Skip to main content

Operate API (REST)

Introduction​

Operate API is a REST API and provides searching, getting, and changing Operate data. Requests and responses are in JSON notation. Some objects have additional endpoints. For example, process-definitions has an endpoint to get the process-definition as XML representation. In case of errors, Operate API returns an error object.

API documentation as Swagger​

A detailed API description is also available as Swagger UI at ${base-url}/swagger-ui.html.

For example: http://localhost:8080/swagger-ui.html

Authentication​

You need authentication to access the API endpoints.

Authentication for SaaS​

Authentication via JWT access token​

You must pass an access token as a header in each request to the SaaS Operate API. When you create an Operate client, you get all the information needed to connect to Operate.

The following settings are needed to request a token:

NameDescriptionDefault value
client idName of your registered client-
client secretPassword for your registered client-
audiencePermission name; if not given use default valueoperate.camunda.io
authorization server urlToken issuer server-
note

For more information on how to get these values for Camunda 8, read Manage API Clients.

Send a token issue POST request to the authorization server with the required settings:

curl -X POST -H 'content-type: application/json' -d '{"client_id": "RgVdPv...", "client_secret":"eDS1~Hg...","audience":"operate.camunda.io","grant_type":"client_credentials"}' https://login.cloud.camunda.io/oauth/token

You will get something like the following:

{
"access_token": "eyJhbG...",
"scope": "f408ca38-....",
"expires_in": 58847,
"token_type": "Bearer"
}

Capture the access_token value from the response object. In each request to the Operate API, include it as an authorization header:

Authorization: Bearer eyJHb...

Authentication for Self-Managed cluster​

Authentication via Identity JWT access token​

This authentication method is described in Operate Configuration - Authentication.

Another way to access the Operate API in a Self-Managed cluster is to send cookie headers in each request. The cookie can be obtained by using the API endpoint /api/login. Take the steps in the following example:

Example:

  1. Log in as user 'demo' and store the cookie in the file cookie.txt.
curl -c cookie.txt -X POST 'http://localhost:8080/api/login?username=demo&password=demo'
  1. Send the cookie (as a header) in each API request. In this case, request all process definitions.
curl -b cookie.txt -X POST 'http://localhost:8080/v1/process-definitions/search' -H 'Content-Type: application/json' -d '{}'

Endpoints​

Endpoint (HTTP verb + URL path)DescriptionNotes
Process definitions
POST /v1/process-definitions/searchSearch for process definitions
GET /v1/process-definitions/{key}Get process definition by key
GET /v1/process-definitions/{key}/xmlGet process definition by key as XML
Process instances
POST /v1/process-instances/searchSearch for process instancesNew fields added:
flowNodeId
flowNodeName
processDefinitionKey

Warning
1. New fields could break deserialization, so ignore fields not used.
2. processDefinitionKey field will only contain data from version 8.1.8 onward
GET /v1/process-instances/{key}Get process instance by keyNew fields added:
flowNodeId
flowNodeName
processDefinitionKey

Warning
1. New fields could break deserialization, so ignore fields not used.
2. processDefinitionKey field will only contain data from version 8.1.8 onward
DELETE /v1/process-instances/{key}Delete process instance and dependant data by key
Incidents
POST /v1/incidents/searchSearch for incidents
GET /v1/incidents/{key}Get incident by key
Flownode instances
POST /v1/flownode-instances/searchSearch for flow node instances
GET /v1/flownode-instances/{key}Get flow node instance by key
Variables
POST /v1/variables/searchSearch for variables; results can contain truncated variable values
GET /v1/variables/{key}Get variable by key; contains the full value of variable

Every object has a search /v1/<object>/search endpoint which can be requested by POST and a given query request.

Query​

The query request consists of components for filter, size, sort, and pagination.

{
"filter": { object fields to match },
"size": <number of items to return>,
"sort": [ {"field":"<name of field to sort on>", "order": "<ASC|DESC>" ],
"searchAfter": [ <identifier of item from which next search should start> ]
}

Filter​

Specifies which fields should match. Only items that match the given fields will be returned. The section on object schemas lists all available fields for each object.

Filter strings, numbers, and booleans​

Fields of type string, number, and boolean need the exact value to match.

Examples​

Return all items with field processInstanceKey equals 235:

{ "filter": { "processInstanceKey": 235 } }

Return all items with field processInstanceKey equals 235, state equals ACTIVE and incidents equals true:

{
"filter": { "processInstanceKey": 235, "state": "ACTIVE", "incidents": true }
}
Filter dates​

Date fields need to be specified in format: yyyy-MM-dd'T'HH:mm:ss.SSSZZ; for example, 2022-03-17T11:50:25.729+0000.

You can use modifier to match date ranges:

ModifierDescription
||/yWithin a year
||/MWithin a month
||/wWithin a week
||/dWithin a day
||/hWithin an hour
||/mWithin a minute
||/sWithin a second
Example​

Return all items with field startDate within a minute (||/m) for 2022-03-17 11:50:25.

{
"filter": {
"startDate": "2022-03-17T11:50:25.729+0000||/m"
}
}

Size​

Maximum items should be returned and must be a number.

Example​

Return maximum 23 items:

{ "size": 23 }

Sort​

Specify which field of the object should be sorted and whether ascending (ASC) or descending (DESC).

Example​

Sort by name descending:

{ "sort": [{ "field": "name", "order": "DESC" }] }

Pagination​

Specify the item where the next search should start. For this, you need the values from previous results. Copy the values from sortValues field from the previous results into the searchAfter value of query. See also results.

