API Basics | MPO | Mambu Ecosystem

The Mambu Process Orchestrator (MPO) Remote Procedure Call API allows you to create and modify tasks, edit process logic, and manage users programmatically. We recommend using API v2 of the MPO API in most instances. The MPO API is a Remote Procedure Call (RPC) API that accepts JSON. Unless otherwise indicated, all requests use the HTTP POST operation, and the desired operation is specified in the request body in JSON. The API requires API keys, and each key has a name, a numeric API login and an API Secret. Most calls to the MPO API use the following endpoint: BASE_URL/api/API_VERSION/json/API_LOGIN/GMT_UNIXTIME/SIGNATURE All API calls require the following headers: This URL is provided to you in the signup email. If your instance is in a shared environment, the URL may look like this: https://ireland2.mpo.mambu.com/. If you have a dedicated environment, the url may look like this: https://TENANT_NAME.mpo.mambu.com/. Specify the MPO API version. Use 2 for API v2 and 1 for API v1. We recommend using API v2 of the MPO API in most instances. Specify the API user who is accessing the API. You can find your API Login by going to Users & Groups > API keys in the MPO UI. Find your API user and copy the number in the second column, under Login. Unix timestamp in seconds, such as 1631171468. This value must be generated at the time the request is issued. We recommend generating this value using a standard library, such as the JavaScript Moment library. Signatures are used to authenticate requests. They are a hexadecimal representation of the SHA hash of the Unix timestamp, your API secret, and the request body concatenated with a + symbol. Hex ( SHA_HASH (gmtUnixTime + API Secret + Request Body + API Secret) ) The following algorithms can be used to encrypt your requests: For information on where to find your API secret, see API Secret in the Authentication section. e27118f58c22f410b360d8122a6f3df42d5a5e42 653237313138663538633232663431306233363064383132326136663364663432643561356534320a We recommend using a pre-request script to create your signature programmatically. You can create a signature using a pre-request function or script. Below is a sample JavaScript script that may be used as a pre-request script in Postman. This script requires Postman to be configured with the environment variables apiSecret, unixTime, signature, apiSecret and processID. Depending on the request, the actual contents of your request body may differ greatly, but this example request for an API key shows the general structure: API keys allow you to authenticate API requests. An API secret is auto-generated when you create an API key, and may then be used to secure your requests. In most cases, you must also create a signature. MPO does not support key rotation or expiration. For instructions on how to revoke API keys, see Revoking API Keys in the UI. The API secret is provided when you create an API key. The API secret is a required part of a signature. You can find your API secret by going to Users & Groups > API keys in the MPO UI. Find your API user and select the copy icon in the third column. You can create API keys using the following URL template: With this request body: The secret value is returned in the key field. Next

Rp.10.000
Rp.100.000-90%
Kuantitas