How to run IBM BPM Rest api call from Post man cli

2019-09-13 01:04发布

问题:

I am trying to excute IBM BPM Rest api call from Post man client Ex: https://ustrial01.bpm.ibmcloud.com/bpm/dev/rest/bpm/wle/v1/user/current?includeInternalMemberships=true&parts=all

I set Basic Authentication values( Username, password) I am getting status code as 200, but response i am getting some HTML code.

Can any one help me on this.Any help is greatly arreciated.

回答1:

If you are getting a 200 status then why do you need the response? the status code should be good enough for you because 200 means the REST call worked fine.



回答2:

I'm not familiar with the product you're referring to, but it sounds like you need to specify the media type you want to get back in an Accept header of your request. I suggest you try specifying

Accept: application/json

or (being an IBM product I'm guessing XML might be preferred)

Accept: application/xml


回答3:

I tried to access BPM REST api call using Chrome's Postman & REST Console plugins. Based on my experience, sometimes I don't no why it looks like Postman will not take auth details.

But, below steps always worked for me: 1. login to BPM account in Chrome, 2. open REST Console plugin and can access REST api GET/PUT all the time.

Hope this helps. Thanks



回答4:

There are two parts to this answer, the 'long story short' part and the elaborate part.

Long Story Short: IBM BPM Cloud exposes a variety of REST APIs to interact with its BPM engine and let it be as a service or more commonly known as 'Headless BPM' or 'BPM-as-a-Service'.

  1. These REST API calls are secured by basic authentication i.e. by username/password

  2. For Cloud, the username and password used for the REST API is not the same as the User's credential, which the User will use for logging into IBM BPM Process Portal or website. For on-prem solution, it is the same.

  3. For Cloud, a 'functional' username password has to be requested for (Cloud Admin can create those) and that has to be used in the service call. For example, if you are username/password for logging into BPM Cloud is 'johndoe@gmail.com/Test123' then there will be functional credential created for this ID (say, 'somefunctionalusernamedjohn123/8jdklajl23').

  4. We can use this credential with every reqeust but what we should do is, use these credentials in the very 1st call to BPM server, in the response of which there will be a specific 'cookie'. We should save it and re-use that in our sub-sequent calls until it expires (you'll receive appropriate http status code if you disable 'follow redirect' in your http client config).

I had to raise a PMR to get this information. https://www.ibm.com/support/knowledgecenter/en/SSFPJS_8.6.0/com.ibm.wbpm.wle.editor.doc/topics/int_ext_services_start_process.html

Sample Java code to start a process:

OkHttpClient client = new OkHttpClient();
Request request = new Request.Builder()
.url("https://ustrial03.bpm.ibmcloud.com:443/bpm/dev/rest/bpm/wle/v1/process? 
processAppId=3u092jr02j-fghjkyk.u078992c166c1&bpdId=25.jk8989-539a-4150- 
b63e-ggui67868gjkgj7&action=start")
.put(null)
.addHeader("Content-Type", "application/x-www-form-urlencoded")
.addHeader("Accept", "application/json")
.addHeader("Connection", "keep-alive")
.addHeader("Authorization", "Basic YXJrYX242232jklkljljLmNvbTpkZWZjb240QA==")
.addHeader("Cache-Control", "no-cache")
.addHeader("Postman-Token", "f46c1525-899-9897-uoh89-bb2b21a57f16")
.build();

 Response response = client.newCall(request).execute();

Before finding this solution through PMR, I was desperately looking for a solution or a workaround. I noticed that my REST calls are getting redirected to an authentication page and I also noticed that, it is quite similar to what happens when you try logging into any IBM BPM Process Portal.

Once you login to IBM BPM Portal using Chrome, observe that it doesn't log you out. So I guessed the answer to be in the cookie and through trial and error, I picked up the cookie, which is PD-S-SESSIONID (named Something like that), and started using them in my service but obviously they expire in like 30-40 mins. So, I went ahead and used selenium and headless chrome to do the same thing as what I did manually. Anyway, this hack shouldn't be needed for On-Prem solution or with functional IDs for cloud.

Another very useful API wrapper which I have used in my project is: https://github.com/egetman/ibm-bpm-rest-client. I had to make some changes to make this work with the trial account and for some other reasons. And of course, we can't go far without the help of in-built REST API tester by IBM e.g. https://ustrial03.bpm.ibmcloud.com/bpm/dev/bpmrest-ui/BPMRestAPITester/index.jsp

Thanks!