Example​

Get next 10 results for previous query by copying the value of sortValues of the previous results object. Assuming the sortValues value was ["the-name",12345], put it as value for searchAfter in the next query.

{
"sort": [{ "field": "name", "order": "DESC" }],
"searchAfter": ["the-name", 12345]
}

Query components combined​

The query components filter, size, sort, and searchAfter can be combined.

Default values are:

ComponentDefault valueDescription
filternullEmpty (all fields match)
size10
sort[{"field":"key","order":"ASC"}]Sorted ascending by key
searchAfternullFirst items will be returned
Example​

Get max 50 process instances with processVersion equals 2 sorted ascending by bpmnProcessId:

POST /v1/process-instances/search

{
"filter": {
"processVersion": 2
},
"size": 50,
"sort": [
{
"field": "bpmnProcessId",
"order": "ASC"
}
]
}

Results are:

  ...
{
"key": 2251799813699162,
"processVersion": 2,
"bpmnProcessId": "called-process",
"startDate": "2022-03-17T11:53:41.581+0000",
"state": "ACTIVE",
"processDefinitionKey": 2251799813695996
}
],
"sortValues": [
"called-process",
2251799813699162
],
"total": 654
}

Take the value of sortValues and copy it to searchAfter for the next 50 items:

{
"filter": {
"processVersion": 2
},
"size": 50,
"sort": [
{
"field": "bpmnProcessId",
"order": "ASC"
}
],
"searchAfter": ["called-process", 2251799813699162]
}

Results​

The API responds with a Results object. It contains an items array, total amount of found items, and sortValues for pagination.

{
"items": [ { item 1 } , { item 2 } ... ],
"total": <number of found items>,
"sortValues": [<array of values to retrieve next page of results>]
}

Items​

An array of objects that matches the query.

Total​

The total amount of found objects. This is an exact value until 10,000. If more than this, try to make your query more specific.

See also Elasticsearch max results.

sortValues (Pagination)​

Use the value (an array) of this field to get the next page of results in your next query. Copy the value to searchAfter in your next query to get the next page.

See also Elasticsearch search after.

Example​

Results for process-instances:

{
"items": [
{
"key": 2251799813699213,
"processVersion": 2,
"bpmnProcessId": "called-process",
"startDate": "2022-03-17T11:53:41.758+0000",
"state": "ACTIVE",
"processDefinitionKey": 2251799813695996
},
{
"key": 2251799813699262,
"processVersion": 2,
"bpmnProcessId": "called-process",
"startDate": "2022-03-17T11:53:41.853+0000",
"state": "ACTIVE",
"processDefinitionKey": 2251799813695996
}
],
"sortValues": ["called-process", 2251799813699262],
"total": 654
}

Get object by key​

Every object has a GET /v1/<object>/{key} endpoint where {key} is the identifier of the object. Every object has a key field.

Example​

Get the data for process instance with key 2251799813699213:

GET /v1/process-instances/2251799813699213

Result:​

{
"key": 2251799813699213,
"processVersion": 2,
"bpmnProcessId": "called-process",
"startDate": "2022-03-17T11:53:41.758+0000",
"state": "ACTIVE",
"processDefinitionKey": 2251799813695996
}

Change objects​

Some objects can be changed (for example, deleted). The endpoint is the same as getting the object, but with HTTP DELETE instead of HTTP GET. The response is a ChangeStatus object which describes what happened and how many objects were changed.

Example​

Delete the data for process instance (and all dependant data) with key 2251799813699213:

DELETE /v1/process-instances/2251799813699213

Result​

{
"message": "1 process instance and dependant data was delete",
"deleted": 1
}

Object schemas​

Each object has a set of fields with values. These values could be of type string, number, boolean, and dateString.

TypeExample
string"Operate"
number235
booleantruefalse
dateString"2022-03-23T11:50:25.729+0000"

Process definition​

{
"key": <number>
"name": <string>
"version": <number>
"bpmnProcessId": <string>
}

Process instance​

{
"key": <number>
"processVersion": <number>
"bpmnProcessId": <string>
"parentKey": <number>
"startDate": <dateString: yyyy-MM-dd'T'HH:mm:ss.SSSZZ>
"endDate": <dateString: yyyy-MM-dd'T'HH:mm:ss.SSSZZ>
"state": <string>
"processDefinitionKey": <number>
}

Incident​

{
"key": <number>
"processDefinitionKey": <number>
"processInstanceKey": <number>
"type": <string>
"message": <string>
"creationTime": <dateString: yyyy-MM-dd'T'HH:mm:ss.SSSZZ>
"state": <string>
}

Flow node instance​

{
"key": <number>
"processInstanceKey": <number>
"startDate": <dateString: yyyy-MM-dd'T'HH:mm:ss.SSSZZ>
"endDate": <dateString: yyyy-MM-dd'T'HH:mm:ss.SSSZZ>
"incidentKey": <number>
"type": <string>
"state": <string>
"incident": <boolean>
}

Variable​

{
"key": <number>
"processInstanceKey": <number>
"scopeKey": <number>
"name": <string>
"value": <string> - Always truncated if value is too big in "search" results. In "get object" result it is not truncated.
"truncated": <boolean> - If true 'value' is truncated.
}

Change status​

{
"message": <string> - What was changed
"deleted": <number> - How many items were deleted
}

Error​

{
"status": <number> - HTTP Status
"message": <string> - Details about the error.
"instance": <string> - UUID for look up eg. in log messages
"type": <string> - Type of error. Could be ServerException, ClientException, ValidationException, ResourceNotFoundException
}