Incoming Webhooks
WorkflowGen features an incoming webhook application that allows users to interact with WorkflowGen from external sources by exchanging JSON payloads using HTTP POST requests. The application supports multiple types of operations, such as creating a new request, completing an action, and some process deployment operations like creating a new process from an XPDL.
In addition to the standard WorkflowGen installation, the following components are required:
- Visual C++ Redistributable ✏️ Note: This library is required if you encounter the error
The specified module could not be foundregarding theedgeandedge-jslibraries when accessing the/wfgen/graphql,/wfgen/hooks, or/wfgen/scimweb apps.
The maximum query content length for incoming webhooks can be set by configuring the
maxAllowedContentLength property in the WorkflowGen web.config file. The following example shows how to configure this property as 1� MB (note that the value should always be specified in bytes, so the value in the example is 1,024,000 bytes). The default value is 30,000,000 bytes.<system.webServer>
<security>
<requestFiltering>
<requestLimits maxAllowedContentLength="1024000" />
</requestFiltering>
</security>
</system.webServer>
You can configure the local or remote folder paths where files used by FILE type parameters are located using the Input file allowed folders setting In the Webhooks section on the Configuration Panel Integration tab. (Alternately, you can add the folder names separated by commas to the
HooksInputFileAllowedFolders parameter in the WorkflowGen web.config file.)When using file uploads, you don't need to include the original file folder.
To disallow input file allowed folders, leave this field empty (or the parameter undefined). To allow certain folders only, enter comma-separated values according to the table below:
Value | Description |
Empty | No folders allowed |
* | All folders allowed |
c:\* | All folders on drive c: |
c:\Inetpub\* | All subfolders in a specific folder |
c:\Inetpub\folder* | All c:\Inetpub folders whose names start with folder
📌 Examples:
|
c:\Inetpub\folder2\abc\def | Specific folder only |
You can configure allowed HTTP URLs for input files using the Input file allowed HTTP URLs setting in the Webhooks section on the Control Panel Integration tab. (Alternately, you can add the folder names separated by commas to the
HooksInputFileAllowedHttpUrls parameter in the WorkflowGen web.config file.)To disallow file uploads using HTTP and/or HTTPS URLs, leave the field empty (or the parameter undefined). To allow certain URLs only, enter comma-separated values according to the table below:
Value | Description |
Empty | No HTTP or HTTPS URLs allowed |
* | All HTTP and HTTPS URLs allowed |
https://* | HTTPS URLs only |
http://* | HTTP URLs only |
http://mydomain/* | HTTP from a specific domain only |
http://mydomain/folder/* | HTTP from a specific folder only |
http://mydomain/folder* | All files and folders whose names start with folder
📌 Examples:
|
http://mydomain/folder/file.jpg | Specific file only |
In the Webhooks section on the Integration tab in the Administration Module Configuration Panel, enter the maximum input file size in kilobytes in the Maximum input file size (kB) field.
Alternately, you can set the maximum input file content size in kilobytes as the value of the
HooksMaxInputFileSize parameter in the WorkflowGen web.config file.When working with FILE type parameters content encoded in base64, you must enter the maximum input file content size in kilobytes in the Maximum input file content size (kB) field in the Webhooks section on the Integration tab in the Administration Module Configuration Panel.
Alternately, you can set the maximum input file content size in kilobytes as the value of the
HooksMaxInputFileContentSize parameter in the WorkflowGen web.config file.FILE type data content is only recommended for small files under 1 MB.
WorkflowGen is installed with the following default webhooks settings (located under
iisnode in \wfgen\hooks\web.config):nodeProcessCountPerApplication="1"
maxConcurrentRequestsPerProcess="1024"
With these settings, only one
node.exe instance will handle HTTP requests. This should be sufficient in most cases, but you can optimize performance if needed by adjusting these values based on the number of potential concurrent requests.To create a new incoming webhook application in your WorkflowGen application, click the Add Application button on the Applications page. Then, choose Incoming webhook from the Application type drop-down list, enter the Name and Description, and click Save.
The Applications page will now display your incoming webhook application information, including the application URL. This is the URL you should use to send WorkflowGen incoming webhooks. The last component of this URL corresponds to a token that WorkflowGen will use to identify your incoming webhooks.
You should fill in the Impersonate username textbox with the WorkflowGen username you use to perform your desired operations. Be aware that your impersonated user must have your asked-operation-required rights to complete the action; if not, you will receive a security error on your response payload. As well, if the impersonate username is not set, the workflow engine service default identity will be used (as defined in the Security section on the Integration tab in the Configuration Panel).
- The generated URL and its associated token must remain private and not exposed to end-users in client-side (in JavaScript, for example). You should treat the token with the same level of security as you would a password.
