Overview
| Excerpt |
|---|
|
Actionflows can be setup to provide an API end point which enables external systems to make calls to PhixFlow. Actionflows set up as API end points have a | Insert excerpt |
|---|
| _actionflow_api_endpoint |
|---|
| _actionflow_api_endpoint |
|---|
| nopanel | true |
|---|
|
icon on the Actionflow home screen. |
Incoming API Setup
To enable an actionflow as an incoming API, we need to define it as an end point and configure an incoming connection point with a set of predefined input parameters. These settings are described below:
Step 1 - Actionflow Properties
- Create an
| Insert excerpt |
|---|
| _actionflow |
|---|
| _actionflow |
|---|
| nopanel | true |
|---|
|
from the Actionflow home page - Set a unique name and provide a useful description
- Note the name must be unique across all applications on PhixFlow.
- When the Actionflow opens, on the toolbar click
| Insert excerpt |
|---|
| _property_settings |
|---|
| _property_settings |
|---|
| nopanel | true |
|---|
|
- In the Basic Settings section of the properties, click API End-Point
- This turns the Actionflow into an incoming API.
- Click Allow Anonymous Connections
| Excerpt |
|---|
| name | AllowAnonymousConnections |
|---|
|
This allows anyone with the URL for the API to call it, the audit trail records the system as running performing the API call. |
Adding Adding authorization is covered later on this page.
- your changes
Incoming APIs require a specific set of Input Parameters on the connection point.
- Click on the Connection Point In
- In the Properties that open, in the Input Parameters section add the following attributes, the names are case sensitive:
| Name | Type | Description |
|---|
| body | String | provides the information sent in the body of the API call. |
| contentType | String | Provides details of the Content Type |
| headers | String | Provides the information sent in the API call header. |
| url | String | Provides the complete URL that was used to call the API. This can be used to pass parameters to the API. |
3.
your changes
Configure the actionflow to perform the required tasks.
If you wish to return data from the API,
- Add a new Connection of type Output
- The name of the Output Connection Point will be used to retrieve the data as part of the path. This is covered in Calling a PhixFlow API (below).
- Add the required Output Attributes
Calling a PhixFlow API
Step 4 - HTTP Method
To call a PhixFlow API use the HTTP Method POST
Step 5 - API URL
The API can be called using a URL which is constructed as follows:
https://<<Server Name>>/phixflow/api/1/action/<<Actionflow Name>>/trigger
| parameter | description |
|---|
| <<Server Name>> | URL of the server e.g. app.phixflow.com |
| phixflow | the name of the instance, typically this is phixflow |
| <<Actionflow Name>> | The name of the actionflow set in Step 1. Note that if your actionflow has a space in the name this must be replaced with %20. For example "My API" becomes, "My%20API". |
Example URL
https://app.phixflow.com/phixflow/api/1/action/My%20API/trigger
Step 6 - Returned Data JSON Path
If your API has been configured to return data the path will be in the format:
$.data.<<Output Name>>
Where <<Output Name>> is the Output connection point setup in step 3.
Adding Authentication
Step 7 - Enable Authentication
- Open the Incoming API Actionflow.
- On the toolbar click
| Insert excerpt |
|---|
| _property_settings |
|---|
| _property_settings |
|---|
| nopanel | true |
|---|
|
- In the Basic Settings section of the properties, click Allow Anonymous Connection so that it is disabled, it will appear greyed out.
- the changes
Step 8 - Create Authentication User
- In the
| Insert excerpt |
|---|
| _repository |
|---|
| _repository |
|---|
| nopanel | true |
|---|
|
, expand the application with the Incoming API. - Expand and create an New Role by clicking
| Insert excerpt |
|---|
| _addIcon |
|---|
| _addIcon |
|---|
| nopanel | true |
|---|
|
.- Pin the tab as we will need it to remain open.
- Provide a useful Name e.g. GenerateToken
- In the Privileges section, click
| Insert excerpt |
|---|
| _privilege |
|---|
| _privilege |
|---|
| nopanel | true |
|---|
|
- Scroll down to the Full Repository, expand it and search for the privilege:
Use API Key - Drag the Use API Key into the privileges section of the Role.
- the changes
- In the
| Insert excerpt |
|---|
| _user_group |
|---|
| _user_group |
|---|
| nopanel | true |
|---|
|
section, click | Insert excerpt |
|---|
| _user_group |
|---|
| _user_group |
|---|
| nopanel | true |
|---|
|
- Add a new Group for you Role.
- Give it a useful Name e.g. API Users.
- Add any users you require to be able to run the API. This could be a dedicated API user with limited privileges.
- To create a user see Managing User Accounts → Creating Users.
- Click and close the tab.
- Now drag the new user group into the
| Insert excerpt |
|---|
| _user_group |
|---|
| _user_group |
|---|
| nopanel | true |
|---|
|
section of the new privilege. - the changes
- The setup should look similar to:
Step 9 - Authentication Token KeyStore
A signing key is used to generate the Phixflow API key and this is stored on the server to ensure secure access.
Using the page Configure a Keystore and Aliases, configure phixflow-api-key to be used as the signing key for PhixFlow API Keys in the same way as pepperKey is configured. This secret string must be a minimum of 32 bytes length.
Step 10 - Generate Authentication Token
- The Incoming API will run as a specified user, this means when it is called the audit trail will show the specified user as having performed the Incoming API actionflow
- You do not need to login as this user, however, if you were already logged in as this user when performing Step 1 above, you will need to logout and login again to pick up the user group change
- In the
| Insert excerpt |
|---|
| _repository |
|---|
| _repository |
|---|
| nopanel | true |
|---|
|
, scroll down to the Full Repository section and expand it - Expand the section
- Double click on the user who will run the Incoming API
- Click the 3-dot more menu in the top right of the user properties
- Click Generate API Key
- Copy the value displayed and store it somewhere safe
Step 11 - Send Authorization
When calling the Incoming API, the authorisation token must be passed in as a header called: Authorization
Server Console Responses
The item calling the API End-Point will receive the a Response from the API End-Point stating whether it has run successfully (Success) or not (Fail). Responses can be customised to return specific messages.
The response recorded in the
| Insert excerpt |
|---|
| _console |
|---|
| _console |
|---|
| nopanel | true |
|---|
|
:
If you are making the call using PhixFlow the Responses can be access as follows:
- Click the ActionFlow entry
- In the Messages section which is opened below, double-click the lines that begin Response
- Click the Message Details tab to see the response.
API End-Point Results
To see the results of the API End-Points processing in the
| Insert excerpt |
|---|
| _console |
|---|
| _console |
|---|
| nopanel | true |
|---|
|
:
- Click the ActionFlow entry for the API End-Point
- In the Messages section which is opened below, double-click any of the Messages to see more details
- If you are using a debug() statement these will appear here.
Failures
An API End-Point will fail if the logic in the Actionflow fails or if the error() function is used to force a failure.
If records are passed to the API End-Point individually a failure will only impact the specific record being processed.