Control Room APIs

The Automation Anywhere Control Room provides APIs that enable you to customize how you (and your automations) interact with Automation Anywhere.

Important:
  • From Automation 360 v.34, the following WLM API endpoints are deprecated and are planned to be discontinued (EoL) along with the v.41 release :
    • POST /v3/wlm/workitemmodel
    • GET /v3/wlm/workitemmodels/{id}
    • GET /v3/wlm/queues/{id}
    • POST /v3/wlm/queues/{id}/consumers
    • POST /v3/wlm/queues/{id}/participants
    • PUT /v3/wlm/queues/{id}/members/{userId}
    • POST /v3/wlm/queues/{id}/file
    • PUT /v3/wlm/queues/{id}/workitems/{workItemId}
    Replace the above API endpoints with the following API endpoints:
    • POST /v4/wlm/workitemmodel
    • GET /v4/wlm/workitemmodels/{id}
    • GET /v4/wlm/queues/{id}
    • POST /v4/wlm/queues/{id}/consumers
    • POST /v4/wlm/queues/{id}/participants
    • PUT /v4/wlm/queues/{id}/members/{userId}
    • POST /v4/wlm/queues/{id}/file
    • PUT /v4/wlm/queues/{id}/workitems/{workItemId}
  • From Automation 360 v.34, the Bot Scheduler API endpoints: /v1/schedule/automations are deprecated and are replaced with /v2/schedule/automations. The v1 version is planned to be discontinued (EoL) in January 2028.

You can view and navigate to all the Control Room API modules and the associated endpoints in the following API reference sections.

The different API versions below represent different iterations of APIs over time. As an API evolves, new features or improvements are introduced. To manage these changes and maintain compatibility with existing applications, developers use versioning.

v1 Endpoints

Modules Description
Authentication API Use the v1 Authentication APIs to verify the authenticity and integrity of JSON Web Tokens (JWTs), as well as to terminate active user sessions.
Audit API Use the Audit APIs to retrieve audit log data from your Control Room.
Device API Use the Device APIs to identify all available users with unattended Bot Runner licenses, or filter for users by name.
Automations API Deprecated Use the v1 Bot Scheduler APIs (Automation APIs) to create, update, delete, and return details on scheduled automations.
Trigger API Use the Trigger APIs to map triggers to users or roles for an attended Bot Runner user. You can also create and delete event triggers.
API Task Execution API Use the API-Task Execution APIs to generate an API Task execution URL along with a token to start an API-Task execution through an API endpoint.
Policy Management API Use the Policy Management APIs to manage code analysis, policies, and rules within Control Room.
AI Agent Studio API Use the AI Agent Studio APIs to define and connect to custom Model connections models. You can also retrieve and delete the custom Model connections.
ACC Automations API Use the Automation Command Center Automations API endpoints to get KPI, ranking, run history, duration, and failure analytics for automations along with detailed execution search.

v2 Endpoints

Modules Description
Authentication API Use the v2 Authentication APIs to generate and refresh JSON Web Tokens (JWT) that are required for authorization in all Enterprise Control Room APIs.
User Management API Use the User Management APIs to view and delete roles and users in your Control Room.
Credential Vault API Use the Credential Vault APIs to create, retrieve, update, and delete credentials, Credential attribute values, Lockers, and Keys.
Bot Execution Orchestrator API Use the v2 Bot Execution Orchestrator API to monitor devices.
Repository Management API Use the Repository Management APIs to perform specific tasks on objects (bots, folders, and files) that you have permission to access in the Control Room.
BotInsight API Use the Bot Insight APIs to access real-time business insights and digital workforce performance data to use content-level productivity data from the automations that are deployed.
BLM API Use the Bot Lifecycle Management (BLM) APIs to export and import bots with dependent files and command packages for comprehensive automation lifecycle management.
Device Pool API Use the Device Pool APIs to create, list, update, and delete device pools.
License API Use the License APIs to retrieve Control Room license details and manually sync the Control Room with the license server after license reallocation or renewal.
Process Composer API Use the Processor Composer APIs to create a new request from processes, retrieve initial form, and request by reference ID.
Automations API Use the v2 Bot Scheduler APIs (Automation APIs) to create, update, delete, and return details on scheduled automations.
Policy Management API Use the v2 Policy Management APIs to manage code analysis, policies, and rules within Control Room.
Team Management API Use the Team Management APIs to create and manage teams, team members, team roles, team configurations, team member assignments and visibility settings in Automation Co-Pilot.

