Skip to main content
Kintone plug-ins are packaged JavaScript customizations that app administrators can install into one or more Kintone apps. Unlike per-app JavaScript files, a plug-in is distributed as a single .plugin package and can be configured independently in each app where it is installed. Plug-ins consist of two main parts:
  • Customization code — runs inside apps and uses standard JavaScript APIs plus the plug-in APIs listed here to read its configuration
  • Settings page — a custom HTML/JS page where administrators configure the plug-in for each app
The plug-in APIs below handle configuration storage, retrieval, and making authenticated proxy requests to external services.
Plug-in development requires you to first register your plug-in and obtain a plug-in ID. Refer to the Kintone plug-in documentation for the full development workflow.

Configuration

Returns the configuration object saved for a plug-in in the current app. Use this in your customization code to read settings that were saved by the plug-in’s settings page.Available pages: All pages (desktop and mobile)

Parameters

ParameterTypeRequiredDescription
pluginIdstringYesThe plug-in ID

Return value

TypeDescription
objectKey-value pairs where all keys and values are strings. Returns an empty object if no config has been saved.

Example

// In your plug-in's customization code
(function (PLUGIN_ID) {
  kintone.events.on('app.record.index.show', (event) => {
    const config = kintone.plugin.app.getConfig(PLUGIN_ID);
    console.log('API endpoint:', config.apiEndpoint);
    return event;
  });
})(kintone.$PLUGIN_ID);
Saves the plug-in configuration for the current app. Call this from your plug-in’s settings page when the user saves their settings.Available pages: Plug-in settings page only

Parameters

ParameterTypeRequiredDescription
configobjectYesKey-value pairs to save. All keys and values must be strings.
callbackfunctionNoCallback invoked after the config is saved successfully

Return value

undefined

Example

// In your plug-in's config.html settings page
document.getElementById('save-btn').addEventListener('click', () => {
  const endpoint = document.getElementById('endpoint').value;
  kintone.plugin.app.setConfig(
    { apiEndpoint: endpoint },
    () => {
      alert('Settings saved.');
      window.location.href = '../../flow?app=' + kintone.app.getId();
    }
  );
});

Proxy configuration

When your plug-in makes requests to external services, proxy configuration lets you securely store and reuse authentication credentials (such as API keys or OAuth tokens) without exposing them in client-side JavaScript.
Saves proxy authentication configuration for a specific URL and HTTP method combination. Call this from your plug-in’s settings page.Available pages: Plug-in settings page only

Parameters

ParameterTypeRequiredDescription
urlstringYesThe target URL for proxy requests
methodstringYesHTTP method: GET, POST, PUT, or DELETE
headersobjectYesRequest headers to store. All keys and values must be strings.
dataobjectYesRequest body data to store. All keys and values must be strings.
callbackfunctionNoCallback invoked after the proxy config is saved

Return value

undefined

Example

kintone.plugin.app.setProxyConfig(
  'https://api.example.com/data',
  'GET',
  { Authorization: 'Bearer my-token' },
  {},
  () => console.log('Proxy config saved')
);
Returns the stored proxy configuration for a given URL and HTTP method. Use this in your customization code to retrieve credentials saved by the settings page without exposing them directly.Available pages: All pages (desktop and mobile). Also available on the plug-in settings page.

Parameters

ParameterTypeRequiredDescription
urlstringYesThe target URL
methodstringYesHTTP method: GET, POST, PUT, or DELETE

Return value

TypeDescription
objectAn object with headers and data properties containing the stored configuration

Example

const proxyConfig = kintone.plugin.app.getProxyConfig(
  'https://api.example.com/data',
  'GET'
);
console.log(proxyConfig.headers); // { Authorization: 'Bearer my-token' }

Proxy requests

The plug-in proxy APIs let you make authenticated HTTP requests to external services from within Kintone. Requests are routed through the Kintone server, which appends any stored proxy configuration (headers and body data). This keeps credentials off the client.
Makes an HTTP request to an external URL via the Kintone proxy. Headers and body data from stored proxy configuration are automatically merged with the request.Available pages: All pages (desktop and mobile)

Parameters

ParameterTypeRequiredDescription
pluginIdstringYesThe plug-in ID
urlstringYesThe target URL
methodstringYesHTTP method: GET, POST, PUT, or DELETE
headersobjectYesAdditional request headers. Merged with any stored proxy headers.
dataobject | stringYesRequest body. For GET/DELETE, use an empty object {}.
callbackfunctionNoSuccess callback. Receives (body, status, headers).
errbackfunctionNoError callback. Receives (body, status, headers).

Return value

Returns a Promise if no callback is provided. The Promise resolves with [body, status, headers].

Example

(function (PLUGIN_ID) {
  kintone.events.on('app.record.index.show', async (event) => {
    const config = kintone.plugin.app.getConfig(PLUGIN_ID);
    const [body, status] = await kintone.plugin.app.proxy(
      PLUGIN_ID,
      config.apiEndpoint,
      'GET',
      {},
      {}
    );
    if (status === 200) {
      console.log('Response:', JSON.parse(body));
    }
    return event;
  });
})(kintone.$PLUGIN_ID);
Uploads a file to an external URL via the Kintone proxy. Use this variant instead of proxy() when your request body is FormData (for example, uploading a file attachment).Available pages: All pages (desktop and mobile)

Parameters

ParameterTypeRequiredDescription
pluginIdstringYesThe plug-in ID
urlstringYesThe target URL
methodstringYesHTTP method: POST or PUT
headersobjectYesAdditional request headers
dataFormDataYesThe FormData object containing the file to upload
callbackfunctionNoSuccess callback. Receives (body, status, headers).
errbackfunctionNoError callback. Receives (body, status, headers).

Return value

Returns a Promise if no callback is provided. The Promise resolves with [body, status, headers].

Example

(function (PLUGIN_ID) {
  kintone.events.on('app.record.detail.show', async (event) => {
    const fileInput = document.getElementById('file-input');
    const formData = new FormData();
    formData.append('file', fileInput.files[0]);

    const [body, status] = await kintone.plugin.app.proxy.upload(
      PLUGIN_ID,
      'https://upload.example.com/files',
      'POST',
      {},
      formData
    );
    console.log('Upload status:', status);
    return event;
  });
})(kintone.$PLUGIN_ID);
Stored proxy configuration headers and body data are not merged when using proxy.upload(). Pass all required authentication headers explicitly.

Build docs developers (and LLMs) love

Get started for freeTalk to us