Bizagi provides programmatic access to the underlying business information in your data model, through a powerful API based on RESTful and OData services.
This API let you work with your processes data from external applications, such as the Experience design features when you start new relevant processes, execute searches and trigger actions, or fetch pending cases in other portals or tools of your choice.
Basic OData concepts
Bizagi complies with OData version 4.0, by featuring a comprehensive set of possibilities to work with the underlying data of the business processes.
OData services are built as RESTful services (featuring resources, accessible throughout URLs and having every resource use a unique identifier).
RESTful services, rely on the set of operational HTTP methods as shown in the table below:
A read-only operation used to query the server for specific information.
It is both an idempotent (no matter how many times you apply the operation, the result is always the same), and safe operation. Invoking a GET does not change the state of the server.
POST is the only non-idempotent and unsafe operation of HTTP (it can modify the service in a unique way).
You may or may not send information with the request.
You may or may not receive information from the response.
For more information about the OData specification, refer to http://www.odata.org/.
Security in Bizagi API
The OData services in Bizagi are protected and rely on a standard authentication mechanism: OAuth version 2.0.
Requests made to these services need to be granted with rights to resources, using previously generated OAuth keys.
With the OAuth version 2.0 specification, Bizagi supports the three OAuth flows, which are the most commonly used ones:
This lets client application authenticate users with inputted credentials at runtime (throughout a login page).
This flow is designed for human interaction, where requests use impersonation of end users.
For more information about this specification, refer to https://tools.ietf.org/html/rfc6749#section-1.3.1.
This allows server to server integration without further use of specific end user credentials.
For more information about this specification, refer to https://tools.ietf.org/html/rfc6749#section-1.3.4.
This lets client application authenticate using a token.
For more information about this specification, refer to https://tools.ietf.org/html/rfc6750.
Bizagi API services
Bizagi offers two OData services: one to access business data (resources classified as part of the data services), and another to access system configuration regarding Stakeholders definitions (resources classified as part of the metadata services).
Through the data services you can do the following in Bizagi:
•Obtain information related to Stakeholders for example my stuff or searches, and execute actions of experience elements.
•Create a new case for processes.
•Obtain the list of pending cases with their pending activities (whether or not they are a Stakeholder).
•Complete a pending activity or event by submitting information applicable to that activity or event of an end user (whether or not they are a Stakeholder).
•Search for a specific case by providing its case identifier and obtain its details.
To get started and test for yourself the use of the OData services, refer to Getting started.
Through the metadata services you can obtain details focused on how to further invoke data services, such as: Obtaining the list of Stakeholders in the project, or which searches, processes, relevant processes or my stuff collections they have under their Experience design.
For a full list of the resources of each service, refer to Services index.
Additionally, we recommend that you review the information presented about the Basic Concepts of this API.