IFS Workflow User Guide - IFS API Token Update

Back to Release Notes for IFS Workflow 1.1      Release Notes

Introduction

IFS Workflow has a workflow designed to automatically generate a token on a daily basis to automatically conform to the Auth0 Security Model.

System Configuration

No system configuration is needed for any IFS Application, however, it is expected that the user will have the proper Client ID and Client Secret generated from IFS.

PM Table Configuration

Delivered with this workflow is a table called EXTERNAL_API. This table needs to be configured to allow the API Web Service Calls to successfully execute against any IFS Application. For each application, an Auth0 token needs to be generated for proper security into the application API; this workflow is to generate this Authentication Token.

To access this table:

1. The user must have Admin level designation.

2. Navigate to ADMIN > PM Tables > External API Table, and click the Data button.

Within this table is an Authentication Audience, Authentication Endpoint URL, Client Identifier, and Client Secret column. These are the four columns that need to be configured. The set up should look similar to the screen below.

Note: This will be required for each IFS Application that needs to be configured, except IFS Reporting, which has its own credentials workflow.

Open

Configure Crontab

To enable the workflow to execute automatically, Crontab needs to be configured to allow cases to be automatically created. This is needed for all workflows that use a timer feature within IFS Workflow.

To begin, login to the server that houses IFS Workflow, and navigate to the following:

vi /etc/crontab

This will open the Crontab file, which will allow the configuration of the timer event. Options can be listed here to be configured:

http://wiki.processmaker.com/3.2/Executing_cron.php#Configuring_crontab_in_Linux.2FUNIX

Here is an example of a configured crontab given default values during installation:

*/5 * * * * root php -f /opt/processmaker/workflow/engine/bin/cron.php

*/10 * * * * root php -f /opt/processmaker/workflow/engine/bin/messageeventcron.php

*/15 * * * * root php -f /opt/processmaker/workflow/engine/bin/timereventcron.php

Configure the Timed Entry Event

After Crontab has been configured, the other piece to configure is the Timed Entry. To do this, right-click the Timed Entry and select Properties.

Open

This will bring up the Event Properties. It is here where the user can determine the time to run the workflow automatically.

Open

Run the IFS API Token Update Workflow

The following is the overall workflow that needs to be run.

Note: This has a manual start as well as an automated timed event.

Open

This simple workflow is required to be run in order for the Auth0 token to be generated in the External API PM table.

To execute:

1. Configure the proper user in the Automated Services user group.

2. Login as that configured user, and start the case for ‘IFS API Token Update’.

3. There are no associated dynaforms, so simply select Next on the pop-up screen, and it will execute the trigger to generate the token.

Once the workflow has been run, the table column of Current Authentication Token will be filled out with an Auth0 token. This will be a successful run of the workflow.

You can also have this workflow execute automatically (at a recommendation of once per day), to generate this token to limit the manual steps required.

Delivered Items

Full Map of the Workflow

Open

User Groups

Automated Services: This group is designed for tasks that need to be automated. This is used generally to start cases from other IFS Applications.

System Administrator: This group is dedicated to workflows that are designed to administrate over other workflows regarding security, credentials, and overall administration. 

Tasks

Manual Start for Authenticate Against Auth0: This task is empty, and acts as the manual start to the case rather than an automatic time event.