Product UpdatesStatus PageAutomation Institute
English
Developer API
Resources

# API Platform

The API Platform APIs allow users to programmatically create and manage API Platform assets like endpoints, collections, clients, and access profiles.

# Quick reference

Type Resource Description
GET /api/api_collections List API collections. The endpoint returns the project_id of the project to which the collections belong in the response.
POST /api/api_collections Create an API collection within a project you specify.
GET /api/api_endpoints List API endpoints in a collection.
PUT /api/api_endpoints/:api_endpoint_id/enable Enable an API endpoint in a collection.
PUT /api/api_endpoints/:api_endpoint_id/disable Disable an API endpoint in a collection.
GET /api/api_clients List all API clients. Workato includes the project_id of the project to which the API client belongs in the response.
POST /api/api_clients Create a new API client within a project you specify.
GET /api_access_profiles List access profiles belonging to an API client.
POST /api_access_profiles Create an access profile belonging to an API client.
PUT /api_access_profiles/:api_access_profile_id Update an access profile belonging to an API client.
PUT /api/api_access_profiles/:api_access_profile_id/enable Enable an access profile belonging to an API client.
PUT /api/api_access_profiles/:api_access_profile_id/disable Disable an access profile belonging to an API client.
PUT /api_access_profiles/:access_profile_id/refresh_secret Refreshes access profile token or secret.

# List API collections

List all API collections. The endpoint returns the project_id of the project to which the collections belong in the response.

GET /api/api_collections

# Query parameters

Name Type Description
per_page integer Number of API collections to return in a single page. Defaults to 100. Max is 100.
page integer Page number of the API collections to fetch. Defaults to 1.

# Response

[
    {
        "id": 1361,
        "name": "Quote to cash",
        "version": "1.0",
        "url": "https://api.peatql.io/quote-to-cash-v1",
        "api_spec_url": "https://www.workato.com/doc/service/quote-to-cash-v1/swagger?token=4cab5bdf2cebbe2b4ahjkc9ac175f60c",
        "created_at": "2020-06-15T22:20:15.327-07:00",
        "updated_at": "2020-06-15T22:20:15.327-07:00",
        "project_id": "523144"
    }
]

# Create an API collection

Create an API collection within a project you specify.

POST /api/api_collections

# Query parameters

Name Type Description
project_id string
required		 The ID of a specific project. Retrieve a list of project IDs using the list projects endpoint.

# Payload

Name Type Description
name string
required		 Name of the collection

# Sample request

curl  -X POST https://www.workato.com/api/api_collections?project_id=523144 \
      -H 'Authorization: Bearer <api_token>' \
      -H 'Content-Type: application/json' \
      -d '{
            "name": "Netsuite customers"
          }'

# Response

{
    "id": 1391,
    "name": "Netsuite customers",
    "version": "1.0",
    "url": "https://api.na.workato.com/abstergoi/netsuite-customers-v1",
    "api_spec_url": "https://www.workato.com/doc/service/netsuite-customers-v1/swagger?token=774513f8a712djkls90s7f5a3165eb96d",
    "created_at": "2020-07-31T08:24:31.439-07:00",
    "updated_at": "2020-07-31T08:24:31.439-07:00"
}

# List API endpoints

Lists all API endpoints. Specify the api_collection_id to obtain the list of endpoints in a specific collection.

GET /api/api_endpoints

# Query parameters

Name Type Description
api_collection_id string ID of the API collection. If the parameter is not provided, all API endpoints are returned.
per_page integer Number of API endpoints to return in a single page. Defaults to 100. Max is 100.
page integer Page number of the API endpoints to fetch. Defaults to 1.

# Sample request

curl  -X GET 'https://www.workato.com/api/api_endpoints?api_collection_id=1391' \
      -H 'Authorization: Bearer <api_token>' \
      -H 'Content-Type: application/json' \

# Response

[
  {
      "id": 9903,
      "api_collection_id": 1391,
      "flow_id": 39999,
      "name": "salesforce search",
      "method": "GET",
      "url": "https://api.na.workato.com/abstergoi/netsuite-customers-v1/salesforce/search",
      "legacy_url": null,
      "base_path": "/abstergoi/netsuite-customers-v1/salesforce/search",
      "path": "salesforce/search",
      "active": false,
      "legacy": false,
      "created_at": "2020-08-05T05:59:55.991-07:00",
      "updated_at": "2020-08-05T05:59:55.991-07:00"
  }
]

# Enable an API endpoint

Enables an API endpoint. The underlying recipe must be started to enable the API endpoint successfully.

