You are not looking at the latest version of the documentation. Check it out there.

OAUTH Clients

For obtaining a token and accessing the REST API a Client has to be created in the Flows for Apex application first.

  1. Go to the REST-Configuration page (subpage of the configuration section)
  2. When all requirements are fullfilled (schema rest enabled and module installed) open the creation dialog by using the “Create” button in the OAUTH Clients region. If you have not installed the REST API yet please follow the installation guide
  3. Fill required fields
  4. Set desired roles for the client. Detailed explanation in section Roles and Privileges
  5. Confirm
  6. Reopen the created client to obtain the Client-ID and Client-Secret

Roles and Privileges

Role HTTP-method additional info
Flows for Apex - Read GET excluding: “processes/:prcs_id/message_subscriptions”
Flows for Apex - Write PUT excluding: “messages/:message_name”
Flows for Apex - Messages PUT (messages/:message_name) designated for messaging updates from external systems
Flows for Apex - Admin DELETE  
  GET (utils/*)  

Roles must be assigned separately for specific endpoint-access. E.g.: if a client should be able to access GET and PUT-enpoints, both roles (“Read” and “Write”) has to be assigned.

If the necessary role is not assigned when calling an REST endpoint:

  • GET: Service returns an empty dataset
  • PUT/POST/DELETE: Service will return an JSON object: { “success”: false, “message”: “Necessary privilege not granted” }

Authentication / Bearer-Token

For retrieving a Bearer-Token the ORDS service “/oauth/token” can be used.

Example: if the module endpoint is “” the authentication endpoint is: “”

Authentication can be done using Basic Authentication providing Client-ID and Client-Secret.

In the form-body the grant_type “client_credentials” must be provided. A JSON Response including the Bearer Token will be returned from the service.

API Endpoints

OpenAPI 3.0.0

We provide an OpenAPI document, including all endpoints. It can be downloaded from our Github-Release-Page (Filename “Flows_for_APEX_openapi_3_0_0.yml”):

The documentation can be opened for example with Swagger-UI or Swagger-Editor.

Postman Collection

We provide a postman collection for testing purposes. It can be downloaded from our Github-Release-Page (Filename “”):

The downloaded zip-file contains an environment and a collection.

After importing the environment the environment variables for host, client_id and client_pw has to be set.