Bizagi PaaS introduces a service oriented architecture, which from its very design, is cloud-centric.
The cloud-centric architecture in Bizagi PaaS relies on a highly-modular and loosely-coupled structure, which leverages the use of modern technologies and best practices.
It is recommended that your business applications are designed to integrate with other systems and applications (when applicable), based on the same principles (service orientation).
Integration best practices
For application integration, best practices in terms of interoperability and maintainability dictate that you should ensure that web services are available for those systems you wish to integrate with Bizagi PaaS, while making sure that such services are accessible through the internet (i.e, are cloud-ready), with due security measures in place.
Once you ensure this, invoking web services (either SOAP or RESTful) is easily done in Bizagi without the need of coding.
As a general recommendation, in order to harden the security of your exposed web services, you may rely on different industry-standard ways to secure them from unintentional or malicious outside access, such as:
•Using a proxy: This means not allowing direct external access to your services (e.g, by relying on a DMZ, port forwarding mechanisms, etc), but considering instead the use of a proxy server that requires authentication.
•Relying on authentication: This means ensuring that your services implement a token-based authentication mechanism (such as OAuth or others), so that you restrict unauthenticated access.
•Filtering IP addresses: This means configuring the IP addresses employed by Bizagi PaaS as only allowed IP addresses to target your services. By having your proxy filter out other IP addresses not explicitly included as approved in the list, you enforce protection of your services.
•Other assets: This means having assets in place such as IDS, IPS, logging systems, or WAFs, so that you may identity, prevent and mitigate attacks.
Using a DMZ on your side is best practice, whether or not you plan to establish a VPN, but it is especially useful in terms of security if you wish to expose certain services to applications and services from the outside of your network, while still protecting the internal network and its resources.
Implementing security protocols and standards to protect transmitted data is also a best practice.
Note that per se, Bizagi does NOT require any of the above. These are simply listed as common security measures that you may want to consider to harden your services when made accessible from the internet, so that you feel more reassured about mitigating potential vulnerabilities (for your own convenience).
The following possibilities reflect the multiple features offered by Bizagi for the diverse integration requirements.
1. Invoking web-based services from Bizagi
Bizagi features a generic Web service connector which is easily configured to consume SOAP Web services or REST services (i.e, WCF services, RESTful APIs, any SOAP service available in general).
Configuring this is all done through assisted steps, by means of graphical mapping of inputs and outputs (without the need of programming).
For more information about this feature, refer to the Web services connector.
Additionally, you may accelerate your implementations by plugging in ready-to-use connectors that target specific services (e.g, Amazon web services, Google services, Office 365 services, etc).
Bizagi connectors allow powerful extensibility options regarding integration with any system or application, which especially use modern architectures (e.g, services which are cloud-ready, offer a RESTful API).
To choose from a comprehensive set of more than 50 connectors, browse the Bizagi Connectors Xchange.
Alternatively, you may choose to create your own connectors and integrate a third-party API for this purpose.
For more information about this option, refer to Bizagi Connectors.
2. Connecting to an ECM document repository
Bizagi supports integration with Enterprise Content Management systems (also known as Document Management Systems) that comply to the CMIS 1.0 web services standard, such as SharePoint, Alfresco and Documentum, amongst others.
Documents uploaded in Bizagi Processes can be easily configured to be directly stored in your corporate central repository.
For further information about ECM integration, refer to ECM Integration.
3. Extending logic with APIs or custom code in Bizagi
You may also extend the logic behind business rules in Bizagi, by including your own components or bundling third-party APIs.
You may write you own code in order to directly integrate APIs, or especially to perform additional processing.
This way you end up registering and bundling in Bizagi your own .DLL assemblies.
For more information about the possibility to integrate APIs or custom code, refer to Custom components.