PUT /api/api_endpoints/:api_endpoint_id/enable

# Path parameters

Name Type Description
api_endpoint_id string
 ID of the API endpoint.

# Sample request

curl  -X PUT https://www.workato.com/api/api_endpoints/1213/enable \
      -H 'Authorization: Bearer <api_token>' \
      -H 'Content-Type: application/json' \

# Disable an API endpoint

Disables an active API endpoint. The endpoint can no longer be called by a client.

PUT /api/api_endpoints/:api_endpoint_id/disable

# Path parameters

Name Type Description
api_endpoint_id string
 ID of the API endpoint.

# Sample request

curl  -X PUT https://www.workato.com/api/api_endpoints/1213/disable \
      -H 'Authorization: Bearer <api_token>' \
      -H 'Content-Type: application/json' \

# List API clients

List all API clients. This endpoint includes the project_id to which the API client belongs in the response.

GET /api/api_clients

# Response

[
  {
      "id": 1255,
      "name": "Automation Inc.",
      "created_at": "2020-07-31T03:44:22.435-07:00",
      "updated_at": "2020-07-31T03:44:22.435-07:00",
      "project_id" : "523144"
  },
  {
      "id": 1890,
      "name": "Umbrella Corporation",
      "created_at": "2020-07-31T03:44:22.435-07:00",
      "updated_at": "2020-07-31T03:44:22.435-07:00",
      "project_id": "423455"
  }
]

# Create an API client

Create a new API client within a project you specify.

POST /api/api_clients

# Query parameters

Name Type Description
project_id string
required		 The ID of a specific project. Retrieve a list of project IDs by using the list projects endpoint.

# Payload

Name Type Description
name string
required		 Name of the client.

# Sample request

curl  -X POST https://www.workato.com/api/api_clients?project_id=523144 \
      -H 'Authorization: Bearer <api_token>' \
      -H 'Content-Type: application/json' \
      -d '{
            "name": "Automation Inc.",
          }'

# Response

{
    "id": 1255,
    "name": "Automation Inc.",
    "created_at": "2020-07-31T03:44:22.435-07:00",
    "updated_at": "2020-07-31T03:44:22.435-07:00"
}

# List access profiles

List all access profiles belonging to an API client. If you don't provide an API client ID, the resource lists all access profiles for all API clients.

GET /api/api_access_profiles

# Query parameters

Name Type Description
api_client_id string Provide an API client ID to retrieve access profiles belonging to a specific API client.
per_page integer Number of access profiles returned in a single page. Defaults to 100. Max is 100.
page integer Choose the page of access profiles to return. The starting page is 1. Defaults to 1.

# Sample request

curl  -X GET 'https://www.workato.com/api/api_access_profiles?api_client_id=933084' \
      -H 'Authorization: Bearer <api_token>'

# Response

[
  {
    "id": 942738,
    "name": "Sales API Profile",
    "api_client_id": 933804,
    "api_collection_ids": [
      791245,
      785457,
      785404
    ],
    "active": true,
    "auth_type": "token",
    "created_at": "2023-11-07T19:39:04.294-05:00",
    "updated_at": "2023-11-07T19:39:04.294-05:00"
  },
  {
    "id": 942709,
    "name": "Purchases API Profile",
    "api_client_id": 933804,
    "api_collection_ids": [
      726374,
      743721,
      776384
    ],
    "active": true,
    "auth_type": "token",
    "created_at": "2023-11-07T18:48:19.908-05:00",
    "updated_at": "2023-11-07T18:48:19.908-05:00"
  }
]

# Create an access profile

Create an access profile belonging to an API client. To use this endpoint, the account must contain at least 1 API collection to assign to the access profile.

The response returned depends on the auth type chosen (Auth token, JSON web token or OAuth 2.0).

