> ## Documentation Index > Fetch the complete documentation index at: https://docs.dify.ai/llms.txt > Use this file to discover all available pages before exploring further. # Submit Human Input Form > Submit the recipient's response to a paused Human Input form. The workflow resumes on acceptance; follow subsequent events via the Stream Workflow Events endpoint. Requires WebApp delivery. ## OpenAPI ````yaml /en/api-reference/openapi_workflow.json post /form/human_input/{form_token} openapi: 3.0.1 info: title: Workflow App API description: >- Workflow applications offer non-session support and are ideal for translation, article writing, summarization AI, and more. version: 1.0.0 servers: - url: https://{api_base_url} description: >- Base URL of the Workflow App API. For self-hosted deployments, replace it with your own API base URL. variables: api_base_url: default: api.dify.ai/v1 description: Host and path of the API base URL, without the `https://` prefix. security: - ApiKeyAuth: [] tags: - name: Workflows description: Operations for executing and managing workflows. - name: Files description: File upload and download operations. - name: End Users description: Operations related to end user information. - name: TTS description: Audio-to-text and text-to-audio conversion. - name: Applications description: Application settings, parameters, and metadata. - name: Human Input description: Endpoints for resuming paused workflows that require human input. paths: /form/human_input/{form_token}: post: tags: - Human Input summary: Submit Human Input Form description: >- Submit the recipient's response to a paused Human Input form. The workflow resumes on acceptance; follow subsequent events via the Stream Workflow Events endpoint. Requires WebApp delivery. operationId: submitWorkflowHumanInputForm parameters: - name: form_token in: path required: true schema: type: string description: >- Access token for the paused form, returned in the `human_input_required` event from the Run Workflow or Send Chat Message endpoint in streaming mode. requestBody: required: true content: application/json: schema: type: object required: - inputs - action - user properties: inputs: type: object additionalProperties: true description: >- Submitted values keyed by each input's `output_variable_name`. Paragraph and select inputs take a string; a `file` input takes one file mapping; a `file-list` input takes an array of file mappings. A file mapping is `{transfer_method: local_file, upload_file_id, type}` or `{transfer_method: remote_url, url, type}`, where `type` is one of the field's `allowed_file_types` (`image`, `document`, `audio`, `video`, `custom`). For `local_file`, `upload_file_id` is the `id` from [Upload File](/api-reference/files/upload-file). Use a consistent `user` across the run, upload, and submit. action: type: string description: >- ID of the action button the recipient selected. Must match one of the `id` values from the form's `user_actions` list (returned by [Get Human Input Form](/api-reference/human-input/get-human-input-form)). user: type: string description: >- Identifier for the end user, defined by your application's rules and unique within the app. Service API and WebApp user IDs are separate, even when identical. examples: approve: summary: Request Example value: inputs: feedback: Looks good to ship priority: high attachment: transfer_method: local_file upload_file_id: 3c8fa1b2-7d4e-4f9a-b0c1-d2e3f4a5b6c7 type: image attachments: - transfer_method: local_file upload_file_id: 1a77f0df-c0e6-461c-987c-e72526f341ee type: document - transfer_method: remote_url url: https://example.com/report.pdf type: document action: approve user: abc-123 responses: '200': description: Form submitted successfully. The response body is an empty object. content: application/json: schema: type: object examples: success: summary: Response Example value: {} '400': description: >- - `bad_request` : Form recipient type is invalid. - `invalid_form_data` : Submission failed validation against the form definition. content: application/json: examples: bad_request: summary: bad_request value: status: 400 code: bad_request message: Form recipient type is invalid invalid_form_data: summary: invalid_form_data value: status: 400 code: invalid_form_data message: 'Missing required inputs: feedback' '404': description: '`not_found` : Form not found.' content: application/json: examples: not_found: summary: not_found value: status: 404 code: not_found message: Form not found '412': description: >- - `human_input_form_submitted` : Form already submitted. Forms are one-shot; the first response wins regardless of which user submits it. - `human_input_form_expired` : The form's expiration time passed before submission arrived. content: application/json: examples: human_input_form_submitted: summary: human_input_form_submitted value: status: 412 code: human_input_form_submitted message: >- This form has already been submitted by another user, form_id=a1b2c3d4-e5f6-7890-abcd-ef1234567890 human_input_form_expired: summary: human_input_form_expired value: status: 412 code: human_input_form_expired message: >- This form has expired, form_id=a1b2c3d4-e5f6-7890-abcd-ef1234567890 components: securitySchemes: ApiKeyAuth: type: http scheme: bearer bearerFormat: API_KEY description: >- API Key authentication. For all API requests, include your API Key in the `Authorization` HTTP Header, prefixed with `Bearer `. Example: `Authorization: Bearer {API_KEY}`. **Strongly recommend storing your API Key on the server-side, not shared or stored on the client-side, to avoid possible API-Key leakage that can lead to serious consequences.** ````