Versions Compared

Version Old Version 11 New Version 12
Changes made by

Alex Xie

Alex Xie

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

API endpoints

The base URL of the APIs is: /onelistserver/api/datasync e.g. https://iqx.onelistapprovals.com/onelistserver/api/datasync/synctasks. These APIs can be viewed and tested using Swagger which is accessible via /onelistserver/swagger. The full API signatures can also be found here.

Authentication

The source system must use the API key that is assigned to it by OneList to interact with the data sync APIs. The API key should be specified in the X-API-Key header in every HTTP request. Below is an example of a HTTP POST request:

POST https://iqx.onelistapprovals.com/onelistserver/api/datasync/SyncTasks HTTP/1.1
X-API-Key: TQUIteYnrxqHkBvh2{
Content-Type: application/json

{"activeTasks":[….]}

The key terms used in the APIs

Term

Description

TaskType

This constant value must match the Task Adapter Task Type in OneList configured to handle the request.

TaskId

This is the source system unique identifier of the task. The value must be consistent in the whole lifecycle of the task.

BusinessObjId

This is source system identifier of the business object associated with the task. For example,

  • The PO number for the purchase order approval task;

  • The SharePoint item id for the document approval task;

  • It can be the same as the Task Id if there is no separate entity for the task.

ActionId

This is the source system workflow action identifier.

Assignee

The user id of the source system user who is assigned to the task as the approver / agent.

Delegator

The user id of the source system user who is delegating the task.

Delegate

The user id of the source system user who is the task delegate.

HashValue

The string value can be used to compare if the task has been changed. The following can be used as the hash value for a task:

  • Last update timestamp;

  • Version number of the business object, e.g. document version;

  • Calculated based on the value of critical fields or the entire task, e.g. MD5 hash.

The key APIs for integration

Note: only the key parameters of each API are listed here, please view the full API signature via /onelistserver/swagger.

Function

Description

/onelistserver/api/datasync/SyncTasks

This API synchronizes OneList tasks with source workflow tasks.

  • The ActiveTasks array contains new or updated task detail. OneList reads this array to add or update the tasks to its task cache;

    • The supported task actions must be defined in the EnabledActions field;

    • The TaskDetail field is madatory and it must be assigned the full detail of the task (JSON). It can contain hierarchical data structures and there is no limit to the number of levels of hirerarchy.This is the source data for the OneList task engine to layout the task for presentation.

    • The meta data of the task attachments should be included in the Attachments field. The attachment files are posted to OneList separately using the /onelistserver/api/datasync/SyncAttachments API.

    • If the HasValue field is not set then OneList uses the TaskDetail field to calculate the hash.

  • The DeletedTaskId array contains the id of the tasks that are completed by the source workflow. OneList removes these tasks from its task cache;

/onelistserver/api/datasync/GetUserSyncRequests

This API returns the list of source system user users who has have outstanding task but is are not yet mapped to an OneList user. The source system should call the SyncUsers API to map these users before they can view their tasks in OneList.

/onelistserver/api/datasync/GetActiveUsers

This API returns the profile of active OneList users. It can be used to compare with source system user information to detect user changes in the source systemoutdated OneList user profile.

  • The UserName field is the source system user id;

  • The OneListUserId field is the OneList user id;

  • The other fields are the current OneList user profile information.

/onelistserver/api/datasync/SyncUsers

This API adds or updates OneList user account with the source system user information. It also creates the user mapping between the OneList user account and the source system user account.

  • The UserName field is the source system user id;

  • The OneListUserId field is optional, if not specified then the UserName is used as the OneList user id;

  • The other fields are used to populate the OneList user profile.

/onelistserver/api/datasync/SyncAttachments

This API synchronizes OneList task attachment cache with source system files.

  • The Attachments array contains the current version of the files for the task;

  • The DeletedAttachments array contains the source sytem document id that is removed from the source system document repository.

/onelistserver/api/datasync/GetActionRequests

This API returns the list of user task actions. The source system should perform the requested task action in the workflow.

  • The UserId is the source system user id who performed the action in OneList;

  • The Task field is the full detail of the task to be actioned;

  • The TaskAction field contains the detail of the task action including user input such as approval comment;

  • The LineActions array is only populated for task supporting line-level action;

  • The Token field may contain the refresh token for source system to impersonate the user.

/onelistserver/api/datasync/PostTaskActionOutcome

/onelistserver/api/datasync/PostLineLevalTaskActionOutcome

Source system calls this API to notifiy OneList of the requested task action.

  • The OneListRequestId is the identifier of the action request;

  • The Messages array is optional for posting any status or error messages to OneList.

What needs to integrate with OneList

An adapter will generally implement these integration processes:

Child pages (Children Display)

Adapter design considerations

You should consider these questions before implementing the OneList adapter as the answer could affect the design of the adapter and the process it needs to implement.

Where is the adapter hosted?

The adapter can be hosted by the source system if it is capable, such as SAP, otherwise the adapter should be hosted by an integration platform (iPaaS), such as Azure Integration Services. Source system hosted adapter can access the system’s internal processes and data. External hosted adapter can only access the public APIs and a sub-set of data exposed by the source system.

What are the security and permission requirements of the source system?

The adapter is a daemon service. It needs permission to query all user’s tasks, as well as the business objects and attachment files related to the tasks. You need to decide whether it should use the running serivce account or an explicit account to access source system data and make sure that account has sufficient permission to query the soource data.

The adapter may need to impersonate the approver to perform task action in the source system. Impersonation requires permissions such as to run SAP background job as the approver, or to request access token using the approver’s refresh token.

What is the main source for user information in the organization? Is user mapping required?

The adapter needs to implement the user sync process if the source system is the main source for OneList users.

If the source system user id and OneList user id are different, the adapter can implement the user mapping process when it can automatically map source user id to the OneList user id.

What level of detail in the task is required?

It is better to involve end user early to identify the level of detail required for approvers to make decisions and make sure the adapter has sufficient access to the source data internally and externally as needed.

What is the selection critera for the initial load?

When integrating with an existing workflow, it is important to identify the selection criteria for the initial load to avoid outdated and invalid tasks being posted to OneList. Fields like task id, creation date and status are commonly used as the selection criteria. The adapter should efficiently perform the initial push of tasks to OneList. Consider HTTP connection and request size limits imposed on the OneList APIs, paging of data may be required to handle large volumn of data.

Event-based integration process

Event-based process is preferred as it is timely and efficient. However, the adapter should also consider implementing time-base trigger for the process so that it can catch up any missing events due to downtime and lost of connectivity to the event source.