This sounds like the API is behind https , but it is using a private / self-signed certificate. There are usually ways in httr or other HTTP libraries (curl, etc.) to connect without verifying the certificate. This is generally a very insecure practice because there is no guarantee that you are connecting to the correct API.
Instead, it might be preferable to include a CA bundle for your API in the bundle you publish to shinyapps.io , so that you can connect securely. For instance, using curl on the command line:
curl --cacert mycacert.pem https://myapi.com
The easier solution is to use a "real" certificate from a standard Certificate Authority so that the shinyapps.io execution environment will trust it by default, but if you do not own the API or infrastructure it runs on, then this is not something you have control over.