  • Auth token authorization will return the auth token in the secret response
  • JWT token has 2 signing methods: HMAC and RSA. Depending on the chosen method, the respective secret or public is required in the payload
  • OAuth 2.0 authorization will return the client ID and secret in oauth_client_id and oauth_client secret
POST /api/api_access_profiles

# Query parameters

Name Type Description
api_client_id string
 ID of the API client.

# Payload

Name Type Description
name string
required		 Name of the access profile
api_collection_ids array
required		 IDs of collections to add to the access profile
active boolean
required		 Whether the access profile is disabled or enabled. A client with a disabled access profile cannot call any APIs.
auth_type string
required		 Authentication method to validate requests. Available types are: token, jwt, oauth2 and oidc.
jwt_method string The JWT signing method. If the auth_type is jwt, this is required. Available methods are hmac and rsa for HMAC and RSA respectively.
ip_allow_list array List of IP addresses to be allowlisted
jwt_secret string Based on the method, specify the HMAC shared secret or the RSA public key.
oidc_issuer Discovery URL of identity provider or OIDC service. Provide only one of this or oidc_jwks_uri, not both.
Only application if auth_type is jwt or oidc.
oidc_jwks_uri JWKS URL of identity provider or OIDC service. Provide only one of this or oidc_issuer, not both.
Only application if auth_type is jwt or oidc.
access_profile_claim If you wish to use a custom claim to identify this access profile, provide the JWT claim key here. Learn more
Only application if auth_type is jwt or oidc.
required_claims Provide a list of claims that you wish to enforce.Only application if auth_type is jwt or oidc.
allowed_issuers Provide a list of issuers (iss value in JWT claims) that you wish to allow. Leave If iss claim is enforced in required_claims, leave this blank to require any iss value. Only application if auth_type is jwt or oidc.

# Sample request (Auth token)

curl  -X POST 'https://www.workato.com/api/api_access_profiles?api_client_id=1255'\
      -H 'Authorization: Bearer <api_token>' \
      -H 'Content-Type: application/json' \
      -d '{
  	          "name": "Sales team",
  	          "api_collection_ids": [1391, 1388],
              "auth_type": "token",
  	          "active": true,
              "ip_allow_list": ["192.168.0.1", "192.168.0.0/20"]
           }'

# Sample request (JWT HMAC)

curl  -X POST 'https://www.workato.com/api/api_access_profiles?api_client_id=1255'\
      -H 'Authorization: Bearer <api_token>' \
      -H 'Content-Type: application/json' \
      -d '{
	           "name": "HMAC API",
	           "api_collection_ids": [1391, 1388],
	           "auth_type": "jwt",
	           "jwt_method": "rsa",
	           "jwt_secret": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ngjihh5hXDRe0c1qPNc\nrF7RIoAG/iNZXruTspeX8e2auMBXTwVI0sLgwUo26lMXCRAvC004JWKugzh1UHXY\nsjmtwZFRznqhb/ojJDi785+zbmVNLWmbIB/ChBUyckBSExsmR0nOpQhiW0przr2J\ncQIDAQAB\n-----END PUBLIC KEY-----",
	           "active": true
           }'

# Response (Auth token)

{
    "id": 26985,
    "name": "New test",
    "api_client_id": 1255,
    "api_collection_ids": [
        1395
    ],
    "active": true,
    "auth_type": "token",
    "jwt_method": null,
    "jwt_secret": null,
    "oauth_client_id": null,
    "oauth_client_secret": null,
    "secret": "e3a1ce1d46c4hjk8kfj26781c6ed3073312451ee0990035bf8a4bc90c2a2",
    "created_at": "2020-08-12T08:03:05.492-07:00",
    "updated_at": "2020-08-12T08:03:05.492-07:00"
}

# Update an access profile

Update an access profile belonging to an API client.

The response returned depends on the auth type chosen (Auth token, JSON web token or OAuth 2.0).

  • Auth token authorization will return the auth token in the secret response
  • JWT token has 2 signing methods: HMAC and RSA. Depending on the chosen method, the respective secret or public is required in the payload
  • OAuth 2.0 authorization will return the client ID and secret in oauth_client_id and oauth_client secret
PUT /api/api_access_profiles/:api_access_profile_id

# Path parameters

Name Type Description
api_access_profile_id string
required		 API access profile ID.