- If the token used in the incoming webhook URL is missing or invalid, a
404status code will be returned. If the associated user is invalid, archived, or inactive, a403status code will be returned. In both cases, the response will contain a descriptive error message.
The incoming webhook application receives your HTTP POST request payload formatted as a JSON object.
Using the URL provided, you can post HTTP requests from external applications (e.g. Postman) to WorkflowGen in order to execute the available operations in your WorkflowGen application. For operations that require you to provide an object ID, the object ID value can be retrieved by using the GraphQL API. In most cases, object numbers can be used instead of IDs in operation payloads.
In case of an error, you will get a response payload providing error details such as:
{
"error": "Advantys.Workflow.ServiceFacade: CreateRequest error: A process ID or name is required"
}
The requests should respect the structure shown in this example, where
operation refers to the name of the operation to execute, and args contains the input node that groups all of the request parameters to perform the operation.To create a new request, the
processName parameter is required. The processVersion parameter is optional and is used to find the correct process you want to use to create your request.curl -u yourusername -X POST -H "Content-Type: application/json" -d '{
"operation": "createRequest",
"args": {
"input": {
"processName": "2_LEVELS_APPROVAL",
"processVersion": 1
}
}
}' http://localhost/wfgen/hooks/yourtoken
The response payload will be structured as follows:
{
"clientMutationId": null,
"requestId": "UmVxdWVzdDoxNzI4",
"number": 10,
"onBehalfOf": null,
"onBehalfOfUserName": null
}
Parameter | Description |
processName | Process name (required) |
processVersion | Process version, used to find the correct process you want to use to create the request |
clientMutationId | This parameter will be null if the request creator did not define it in the request payload |
requestId | ID of newly created request |
number | Number of newly created request |
onBehalfOf | This parameter contains the delegator ID; however, if the request was not created in delegation mode, its value will be null |
onBehalfOfUserName | This parameter contains the delegator username; however, if the request was not created in delegation mode, its value will be null |
As of version 7.17.0, incoming webhooks now offer a new endpoint that supports the OpenAPI v2 specification for operation definitions and another endpoint for operation execution. This allows for seamless integration with other OpenAPI-ready solutions such as Swagger, Microsoft Flow, Azure Logic Apps and Postman.
Use this endpoint to retrieve webhook operation definitions based on the OpenAPI v2 specification (in JSON format).
URI: /wfgen/hooks/openapi/v2
Use this endpoint to execute a webhook operation using HTTP POST, replacing
:operation with the name of the incoming webhook operation (e.g. createRequest).URI: /wfgen/hooks/operations/:operation
:operation: Name of the incoming webhook operation defined in the URI ✏️ Note: The operation name is not required inside the request payload.x-wfgen-hooktoken: Webhook token value specified in the HTTP request header, which is the same token value as used in a classic incoming webhooks URL- Properties with an asterisk
*next to their name
Other required or optional parameters specific to the webhook operation might be needed.
To create a new request from the webhooks API, make sure that sub-process mode is enabled with public access on the target process. (See the Process form section in the WorkflowGen Administration Guide for more information.)
{
"operation": "createRequest",
"args": {
"input": {
"processName": "2_LEVELS_APPROVAL",
"processVersion": 1
}
}
}
{
"clientMutationId": null,
"requestId": "UmVxdWVzdDoxNzI4",
"number": 1728,
"onBehalfOf": null,
"onBehalfOfUserName": null
}
A parameter's array can be included in the
createRequest operation payload. Be aware that a data with the same name and data type must previously exist in the process for each parameter in the array to store the parameter's value. The following example shows how to send parameters corresponding to the four supported data types (TEXT, NUMERIC, DATETIME, and FILE).{
"operation": "createRequest",
"args": {
"input": {
"processName": "2_LEVELS_APPROVAL",
"processVersion": 1,
"parameters": [
{
"name": "TEXT",
"textValue": "My text parameter"
},
{
"name": "NUMERIC",
"numericValue": 5
},
{
"name": "DATE",
"dateTimeValue": "2017-02-23T20:46:00Z"
},
{
"name": "FILE",
"fileValue": {
"name": "TestFile.txt",
"contentType": "text/plain",
"size": 616,
"url": "file:///c:/TestFile.txt",
"updatedAt": "2017-02-21T15:06:38Z"
}
}
]
}
}
}
{
"clientMutationId": null,
"requestId": "UmVxdWVzdDoxNzY1",
"number": 1765,
"onBehalfOf": null,
"onBehalfOfUserName": null
}
Property | Type | Description |
clientMutationId | String | Client mutation identifier |
processId | Base64-encoded string | Process identifier with the pattern [Process:1] where 1 is the process identifier from the database |
processName | String | Process name |
processVersion | Int | Process version, used to find the correct process you want to use to create the request |
isTest | Boolean | Indicates if the process is in test |
parameters | Array | |
onBehalfOf | Base64-encoded string | User identifier that is used by the user to perform the mutation on behalf of another person, with the pattern [User:1] where 1 is the user identifier from the database |
A request dataset context can be updated by adding a parameter array. In this case a request number or a request ID should be provided.