v3 Endpoints

Modules Description
Bot deploy API Use the v3 Bot Deploy API to deploy bots from the public workspace to Bot Runner devices.
Workload Management API Use the v3 Workload Management (WLM) APIs to programmatically manage and create work item models, queues, work items, and automations in your Control Room.
Migration API (Bot migration) Use the v3 migration APIs to migrate TaskBots and MetaBots that were created in Enterprise client versions Enterprise 11 and Enterprise 10 to Automation 360.
Bot Execution Orchestrator API Use the v3 Bot Execution Orchestrator APIs to monitor automation activity progress.

v4 Endpoints

Modules Description
Bot deploy API (V4) Use the v4 Bot Deploy API to deploy bots from the public workspace to Bot Runner devices.
Workload Management API Use the v4 Workload Management (WLM) APIs to programmatically manage and create work item models, queues, work items, and automations in your Control Room.
Migration API (Bot migration) Use the v4 migration APIs to migrate TaskBots and MetaBots that were created in Enterprise client versions Enterprise 11 and Enterprise 10 to Automation 360.
Note: To avoid errors and ensure smooth processing of your requests, remember that all JSON parameter names are case-sensitive. For more information, refer to the relevant sections of the API reference documentation for clear guidelines and examples to help you construct your queries and request bodies with the correct casing.

Getting started with Control Room APIs

All requests must include an X-Authorization header with the JSON authentication token, or an Authorization header with a Bearer token for requests to the Control Room. The following sections provide details about the Control Room APIs available endpoints, methods, resources, authentication protocols, parameters, and headers, as well as examples of common requests and responses.

Note: The Bearer token is supported as of the Automation 360 v.27 release and later. It is unsupported and ignored in any previous releases. You must obtain the Bearer token from our OAuth services. To authorize your access, use either X-Authorization (using Authentication API) or Authorization (using OAuth). You cannot use both in the same API.
You can use Control Room Swagger documentation to view and run the APIs. Access the Control Room Swagger documentation by using the link https://{control-room}/swagger/ and replace {control-room} with your Control Room instance. The following sections provide useful information about how to write a Control RoomAPI request:

API deprecation policy

La dépréciation de l\'API indique qu\'une API n\'est plus recommandée pour une utilisation mais est fonctionnelle. Les développeurs sont encouragés à migrer vers des versions plus récentes et prises en charge de l\'API. L\'API sera disponible jusqu\'à la date de fin de vie (EoL) et la version de sortie pour permettre une transition en douceur.

API EoL (Fin de Vie) indique la date et la version de publication à laquelle l\'API cessera de fonctionner et ne sera plus disponible à l\'utilisation. Les développeurs devraient avoir terminé leur migration vers les versions plus récentes et prises en charge de l\'API avant cette date.

Les scénarios suivants peuvent nécessiter la dépréciation des API:

  • Vulnérabilités de sécurité: Les anciennes versions de l\'API contiennent des vulnérabilités de sécurité connues qui ont été corrigées dans les versions plus récentes.
  • Dette technique: Les anciennes versions d\'API peuvent être construites sur des technologies, des approches ou des frameworks obsolètes qui ne sont plus pris en charge, rendant la maintenance ou les améliorations difficiles.
  • Performance : Les anciennes versions de l\'API ne sont pas optimisées pour les cas d\'utilisation modernes ou les augmentations d\'échelle, ce qui entraîne de mauvaises performances et des temps de réponse plus lents.
  • Expérience utilisateur : Les versions d\'API obsolètes contiennent des points de terminaison confus ou redondants qui peuvent rendre la navigation difficile pour les utilisateurs.

Les API seront prises en charge pendant une période minimale de 2 ans. Après 2 ans, une dépréciation de l\'API peut être annoncée, l\'API étant disponible pendant au moins un an de plus (quatre versions) pour vous donner suffisamment de temps pour passer à la version plus récente.

Note: La politique ci-dessus ne s\'appliquera pas à l\'obsolescence due aux vulnérabilités de sécurité sur les API publiques. Dans de tels cas, une action immédiate est requise pour atténuer les risques et nous ferons tout notre possible pour vous communiquer ce changement dès que possible.