WorkflowGen GraphQL API


#1

GraphQL

Overview

WorkflowGen version 7.0.0 introduces the new GraphQL API, which is a modern solution to create process-driven solutions such as mobile apps, web apps, and microservices that require a powerful workflow and BPM engine.

The WorkflowGen GraphQL API is a Node.js application that runs in IIS using iisnode; it enables a high level of customization such as extending the GraphQL schema with custom types, queries or mutations, or implementing new authentication methods.

You can use GraphiQL, “a graphical interactive in-browser GraphQL IDE”, to test queries and mutations, and to browse the schema documentation.

The GraphQL API is in Alpha phase. All of the queries and mutations used by the mobile application have been implemented. The next releases will provide of the remaining User Portal and Administration Module operations.

About GraphQL

GraphQL website presentation:

“GraphQL is a query language for APIs and a runtime for fulfilling those queries with your existing data. GraphQL provides a complete and understandable description of the data in your API, gives clients the power to ask for exactly what they need and nothing more, makes it easier to evolve APIs over time, and enables powerful developer tools.”

GraphQL is a production-ready and an open source technology created by Facebook. In September 2016, Github announced its GraphQL API.

“We’ve often heard that our REST API was an inspiration for other companies; countless tutorials refer to our endpoints. Today, we’re excited to announce our biggest change to the API since we snubbed XML in favor of JSON: we’re making the GitHub API available through GraphQL.”

GraphQL is a modern API solution for React, React-Native, Angular 2, and Vue based applications.

Many GraphQL tutorials are available, it is available in many languages, and has a large community.

Technical requirements

In addition to the standard WorkflowGen installation, the following components are required:

  • IIS URL rewrite

  • Node.js LTS (version 8.11.3 for WorkflowGen version 7.11.0 and later; version 6 for earlier versions of WorkflowGen 7.x.x)

  • iisnode

For information on the installation procedure, see the WorkflowGen Technical Guide.

Endpoints

The following endpoints are available:

  • GraphQL API: http://localhost/wfgen/graphql

  • GraphiQL IDE: http://localhost/wfgen/graphql

  • GraphQL Schema (definition language): http://localhost/wfgen/graphql/schema

The HTTP GET method is supported on queries only. The HTTP POST method is supported on queries and mutations.

HTTP usage

Express-graphql is used to serve the GraphQL HTTP queries:

GraphQL will first look for each parameter in the URL’s query-string:

/graphql?query=query+getUser($id:ID){user(id:$id){name}}&variables={"id":"4"}

If not found in the query-string, it will look in the POST request body.

If the POST body has not yet been parsed, express-graphql will interpret it depending on the provided Content-Type header:

  • application/json: the POST body will be parsed as a JSON object of parameters.
  • application/x-www-form-urlencoded: this POST body will be parsed as a url-encoded string of key-value pairs.
  • application/graphql: the POST body will be parsed as GraphQL query string, which provides the query parameter.

Curl example

curl -u yourusername -X POST -H "Content-Type: application/x-www-form-urlencoded" -d 'query={
    viewer {
        userName
        lastName
        firstName
        email
    }
}' "http://localhost/wfgen/graphql"

And the result is:

{
    "data": {
        "viewer": {
            "userName": "johndoe",
            "lastName": "Doe",
            "firstName": "John",
            "email": "john.doe@acme.com"
        }
    }
}

Authentication

The following authentication methods are supported:

OIDC-compliant

Classic

  • Integrated Windows

  • IIS Basic

  • WorkflowGen authentication

  • Custom .NET authentication modules

HTTPS is required to secure credentials.

The GraphQL node.js app code inside the /wfgen/graphql folder can also be customized to accommodate many other authentication methods (such as oAuth 2, JWT, etc.) thanks to node libraries such as Passportjs.

User impersonation

User impersonation is supported but not recommended, and should be used only when no other technical solutions are possible. (For example, OpenID Connect-based authentication methods allow you to use access tokens to perform API operations on the client and server sides without impersonation.)

System operations allowed users can impersonate another WorkflowGen user account by setting this account’s username as the value of the x-wfgen-impersonate-username HTTP request header.

This request header can be renamed according to your naming convention. You can specify a new header name in the GraphqlImpersonateUserNameHttpHeader setting in the \wfgen\web.config file (e.g. <add key="GraphqlImpersonateUserNameHttpHeader" value="my-custom-impersonate-username" />).

To give or withdraw system operations rights to or from specific users, refer to the System operations allowed users setting in the Security section on the General tab of the Configuration Panel; alternately, you can edit the ProcessesRuntimeWebServiceAllowedUsers setting in the \wfgen\web.config file.