This operation requires users to have system access to perform it. This can be configured in the System operations allowed users field under Security on the Integration tab in the Configuration Panel.
{
"operation": "updateRequestDataset",
"args": {
"input": {
"number": 1750,
"parameters": [
{
"name": "NEW_PARAMETER",
"textValue": "My parameter"
}
]
}
}
}
{
"operation": "updateRequestDataset",
"args": {
"input": {
"id": "UmVxdWVzdDoxMDAw",
"parameters": [
{
"name": "NEW_PARAMETER",
"textValue": "My parameter"
}
]
}
}
}
{
"clientMutationId": null,
"requestId": "UmVxdWVzdDoxNzIx",
"parameters": [
{
"name": "NEW_PARAMETER",
"textValue": "My parameter"
}
]
}
For more information on FILE parameter manipulations when sent within incoming webhook payloads, see the File upload section.
Property | Type | Description |
clientMutationId | String | Client mutation identifier |
id | Base64-encoded string | Request identifier with the pattern [Request:1] where 1 is the request identifier from the database |
number | Int | Request number |
parameters | Array |
You can cancel a request by using the request number or the request ID.
{
"operation": "cancelRequest",
"args": {
"input": {
"number": 1728
}
}
}
{
"operation": "cancelRequest",
"args": {
"input": {
"id": "UmVxdWVzdDoxNzI4"
}
}
}
{
"clientMutationId": null,
"requestId": "UmVxdWVzdDoxNzI4",
"number": 1728,
"onBehalfOf": null,
"onBehalfOfUserName": null
}
Property | Type | Description |
clientMutationId | String | Client mutation identifier |
id | Base64-encoded string | Request identifier with the pattern [Request:1] where 1 is the request identifier from the database |
number | Int | Request number |
notifyParticipant | Boolean | Indicates if participant members have to be notified |
onBehalfOf | Base64-encoded string | User identifier that is used by the user to perform the mutation on behalf of another person, with the pattern [User:1] where 1 is the user identifier from the database |
A request can be deleted by using the request number or the request ID.
{
"operation": "deleteRequest",
"args": {
"input": {
"number": 1728
}
}
}
{
"operation": "deleteRequest",
"args": {
"input": {
"id": "UmVxdWVzdDoxNzI4"
}
}
}
{
"clientMutationId": null
}
Property | Type | Description |
clientMutationId | String | Client mutation identifier |
id | Base64-encoded string | Request identifier with the pattern [Request:1] where 1 is the request identifier from the database |
number | Int | Request number |
To complete an action, provide the request number and the action number, or the action ID.
{
"operation": "completeAction",
"args": {
"input": {
"requestNumber": 1765,
"number": 1,
"parameters": [
{
"name": "NEW_PARAMETER",
"textValue": "My parameter"
}
]
}
}
}
{
"operation": "completeAction",
"args": {
"input": {
"id": "QWN0aW9uOjE3NTktLS0x"
}
}
}
{
"clientMutationId": null,
"actionId": "QWN0aW9uOjE3NTktLS0x",
"number": 1,
"requestNumber": 1759,
"onBehalfOf": null,
"onBehalfOfUserName": null
}
To complete an action, a parameter array can be included in the request payload arguments.
{
"operation": "completeAction",
"args": {
"input": {
"requestNumber": 1765,
"number": 1,
"parameters": [
{
"name": "NEW_PARAMETER",
"direction": "IN",
"type": "TEXT",
"textValue": "My parameter"
}
]
}
}
}
{
"clientMutationId": null,
"actionId": "QWN0aW9uOjE3NjUtLS0x",
"number": 1,
"requestNumber": 1765,
"onBehalfOf": null,
"onBehalfOfUserName": null
}
Property | Type | Description |
clientMutationId | String | Client mutation identifier |
id | Base64-encoded string | Action identifier with the pattern [Action:1---2] where 1 is the request identifier from the database and 2 is the action identifier from the database |
requestNumber | Int | Request number |
number | Int | Action number |
activityName | String | Activity name |
parameters | Array | |
onBehalfOf | Base64-encoded string | User identifier that is used by the user to perform the mutation on behalf of another person, with the pattern [User:1] where 1 is the user identifier from the database |
{
"operation": "completeFormAction",
"args": {
"input": {
"requestNumber": 1765,
"number": 1,
"parameters": [
{
"name": "NEW_PARAMETER",
"textValue": "My parameter"
}
]
}
}
}
{
"clientMutationId": null,
"actionId": "QWN0aW9uOjE3NjUtLS0x",
"number": 1,
"requestNumber": 1765,
"onBehalfOf": null,
"onBehalfOfUserName": null
}
Property | Type | Description |
clientMutationId | String | Client mutation identifier |
id | Base64-encoded string | Action identifier with the pattern [Action:1---2] where 1 is the request identifier from the database and 2 is the action identifier from the database |
requestNumber | Int | Request number |
number | Int | Action number |
activityName | String | Activity name |
parameters | Array | |
onBehalfOf | Base64-encoded string | User identifier used by the user to perform the mutation on behalf of another person with the pattern [User:1] where 1 is the user identifier from the database |
To cancel an action, provide the request number and the action number, or the action ID. The following conditions must be met:
- The viewer and the user (if they don't share the same identity, as in delegation mode) must have access to the request.
