- Use environment variable checks at startup to fail fast if required secrets are missing
- Cache API responses when appropriate to reduce external API calls and improve response times
Still stuck?
Copy one of these prompts to get a personalized, step-by-step explanation.
I am building a Node.js app in Replit that needs to call the [API name] REST API. My API key is stored in Replit Secrets as [KEY_NAME]. Show me how to make authenticated GET requests, handle errors, and display the JSON response through an Express endpoint. Use axios and bind to 0.0.0.0.
Add an API integration to my project. I need to fetch data from [API URL] using the API key stored in my Secrets as [KEY_NAME]. Create an Express route that returns the parsed JSON response with proper error handling. Make sure the server binds to 0.0.0.0 on port 3000.
Frequently asked questions
Yes, but this exposes your API key in the browser. Instead, create a backend route that makes the API call server-side and return the data to your frontend. This keeps your API key in Secrets and off the client.
The most common cause is missing secrets in the deployment configuration. Workspace secrets do not automatically transfer to deployments. Add your API key separately in the Deployments pane under Secrets.
Implement caching to reduce duplicate API calls, add retry logic with exponential backoff for 429 status codes, and consider using a rate limiter like express-rate-limit on your own endpoints to control request volume.
Yes. Use the requests library (pip install requests) and access your API key with os.environ['YOUR_KEY_NAME'] or os.getenv('YOUR_KEY_NAME'). The Secrets panel works the same way across all languages.
Check that the API URL is correct, your API key is valid, and the API service is not blocking requests from cloud IP addresses. Some APIs require whitelisting server IPs, which is not straightforward in Replit since IP addresses are not static.
Yes. RapidDev specializes in building production-grade API integrations. They can help with OAuth flows, webhook handling, data transformation, and error recovery patterns that go beyond basic API calls.
Both work well. Axios provides automatic JSON parsing and throws errors on non-2xx status codes, making error handling simpler. Fetch is built-in with zero dependencies but requires manual response.ok checks and response.json() parsing. For beginners, axios is slightly easier.
Open the Shell and use curl to make requests directly. For example: curl http://localhost:3000/weather/London. This lets you test endpoints without navigating the preview pane.
Talk to an Expert
Our team has built 600+ apps. Get personalized help with your project.
Book a free consultation