Skip to content

Workflow REST API


As the Workflow engine is built upon the Camunda engine, the Camunda REST API can still be used to provide access to all relevant interfaces of the engine. Refer to the Camunda REST API link for details. This link explains all existing methods in the REST API. For each method it provides:

  • An informal description
  • HTTP verb and URL
  • Possible query, path, or message body parameters
  • A detailed description of the response content
  • Possible response codes
  • A brief example of requests and response

More links to Camunda API documents:


Action URI
Get List GET /deployment
Get List Count GET /deployment/count
Get GET /deployment/{id}
Create POST/deployment/create

REST Security

The REST Security is managed by Permission Sets granted directly or indirectly to the current user. Permission Sets are the basis for administrating authorities in the IFS Cloud. A Permission Set is a set of permissions that you can grant to users to give them the authority to perform tasks like view or update certain information. Refer to Permission Sets for more general information about Permission Sets and refer to Workflows for information about the process of granting Workflows to Permission Sets.

Figure: Diagram depicting the different REST endpoint privileges administrators and non-administrators have.

All actions are available to system administrators, however, non-administrators may only access process definitions or process instances for which they have been explicitly granted access. Non-administrators are also limited in scope to which actions they may take. They will still have the ability to use all of the GET actions on workflows, the ability to start instances of workflows as well as a couple of other things. However, they will have no ability to modify, delete, suspend or restart process definitions or instances. A list of all the REST endpoints non-administrators will not have access to has been included below.

Non-Administrator Exclusion List:

DELETE /process-definition/{id} DELETE /process-definition/key/{key}/delete DELETE /process-definition/key/{key}/tenant-id/{tenant-id}/delete

PUT /process-definition/{id}/history-time-to-live PUT /process-definition/key/{key}/history-time-to-live PUT /process-definition/key/{key}/tenant-id/{tenant-id}/history-time-to-live

PUT /process-definition/{id}/suspended PUT /process-definition/key/{key}/suspended PUT /process-definition/key/{key}/tenant-id/{tenant-id}/suspended PUT /process-definition/suspended

POST /process-definition/{id}/restart POST /process-definition/{id}/restart-async

DELETE /process-instance/{id} POST /process-instance/delete POST /process-instance/delete-historic-query-based POST /process-instance/{id}/modification POST /process-instance/{id}/modification-async

PUT /process-instance/{id}/suspended PUT /process-instance/suspended POST /process-instance/suspended-async


User authentication is done by Keycloak. Keycloak is an open-source Identity and Access Management solution for modern Applications and Services. Keycloak runs as a standalone service deployed on its own. Refer to Keycloak for more information.


Camunda provides an API called Camunda Connect which can be used to connect HTTP services. More information on the API can be found here.

A complete example can be found here on GitHub.