Workflow REST API¶
REST API¶
As the Workflow engine is built upon the Camunda engine, the Camunda REST API can still be used to provide access to all relevant interfaces of the engine. Refer to the Camunda REST API link for details. This link explains all existing methods in the REST API. For each method it provides:
- An informal description
- HTTP verb and URL
- Possible query, path, or message body parameters
- A detailed description of the response content
- Possible response codes
- A brief example of requests and response
More links to Camunda API documents:
https://docs.camunda.org/manual/7.15/reference/rest/
https://docs.camunda.org/manual/7.15/reference/rest/process-definition/
https://docs.camunda.org/manual/7.15/reference/rest/process-instance/
Examples:¶
Action | URI |
---|---|
Get List | GET /deployment |
Get List Count | GET /deployment/count |
Get | GET /deployment/{id} |
Create | POST/deployment/create |
REST Security¶
The REST Security is managed by Permission Sets granted directly or indirectly to the current user. Permission Sets are the basis for administrating authorities in the IFS Cloud. A Permission Set is a set of permissions that you can grant to users to give them the authority to perform tasks like view or update certain information. Refer to Permission Sets for more general information about Permission Sets and refer to Workflows for information about the process of granting Workflows to Permission Sets.
Figure: Diagram depicting the different REST endpoint privileges administrators and non-administrators have.
All actions are available to system administrators, however, non-administrators may only access process definitions or process instances for which they have been explicitly granted access. Non-administrators are also limited in scope to which actions they may take. They will still have the ability to use all of the GET actions on workflows, the ability to start instances of workflows as well as a couple of other things. However, they will have no ability to modify, delete, suspend or restart process definitions or instances. A list of all the REST endpoints non-administrators will not have access to has been included below.
Non-Administrator Exclusion List:
DELETE /process-definition/{id} DELETE /process-definition/key/{key}/delete DELETE /process-definition/key/{key}/tenant-id/{tenant-id}/delete
PUT /process-definition/{id}/history-time-to-live PUT /process-definition/key/{key}/history-time-to-live PUT /process-definition/key/{key}/tenant-id/{tenant-id}/history-time-to-live
PUT /process-definition/{id}/suspended PUT /process-definition/key/{key}/suspended PUT /process-definition/key/{key}/tenant-id/{tenant-id}/suspended PUT /process-definition/suspended
POST /process-definition/{id}/restart POST /process-definition/{id}/restart-async
DELETE /process-instance/{id} POST /process-instance/delete POST /process-instance/delete-historic-query-based POST /process-instance/{id}/modification POST /process-instance/{id}/modification-async
PUT /process-instance/{id}/suspended PUT /process-instance/suspended POST /process-instance/suspended-async
Authentication¶
User authentication is done by Keycloak. Keycloak is an open-source Identity and Access Management solution for modern Applications and Services. Keycloak runs as a standalone service deployed on its own. Refer to Keycloak for more information.
Connectors¶
Camunda provides an API called Camunda Connect which can be used to connect HTTP services. More information on the API can be found here.
A complete example can be found here on GitHub.