GraphiQL examples

You can copy/paste these queries directly in the GraphiQL IDE:

Viewer basic info (the authenticated user)

{
    viewer {
        userName
        lastName
        firstName
        email
    }
}

My Actions to do

{
    viewer {
        actions(filter: {as: ASSIGNEE, status: OPEN}}) {
            totalCount
            hasNextPage
            hasPreviousPage
            items {
                request {
                    number
                    description
                }
                number
                name
                description
                limit
                launchUrl
            }
        }
    }
}

Fetch a request by its number

{
    request(number: 273) {
        description
            requester {
            lastName
            userName
            company
        }
        process {
            name
            version
        }
    }
}

Create a new request

mutation {
    createRequest(
        input: {
            processName: "PRODUCT_CREATION"
            processVersion: 3
            parameters: [
            {
                name: "CATEGORY"
                type: TEXT
                textValue: "robot"
                direction: IN
            },
            {
                name: "CODE"
                type: TEXT
                textValue: "HAL 9000"
                direction: IN
            },
            {
                name: "VALUE"
                type: NUMERIC
                numericValue: 600000
                direction: IN
            }
            ]
        }
    )
    {
        request {
            number
            followUpFormUrl
        }
    }
}

Global identifiers

Each GraphQL type has an id: ID! field. This ID is a global and is unique for all WorkflowGen objects.

You can use the node(id:ID!) query to retrieve a WorkflowGen object given its ID.

{
    node(id: "UHJvY2VzczoxNQ==") {
    id
    ... on Request {
        number
        requester {
            lastName
        }
    }
    ... on Action {
            limit
            assignee {
                id
                company
        }
    }
    ... on User {
            userName
            email
        }
    }
}

Pagination

The GraphQL API supports page number based pagination. You can set a page number and a size; otherwise, the default values are:

  • 1 for the page number

  • 30 for the page size

The maximum value for the page size is 100. You can change this setting in the GraphqlMaxPageSize key in the /wfgen/web.config file.

The result contains:

  • totalCount: The total number of items

  • hasPreviousPage

  • hasNextPage

  • Items: The the list of items in the requested page.

{
    viewer {
        requests(page: {number: 2, size: 20}, filter: {as: REQUESTER, status: OPEN}, orderBy: {field: NUMBER, direction: DESC}) {
            totalCount
            hasNextPage
            hasPreviousPage
            items {
                id
                number
                requester {
                    userName
                }
            }
        }
    }
}

To retrieve the total count without the list of items, you just need to set the page number to 0:

{
    viewer {
        requests(page: {number: 0}, filter: {as: REQUESTER, status: OPEN}) {
            totalCount
            hasNextPage
            hasPreviousPage
        }
    }
}

Delegation management

Some GraphQL queries and mutations can be executed on behalf another user. This is possible when a user has created a delegation in WorkflowGen. The delegatee has to specify the user ID of his delegator in the onBehalfOf argument.

List of actions to do on by the delegatee on behalf of the delegator with the user ID VXNlcjoy:

{
    viewer {
        actions(filter: {as: ASSIGNEE, status: OPEN}, onBehalfOf:"VXNlcjoy"}) {
            totalCount
            hasNextPage
            hasPreviousPage
            items {
                request {
                    number
                    description
                }
                number
                name
                description
                limit
                launchUrl
            }
        }
    }
}

When the onBehalfOf argument is set, it is propagated implicitly to the all the sub-queries and fields until a User type is used.

Logs

All HTTP queries are logged by IIS as other ASP.NET web apps. Node js application logs are available in the /wfgen/graphql/iisnode/ folder. You can adjust the iisnode log file management in the /wfgen/graphql/web.config file.

Debug mode

A debug mode can be enabled by setting the GraphqlDebugEnabled key to Y in the /wfgen/web.config file.

In debug mode, some extensions are added to the GraphQL response, and additional error messages are logged in the /wfgen/graphql/iisnode/ folder.

Known limitations

actions and requests queries don’t support all argument combinations.

You must specify additional arguments (such as filter: { as: REQUESTER }).

In this example the requests and actions queries return empty lists:

{
    viewer {
        requests {
            totalCount
            hasNextPage
            hasPreviousPage
        }
        actions {
            totalCount
            hasNextPage
            hasPreviousPage
        }
    }
}

Access information given in the form
#2

Hi,

I am experiencing a lot of permission issues with the GraphQL. It would be nice to know what a regular user have access to compared to an admin user.

For example, calling localProcessParticipant returns null for the users when calling from a regular user. What is the point if we cannot get the info with a regular user.

At least let us know which actions a regular user can call without always getting null back.

Thanks


#3

Hi @ParadimeWeb,

Process design information is not available for regular users. A regular user will have the same level access of info in GraphQL as in the Portal.

If you would like a regular user to see that information, you need to call that method with a user with admin, supervisor or manager permissions.

I will take a look with the team to see if we can enhance the documentation regarding this.

Regards,
Eddy.


#4