API and Authentication

The most common use case of the Decisions API is running Rules and Flows through a Rest Service call. However, the API can be used for other functions such as provisioning users, setting up folders or projects, setting branding, and more.

Authenticating to Decisions API

There are two primary ways to authenticate to Decisions API; using the authentication information provided by the View Integration Details page or providing authentication information in the HTTP Header.

Authentication information is required to call Decisions via API. This allows Decisions to grant access, check authorizations for specific activities, govern access to specific data, and audit the actions taken in the product.

View Integrations Details Page

The View Integrations Details page allows users to set parameters and obtain the appropriate GET or POST request types to execute a task. 

Request Header Authentication

Users have the option to add authentication information in the Request Header. By using this option, users do not need to provide the authentication information in the URL or POST body. Instead, provide the information in the Request Header's Authorization field option.

 The Header values for the request will be different based on the type of authorization type.

Basic Authorization Type

Username and Password are passed to the services as a Basic Authorization and should only be used for simple, periodic API calls. In most API uses, the username and password are used to create a Session for subsequent calls.

To programmatically send the User id and Password, combine them with a colon (:) character and then base64 encode the result. This is placed in the Header with the ‘Basic’ keyword.

string merged = $"{userName}:{userPassword}";
string toSend = Convert.ToBase64String(System.Text.Encoding.UTF8.GetBytes(merged));
HttpClient client = new HttpClient();
client.DefaultRequestHeaders.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Basic", toSend));
client.GetAsync(“http://localhost:8081/Primary/restapi/Flow/2474ea6a-5472-11ec-8c48-803253078da6?”);

Session Authorization Type

A SessionID will be returned by utilizing the following API call. 

URL:"http://[baseportalURL]/Primary/REST/AccountService/LoginUser"
Post Body: { "outputtype" : "Json" }
Http Header: Authorization: Basic (Base64 String as described above)

Bearer Authorization Type

The Bearer Authorization Type requires a JWT Token. 

Get the JWT Token with a username and password via the POST method.

URL:"http://[baseportalURL]/Primary/REST/AccountService/LoginAndGetJWTToken"
Post Body: {
  "userName": "username",
  "password": "password",
  "outputtype": "Json"
}

Once the JWT token has been acquired, API calls can be achieved by using the Bearer Authorization Type. 

URL: http://[portalbaseURL]/Primary/?[DesignerElement]ID=[DesignerElementIDValue]&Action=api&outputtype=JSON

Http Header: Authorization: Bearer (JWT token)

Request Cookies on API Calls

On API calls, Decisions uses the following headers and cookies: