PHP webservices integration with bonita engine


I have been trying to follow how to at
The how to seem to be in older version of bonita. I have bonita 6.2. I have been trying to expose rest api over http, but all efforts are going in vain.

Could someone at bonita guide me how to expose rest api for latest 6.2 version.

Any help will be appreciated



4 answers


i just try the code but didn't work , i don't know what it happens, only i would to login in BONITA API REST, using php curl library ,but my problem is , i don't know how verify your code, i need your help . thanks!



Please find bellow an example using PHP cURL :

$username = 'install';
$password = 'install';
$baseURL = '';

function preparePostFields($array) { //from
$params = array();
foreach ($array as $key => $value) {
$params[] = $key . '=' . urlencode($value);
return implode('&', $params);

$ch = curl_init();
$data = array('username' => $username, 'password' => $password, 'redirect' => 'false');
curl_setopt($ch, CURLOPT_URL, $baseURL.'/loginservice');
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, preparePostFields($data));
curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie.txt');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$content = curl_exec($ch);

//get list of users
curl_setopt($ch, CURLOPT_URL, $baseURL.'/API/identity/user?p=0&c=10&o=lastname%20ASC&f=enabled%3dtrue');
curl_setopt($ch, CURLOPT_POST, 0);
$content = curl_exec($ch);
echo $content;


I've tested it successfully on 6.2.1

You can find here more examples in Python

Hope it helps.



Submitted by claz08 on Tue, 07/14/2015 - 16:34

i tried this code and it doesn't work .how you tried this code?

Submitted by jeremy.jacquier-roux on Mon, 07/20/2015 - 17:28

Hello claz08,

Edit a file, for example "test.php" and add the content listed above. Install the following prerequisites on your system :

  1. sudo apt-get install php5-cli php5-curl

Launch the script like this :

  1. php test.php

Note that I've justed tested it with 7.0.1 and to avoid a 404 on GET /bonita//API/identity/user You should replace into the script :

  1. $baseURL = '';


  1. $baseURL = '';

With that change it works well.

Submitted by claz08 on Mon, 07/20/2015 - 19:18

hi Jeremy, thanks for your reply , i can login with post method but i don't know , how i can to try the other methods(GET,PUT,DELETE).Also i would like to know , how i start a process with php curl.

Thanks in advanced

Submitted by jeremy.jacquier-roux on Tue, 07/21/2015 - 10:10

Hi claz08,

In fact in this example there are POST and GET, through the usage of

  1. curl_setopt($ch, CURLOPT_POST, 1);


  1. curl_setopt($ch, CURLOPT_POST, 0);

because as you can see here, GET is the default :

  1. CURLOPT_HTTPGET TRUE to reset the HTTP request method to GET. Since GET is the default, this is only necessary if the request method has been changed.


  2. A custom request method to use instead of "GET" or "HEAD" when doing a HTTP request. This is useful for doing "DELETE" or other, more obscure HTTP requests. Valid values are things like "GET", "POST", "CONNECT" and so on; i.e. Do not enter a whole HTTP request line here. For instance, entering "GET /index.html HTTP/1.0\r\n\r\n" would be incorrect.
  4. Note:
  5. Don't do this without making sure the server supports the custom request method first.



To create a case you can take a look here You will have to perform a POST with the processDefinitionId.

Submitted by claz08 on Sat, 07/25/2015 - 21:51

hi jeremy!!, thanks for your response,but the last words you said not understood . do you know , how i start a proces through an button in my webpage, and how i obtain the information of the user that login in my system, because now i'm using the following sintax:

  1. curl_setopt($ch, CURLOPT_URL, $baseURL.'/API/identity/user/1

where "1" is the user with id=1 but i need, something like this:

  1. curl_setopt($ch, CURLOPT_URL, $baseURL.'/API/identity/user/."$username".

i hope that you help me .

Thanks in advanced.

Submitted by claz08 on Thu, 07/30/2015 - 17:26

hi Jeremy, can you reply me at the last question?


Submitted by jeremy.jacquier-roux on Thu, 07/30/2015 - 18:42

Hi claz08,

To start a process your button should perform a POST as explained in my previous message.

Or if you use Bonita BPM 7.0.0 and would like to start a process using an instantiation contract your POST should be done on "/API/bpm/process/processId/instantiation" like described into see "Start a process using an instantiation contract".

To obtain the information of the user that is logged in you should perform a GET towards "API/system/session/unusedid" You will receive a payload which contains user_id and user_name. See for more details.

Kind regards,


Submitted by claz08 on Thu, 07/30/2015 - 21:21

Thanks for your answer,now i have some problem , when i try to create an user , i have managed to create an user using API REST, but wheni trying to login in my system , using this user recently created , i not could, also i not could to see this user in Bonita Portal but when i go to reviewed in the "user_" table from bonita database , if really the user has been created , i can see yes, so how i solve this problem?

Thanks in advanced.

Submitted by jeremy.jacquier-roux on Mon, 08/03/2015 - 10:20

Hi claz08,

It's a good idea to have open a new thread for this new problem. I think that it improves the readability. So I have answered directly into

Kind regards,


Submitted by claz08 on Thu, 08/06/2015 - 18:18

Ok !


Hi Pablo

Thanks for the reply . I have tried with this url as well, Tried to post using PHP's Curl Method but no result

Can you provide any example php code. It would be a great help.



Submitted by Pablo Alonso de... on Thu, 02/06/2014 - 16:20



Submitted by drakezilla on Fri, 05/02/2014 - 03:05

Hi there, thats very useful thank... just one question:

its always necesary authenticate the user in order to use any other method from the API besides the login service?

Submitted by Pablo Alonso de... on Fri, 05/02/2014 - 10:09


Yes, it is always necesary due the need of the engine of know who is performing the action and obviously by security reasons...