- The action must be open.
- The action must have a cancel or default exception defined in the transition.
- The viewer is:
- an administrator or process folder manager OR
- a supervisor with cancellation rights OR
- the action assignee.
{
"operation": "cancelAction",
"args": {
"input": {
"requestNumber": 1759,
"number": 2
}
}
}
{
"operation": "cancelAction",
"args": {
"input": {
"id": "QWN0aW9uOjEwMDAtLS0x"
}
}
}
{
"clientMutationId": null,
"actionId": "QWN0aW9uOjE3NTktLS0y",
"number": 2,
"requestNumber": 1759,
"onBehalfOf": null,
"onBehalfOfUserName": null
}
Property | Type | Description |
clientMutationId | String | Client mutation identifier |
id | Base64-encoded string | Action identifier with the pattern [Action:1---2] where 1 is the request identifier from the database and 2 is the action identifier from the database |
requestNumber | Int | Request number |
number | Int | Action number |
type | String | Cancellation type:
|
exception: { message*, source} | Object { String,
String
} | Exception:
|
onBehalfOf | Base64-encoded string | User identifier used by the user to perform the mutation on behalf of another person with the pattern [User:1] where 1 is the user identifier from the database |
All of the actions with the same name in a request can be cancelled at the same time by using their name in this operation payload. The following conditions are met:
- The viewer and the user (if they do not share the same identity, as in delegation mode) must have access to the request.
- The action must be open.
- The action must have a cancel or default exception defined in the transition.
- The viewer is:
- an administrator or a process folder manager OR
- a supervisor with cancellation rights OR
- the action assignee.
{
"operation": "cancelRequestActionsByName",
"args": {
"input": {
"requestNumber": 4399,
"activityName": "Initiates"
}
}
}
{
"clientMutationId": null,
"actionIds": [
"QWN0aW9uOjQzOTktLS0x",
"QWN0aW9uOjQzOTktLS0y",
"QWN0aW9uOjQzOTktLS0z"
],
"onBehalfOf": null,
"onBehalfOfUserName": null
}
Property | Type | Description |
clientMutationId | String | Client mutation identifier |
requestNumber | Int | Request number |
activityName* | String | Activity name |
type | String | Cancellation type:
|
exception: { message*, source} | Object { String,
String
} | Exception:
|
onBehalfOf | Base64-encoded string | User identifier used by the user to perform the mutation on behalf of another person with the pattern [User:1] where 1 is the user identifier from the database |
To assign an action, provide the request number and the action number, or the action ID; you must also provide the
assigneeUserName or the assigneeId.{
"operation": "assignAction",
"args": {
"input": {
"requestNumber": 1751,
"number": 2,
"assigneeUserName": "johnsmith"
}
}
}
{
"operation": "assignAction",
"args": {
"input": {
"id": "QWN0aW9uOjEwMDAtLS0x",
"assigneeId": "QXNzaWduZWU6MQ=="
}
}
}
{
"clientMutationId": null,
"actionId": "QWN0aW9uOjE3NTEtLS0y",
"number": 2,
"requestNumber": 1751,
"onBehalfOf": null,
"onBehalfOfUserName": null
}
Property | Type | Description |
clientMutationId | String | Client mutation identifier |
id | Base64-encoded string | Action identifier with the pattern [Action:1---2] where 1 is the request identifier from the database and 2 is the action identifier from the database |
assigneeId* | Base64-encoded string | User identifier of the person assigned to the action with the pattern [User:1] where 1 is the user identifier from the database |
requestNumber | Int | Request number |
number | Int | Action number |
onBehalfOf | Base64-encoded string | User identifier used by the user to perform the mutation on behalf of another person with the pattern [User:1] where 1 is the user identifier from the database |
To cancel an action assignment, you should provide the request number and the action number, or the action ID.
{
"operation": "cancelActionAssignment",
"args": {
"input": {
"requestNumber": 1751,
"number": 2
}
}
}
{
"operation": "cancelActionAssignment",
"args": {
"input": {