Control Room APIs

The Automation Anywhere Control Room provides APIs that enable you to customize how you (and your automations) interact with Automation Anywhere.

Important:
  • From Automation 360 v.34, the following WLM API endpoints are deprecated and are planned to be discontinued (EoL) along with the v.38 release :
    • POST /v3/wlm/workitemmodel
    • GET /v3/wlm/workitemmodels/{id}
    • GET /v3/wlm/queues/{id}
    • POST /v3/wlm/queues/{id}/consumers
    • POST /v3/wlm/queues/{id}/participants
    • PUT /v3/wlm/queues/{id}/members/{userId}
    • POST /v3/wlm/queues/{id}/file
    • PUT /v3/wlm/queues/{id}/workitems/{workItemId}
    Replace the above API endpoints with the following API endpoints:
    • POST /v4/wlm/workitemmodel
    • GET /v4/wlm/workitemmodels/{id}
    • GET /v4/wlm/queues/{id}
    • POST /v4/wlm/queues/{id}/consumers
    • POST /v4/wlm/queues/{id}/participants
    • PUT /v4/wlm/queues/{id}/members/{userId}
    • POST /v4/wlm/queues/{id}/file
    • PUT /v4/wlm/queues/{id}/workitems/{workItemId}
  • From Automation 360 v.34, the Bot Scheduler API endpoints: /v1/schedule/automations are deprecated and are replaced with /v2/schedule/automations. The v1 version is planned to be discontinued (EoL) along with the v.38 release

You can view and navigate to all the Control Room API modules and the associated endpoints in the following API reference sections.

The different API versions below represent different iterations of APIs over time. As an API evolves, new features or improvements are introduced. To manage these changes and maintain compatibility with existing applications, developers use versioning.

v1 Endpoints

Modules Description
Authentication API Use the v1 Authentication APIs to verify the authenticity and integrity of JSON Web Tokens (JWTs), as well as to terminate active user sessions.
Audit API Use the Audit APIs to retrieve audit log data from your Control Room.
Device API Use the Device APIs to identify all available users with unattended Bot Runner licenses, or filter for users by name.
Automations API Deprecated Use the v1 Bot Scheduler APIs (Automation APIs) to create, update, delete, and return details on scheduled automations.
Trigger API Use the Trigger APIs to map triggers to users or roles for an attended Bot Runner user. You can also create and delete event triggers.
API Task Execution API Use the API-Task Execution APIs to generate an API Task execution URL along with a token to start an API-Task execution through an API endpoint.

v2 Endpoints

Modules Description
Authentication API Use the v2 Authentication APIs to generate and refresh JSON Web Tokens (JWT) that are required for authorization in all Enterprise Control Room APIs.
User Management API Use the User Management APIs to view and delete roles and users in your Control Room.
Credential Vault API Use the Credential Vault APIs to create, retrieve, update, and delete credentials, Credential attribute values, Lockers, and Keys.
Bot Execution Orchestrator API Use the v2 Bot Execution Orchestrator API to monitor devices.
Repository Management API Use the Repository Management APIs to perform specific tasks on objects (bots, folders, and files) that you have permission to access in the Control Room.
BotInsight API Use the Bot Insight APIs to access real-time business insights and digital workforce performance data to use content-level productivity data from the automations that are deployed.
BLM API Use the Bot Lifecycle Management (BLM) APIs to export and import bots with dependent files and command packages for comprehensive automation lifecycle management.
Device Pool API Use the Device Pool APIs to create, list, update, and delete device pools.
License API Use the License APIs to retrieve Control Room license details and manually sync the Control Room with the license server after license reallocation or renewal.
Process Composer API Use the Processor Composer APIs to create a new request from processes, retrieve initial form, and request by reference ID.
Automations API Use the v2 Bot Scheduler APIs (Automation APIs) to create, update, delete, and return details on scheduled automations.

v3 Endpoints

Modules Description
Bot deploy API Use the v3 Bot Deploy API to deploy bots from the public workspace to Bot Runner devices.
Workload Management API Use the v3 Workload Management (WLM) APIs to programmatically manage and create work item models, queues, work items, and automations in your Control Room.
Migration API (Bot migration) Use the v3 migration APIs to migrate TaskBots and MetaBots that were created in Enterprise client versions Enterprise 11 and Enterprise 10 to Automation 360.
Bot Execution Orchestrator API Use the v3 Bot Execution Orchestrator APIs to monitor automation activity progress.

v4 Endpoints

Modules Description
Bot deploy API (V4) Use the v4 Bot Deploy API to deploy bots from the public workspace to Bot Runner devices.
Workload Management API Use the v4 Workload Management (WLM) APIs to programmatically manage and create work item models, queues, work items, and automations in your Control Room.
Migration API (Bot migration) Use the v4 migration APIs to migrate TaskBots and MetaBots that were created in Enterprise client versions Enterprise 11 and Enterprise 10 to Automation 360.
Note: To avoid errors and ensure smooth processing of your requests, remember that all JSON parameter names are case-sensitive. For more information, refer to the relevant sections of the API reference documentation for clear guidelines and examples to help you construct your queries and request bodies with the correct casing.

Getting started with Control Room APIs

All requests must include an X-Authorization header with the JSON authentication token, or an Authorization header with a Bearer token for requests to the Control Room. The following sections provide details about the Control Room APIs available endpoints, methods, resources, authentication protocols, parameters, and headers, as well as examples of common requests and responses.

Note: The Bearer token is supported as of the Automation 360 v.27 release and later. It is unsupported and ignored in any previous releases. You must obtain the Bearer token from our OAuth services. To authorize your access, use either X-Authorization (using Authentication API) or Authorization (using OAuth). You cannot use both in the same API.
You can use Control Room Swagger documentation to view and run the APIs. Access the Control Room Swagger documentation by using the link https://{control-room}/swagger/ and replace {control-room} with your Control Room instance. The following sections provide useful information about how to write a Control RoomAPI request:

API deprecation policy

API deprecation indicates that an API is no longer recommended for use but is functional. Developers are encouraged to migrate to newer, supported versions of the API. The API will be available till the End of Life (EoL) date and the release version to enable a smooth transition.

API EoL (End of Life) indicates the date and the release version when the API will cease to function, and will no longer be available for use. Developers should have completed their migration to the newer, supported versions of the API before this date.

The following scenarios require deprecating APIs:

  • Security vulnerabilities: Older API versions contain known security vulnerabilities that have been fixed in newer versions.
  • Technical debt: Older API versions can be built on outdated technologies, approaches or frameworks that are no longer supported, making maintenance or enhancements difficult.
  • Performance: Older API versions are not optimized for modern use cases or increases in scale, leading to poor performance and slower response times.
  • User experience: Deprecated API versions contain confusing or redundant endpoints that can make it difficult for users to navigate.

From the deprecation announcement, an API is available for at least one year (four releases) to provide you with sufficient time to move to the newer version.

Note: There might be rare cases where an API needs to be immediately removed due to a critical issue such as a critical security vulnerability. In such cases, we will make every effort to communicate this change to you as soon as possible.