Workflow Operations APIs
Use Operations REST APIs to automate administrative actions on workflow automations.
You can access the Swagger definition for the APIs directly from the
view. You can access the Swagger definition for the APIs directly
from the Build view.
Important: To prevent cross
site request forgery attacks, the REST API operations require that
the HTTP header
BPMCSRFToken is set with every request.The client application must obtain the necessary
token by calling the POST /system/login REST API
with a JSON body that is similar to the following example.
{
"refresh-groups": false,
"requested-lifetime": 7200
}refresh-groups property
to false, it avoids the overheads that are associated
with updating the group membership for the calling user. The requested_lifetime property
defines the number of seconds the token is valid for. If you don't
specify a value, the default value of 7200 seconds is used, which
is the maximum permitted value. You must always send a payload with
the call, even if it is empty. The token is returned as a string
in the csrf_token property of the response object.
If
a call contains an expired token, it fails with HTTP response code 403 and
the error CWTBG0651E: The request was blocked because the BPMCSRFToken
token header could not be verified. in the response. To retrieve
a new token, the client application must call the POST /system/login API
again. The client application can then use the new token to resubmit
the failed request.
For more information, see Workflow REST API resources