# Payload

Name Type Description
name string
required		 Existing/Updated name of the access profile
api_collection_ids array
required		 Existing/updated API collection IDs to be configured for the access profile
active boolean
required		 Whether the access profile is disabled or enabled. A client with a disabled access profile cannot call any APIs.
auth_type string
required		 Authentication method to validate requests. Available types are: token, jwt, oauth2 and oidc.
ip_allow_list array List of IP addresses to be allowlisted
jwt_method string The JWT signing method. If the auth_type is jwt, this is required. Available methods are hmac and rsa for HMAC and RSA respectively.
jwt_secret string Based on the method, specify the HMAC shared secret or the RSA public key.
oidc_issuer Discovery URL of identity provider or OIDC service. Provide only one of this or oidc_jwks_uri, not both.
Only application if auth_type is jwt or oidc.
oidc_jwks_uri JWKS URL of identity provider or OIDC service. Provide only one of this or oidc_issuer, not both.
Only application if auth_type is jwt or oidc.
access_profile_claim If you wish to use a custom claim to identify this access profile, provide the JWT claim key here. Learn more
Only application if auth_type is jwt or oidc.
required_claims Provide a list of claims that you wish to enforce.Only application if auth_type is jwt or oidc.
allowed_issuers Provide a list of issuers (iss value in JWT claims) that you wish to allow. Leave If iss claim is enforced in required_claims, leave this blank to require any iss value. Only application if auth_type is jwt or oidc.

# Sample request (Auth token)

curl  -X PUT 'https://www.workato.com/api/api_access_profiles/27894'\
      -H 'Authorization: Bearer <api_token>' \
      -H 'Content-Type: application/json' \
      -d '{
  	          "name": "Sales team",
  	          "api_collection_ids": [1391, 1388],
              "auth_type": "token",
  	          "active": true,
              "ip_allow_list": ["192.168.0.1", "192.168.0.0/20"]
           }'

# Enable an access profile

Enable an access profile belonging to an API client. Enabling an access profile will allow API calls to be accepted with the enabled profile.

This call returns success or error messages for Unauthorized/Bad requests.

PUT /api/api_access_profiles/:api_access_profile_id/enable

# Path parameters

Name Type Description
api_access_profile_id string
required		 ID of the access profile.

# Sample request (Auth token)

curl  -X PUT https://www.workato.com/api/api_access_profiles/1213/enable \
      -H 'Authorization: Bearer <api_token>' \
      -H 'Content-Type: application/json' \

# Disable an access profile

Disable an access profile belonging to an API client. Disabling an access profile will stop allowing API calls to be accepted with the access profile.

This call returns success or error messages for Unauthorized/Bad requests.

PUT /api/api_access_profiles/:api_access_profile_id/disable

# Path parameters

Name Type Description
api_access_profile_id string
required		 ID of the access profile.

# Sample request (Auth token)

curl  -X PUT https://www.workato.com/api/api_access_profiles/1213/disable \
      -H 'Authorization: Bearer <api_token>' \
      -H 'Content-Type: application/json' \

# Refresh token/secret

Refreshes the auth token or OAuth 2.0 client secret. This endpoint will fail if the authorization type on the access profile is JWT.

The response returned depends on the authorization type of the access profile (Auth token or OAuth 2.0).

  • Auth token authorization will return a new auth token in the secret response
  • OAuth 2.0 authorization will return a new client ID and secret in oauth_client_id and oauth_client secret
PUT /api/api_access_profiles/:access_profile_id/refresh_secret

# Path parameters

Name Type Description
access_profile_id string
required		 API access profile ID

# Response (Auth token)

{
    "id": 26962,
    "name": "Sales team",
    "api_client_id": 1255,
    "api_collection_ids": [
        1391
    ],
    "active": true,
    "auth_type": "token",
    "jwt_method": null,
    "jwt_secret": null,
    "oauth_client_id": null,
    "oauth_client_secret": null,
    "secret": "xxxxxxxxxxx",
    "created_at": "2020-07-31T09:10:03.310-07:00",
    "updated_at": "2020-08-05T06:08:46.290-07:00"
}
List Developer API client roles
Connections


Last updated: 11/14/2023, 8:17:41 PM

On this page