Configure the REST execution command

Use the input variables you created to configure the command that Orchestration executes on the REST endpoint.

Before you begin

Create the input variables you need in the Inputs form before you can advance to the Execution Command stage.

Role required: activity_creator, admin

Note: You can test the REST connection between the MID Server and the endpoint without having to run the acvitity in a workflow context. For details, see Test REST activity template inputs.

Procedure

  1. Drag variables from the list of inputs and drop them into command fields.
    The system formats the variable in the proper syntax for the command.
    Figure 1. REST execution command
  2. Complete the fields shown in the table.
    Table 1. REST execution command fields
    Field Description
    Input Input variable builder. Create variables to map to available fields.
    REST message Name of an existing REST message to use in this activity. Users must have the web_service_admin role to configure this field.
    REST message function REST message function to use for this activity. Users must have the web_service_admin role to configure this field.
    Endpoint Endpoint URL for the REST web service this activity uses. Enter an endpoint in this field to override the endpoint configured in the REST message. Click the lock to open the input field.
    Variable substitutions Name-value pairs to pass to the REST endpoint. You can create these parameters manually, or drag and drop input variables into the parameter fields, and then assign a value. Parameters defined in the REST message that use ${} can be assigned data from this activity template. Use the Additional attribute column to configure the system to not escape the text. By default the text sent to the REST message is escaped. The Name column is automatically populated if the users have provided variables using variable substitution in the REST message.
    Additional Headers Additional HTTP header parameters for the REST message selected. You can also use these values to override parameters inherited from the REST message.
    Additional Query Parameters Additional query parameters for the REST message selected. You can also use these values to override parameters inherited from the REST message.
    Use MID Server Check box that determines if a MID Server should be used to invoke the REST web service.
    Note: If the REST web service message function defines a MID Server, that MID Server is used instead of the one selected here.
    Required MID Server capabilities MID Server with the appropriate capabilities for connecting to the REST endpoint. By default, the system selects a MID Server with REST capabilities. This field is available when the Use MID Server check box is selected.
    Timeout Allowed duration of the REST web service request before it times out, in seconds. The default is 10.
    Authentication Determines what type of authentication is required for the endpoint. The options are:
    • Use existing credentials in REST message: Uses credential definitions from the REST message definition.
    • Override with Basic Authentication credentials: Uses basic authentication credentials to override the credentials in the REST message definition. Basic authentication credentials must be provisioned before they are available for selection.
    • Override with Certificate Authentication credentials: Uses a certificate, such as a private key, to override the credentials in the REST message definition.
    • Override with Both Basic and Certificate Authentication credentials: Uses both basic authentication and certificate authentication to override the credentials in the REST message definition.
    • Override with OAuth Authentication credentials: Uses OAuth 2.0 credentials to override the credentials in the REST message definition. The REST message selected for this activity must have its Authentication type set to OAuth 2.0 and its OAuth profile configured appropriately.
    Credentials Required REST endpoint basic authentication credentials. This field is available when Override with Basic Authentication credentials is selected in the Authentication field. Only basic authentication credentials appear in the selection list, which includes credentials stored on the instance and credential IDs from an external storage system. If you are using credentials stored in a CyberArk safe, you can override the default safe defined in the MID Server configuration file by adding the name of a different safe as a prefix to the credential ID, separated by a colon. For example, newsafe:orch-test-f5.
    Protocol Profile Certificate authentication to use. This field is available when the selections in the Authentication field is either Override with Certificate Authentication credentials or Override with Both Basic and Certificate Authentication credentials.
    OAuth profile Profile for the OAuth provider for this REST message. See Specify an OAuth profile for more information.
  3. Click Save.
  4. Click Continue to advance to the Outputs stage.