Corezoid API
- 23 Oct 2024
- 3 Minutes to read
- Contributors
- Print
- DarkLight
- PDF
Corezoid API
- Updated on 23 Oct 2024
- 3 Minutes to read
- Contributors
- Print
- DarkLight
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
Expand your capabilities of working with Corezoid Actor Engine by using:
- Corezoid's asynchronous API (Corezoid API reference) enables the automation of creating and modifying tasks, processes, and operations on objects like creating, uploading, and restoring folders, State Diagrams, and Dashboards.
- Corezoid synchronous API (Sync API) enables the retrieval of task-invoked process outputs.
These features provide you with the flexibility to dynamically manage your Corezoid environment. Moreover, you can work with "real-time" processes that can be adjusted based on incoming data and predefined business logic.
Use our collection of Corezoid API queries for Postman as an example.API protocol – use prerequisites
Before using the Corezoid API:
Create API key
To create an API key and get an API login (authorization login) and a secret key, follow the path and see the video below:
Users & Groups -> Create -> API key -> enter name -> OK
Create pre-request script
To create a pre-request script to be able to generate signatures for the API requests you send (via Postman, for example):
- Copy the {API_LOGIN} authorization login, and {SECRET} secret key (by clicking the icon to the right in your API keys list), and use the following URL:
Where:https://api.corezoid.com/api/2/json/{API_LOGIN}/{TIMESTAMP}/{SIGNATURE}{API_LOGIN}: Is an authorization login of your
API key;{TIMESTAMP}: Is request time, a Unix timestamp (epoch time) by Greenwich (GMT+0) that requires an integer parameter.
{SIGNATURE}: Is a concatenated string generated from the following parts:
hex( sha1({TIMESTAMP} + {SECRET} + {CONTENT} + {SECRET}) )
where:{TIMESTAMP}: Is a request time, a Unix timestamp (epoch time) by Greenwich (GMT+0); requires an integer input.hex(): Converts binary data to hexadecimal form.sha1(): Is a standard hash-function SHA-1 that must return binary data.+: Is text string concatenation.{SECRET}: Is the secret key for yourAPI key.{CONTENT}: Is a request body.
Signature verification in Corezoid
The request signature algorithms available for signature verification in Corezoid are sha1, sha224, sha256, sha384, and sha512.
Use the following script for signing your requests:
var time = Math.floor(Date.now() / 1000); var secret = pm.environment.get("SECRET"); var content = request.data; var signature = CryptoJS.enc.Hex.stringify(CryptoJS.SHA1(time + secret + content + secret)); pm.environment.set("TIMESTAMP", time); pm.environment.set("SIGNATURE", signature);Note: The entire API request is an http-body described as the
{CONTENT}in the{SIGNATURE}formula. All text is expected to be encoded as UTF-8.Send an API request with the following HTTP header:
Content-type: application/json; charset=utf8
API operations on objects of a company different from the one which user you are currently using are forbidden. Sending an API request to perform an operation on an object in another company will result in the following error: Company of object does not match companyId of request.
Example of sha256 algorithm use for signature verification
To specify the signature algorithm, use the conv-signature-algorithm header. Example for sha256:
--header 'conv-signature-algorithm: sha256'
Request example
curl --location 'https://www.corezoid.com/api/2/json/130140/{{TIMESTAMP}}/{{SIGNATURE}}' \
--header 'conv-signature-algorithm: sha256' \
--data '{
"ops": [
{
"title": "New object 2",
"description": "test description",
"type": "modify",
"obj": "conv",
"obj_id": 1111111,
"company_id": "i111111111"
}
]
}'
| Parameter | Description |
|---|---|
| obj_id | Object ID |
| company_id | ID of the company containing the object |
Postman configuration example
- Create an environment with
TIMESTAMP,SIGNATURE, andSECRET_KEY(replace theSECRET_KEYwith your secret key) variables. - Configure the request:
URL: https://www.corezoid.com/api/2/json/130140/{{TIMESTAMP}}/{{SIGNATURE}}
Method: POST
Header: conv-signature-algorithm: sha256
Request Body: versatile, with environment variables configuration
Postman pre-request script example
var time = Math.floor(Date.now() / 1000);
var secret = ("*********************");
var body = request.data;
var signature = CryptoJS.enc.Hex.stringify(
CryptoJS.SHA256(time + secret + body + secret)
);
pm.environment.set("TIMESTAMP", time);
pm.environment.set("SIGNATURE", signature);
Example of node creation request and response
The request body contains a list of operations (ops):
{
"ops": [
{
"id": 1,
"type": "create",
"obj": "conv"
},
{
"type": "modify",
"obj": "node",
"obj_id": "n1234"
}
]
}
The id parameter ("string" format) is optional and is used for identifying operations in the ops array. If not specified, the parameter is returned with an empty value ("id": "") in the response.
Response
{
"request_proc": "ok",
"ops": [
{
"id": 1,
"obj": "conv",
"obj_id": "1234",
"proc": "ok"
},
{
"id": "",
"obj": "node",
"obj_id": "n1234",
"proc": "obj_id_not_found"
}
]
}
| Parameter | Value | Description |
|---|---|---|
| request_proc | ok – successful request, error – other cases. | Global status of whole package processing. |
| ops | [] | List of operations. |
| ops[n].proc | ok – successful request, error – other cases. | Status for a separate operation. |
Examples of task adding and modification requests
When using the Corezoid API:
- The most common operations involve creating and modifying tasks. For more information, go to Examples of tasks creation and modification.
- To create or modify a task, use our collection of Corezoid API queries for Postman.
- To create a task using the synchronous API, go to Sync API.
Was this article helpful?