Categories

In this document, you will learn four ways to trigger a workflow in CoreView.

 

There are four ways to automatically trigger a workflow:

 

1. Schedule Workflow via CSV


You can schedule a workflow to run on a recurring basis, with the input for that workflow being provided in CSV files hosted in an external data source. To do this, open a workflow, then select Action > Schedule in the top right hand corner


Provide a name for the schedule and select a workflow that you want to run on a recurring basis, then click Next



 

You can import the source file using:

  • URL
  • FTP
  • FTPS
  • SFTP


 

Then, you map the inputs in the specified .csv file to the names of the workflow execution inputs. Then, you can choose the scheduling options.

 

Note: You should ensure that all expected column names in the specified .csv source are matched exactly to the names of the workflow execution inputs. If some of the column names do not match, the workflow will run based on the input names that match CSV column names, but it could fail or not be executed correctly. 

 


If the workflow was run against multiple entries in the CSV file, then there will be several workflows performed (jobs here), and each will have its own id. Once all workflow(s) (jobs) are executed, the original CSV file will be substituted with a file that has the aggregation id appended to the original filename - this is generated using the date and time that the workflow was performed plus aggregation id for all jobs performed by the workflow. So, the aggregation id is generated to combine the results from the multiple jobs performed.

 

2. Custom Playbook - report based custom policy

Report based custom policies can be created from nearly all reports in the Reports section of the CoreView platform, and then be added to a custom playbook. They are used to search for defined criteria, such as disabled users that still have a licence assigned to them, and each custom policy can be configured with a remediation action. This remediation could be a notification or a workflow, and can be manually triggered or run automatically based on a schedule.

 

Create a custom policy


There are two ways to create a report based custom policy:


Within a report, select the criteria against which you wish to run an automated remediation e.g. from within the Active users report you may decide to filter on blocked credential is true, and where licenses is not empty. From the top right hand corner, select Actions > Create Custom Policy.




Alternatively, you can create a custom policy from within Settings > Playbooks and then select Create Policy from the Create New menu in the top right hand corner




Provide a name and description for your policy. You can choose an existing category for the policy or create a new one. You can also decide to add the custom policy to an existing playbook, or create a new one.




If you have created the policy from a report, the criteria for the policy will already be populated. In this case the report was filtering on shared mailboxes that have a licence assigned.



If you created the policy from the playbook settings menu you will need to define criteria. Firstly you will need to decide your target - this will then determine the attributes that will be available for your policy



Add columns and filters to the report as needed to create your policy.


Setup remediation for your policy


In the next stage, enable remediation and choose Run workflow from the drop down menu. Select the workflow that is appropriate for your workflow.

You can use the Preview button to verify that the selected workflow is the one you require. You will be asked to map the variables defined within the execution inputs of your workflow to their column in the report. If the names of the variables in your workflow match the column headers in your report, the Automap button can be used to automatically match them. Otherwise, use the lighting bolt on each input to define which column in the report should be used 


You may choose to run the remediation on a manual basis, or on recurring schedule. To set a schedule, select Schedule Recurrence from the drop down menu



Then set your recurrence



Exceptions


If you wish to exclude objects from having an automatic workflow remediation, you can do so by clicking on the Matched Items from the relevant policy


and then selecting the objects where you wish to apply an exception and select Set As Exception.



You will be able to define how long you wish to exclude the object from a particular policy e.g. for a user on maternity leave you could exclude them for a specific amount of time



3. Custom Playbook - event based custom policy

As well as being able to create custom policies from CoreView reports, it is also possible to create custom policies from CoreView audit reports. The main difference between remediations for report based custom policies and remediations for event based custom policies is that report based custom policy remediations can be run on a pre-defined schedule such as every 2 hours, and event based custom policy remediations occur as soon as the event is seen in the audit logs (alerting).


Create a custom policy


To create an event-based custom policy:


Within an audit report, select the criteria against which you wish to run an automated remediation e.g. from within the Microsoft 365 Audit Activities report you may decide to filter on events where an administrator has made a change to a DLP policy. From the top right hand corner, select Actions > Create Custom Policy.






Alternatively, you can create a custom policy from within Settings > Playbooks and then select Create Policy from the Create New menu in the top right hand corner




Provide a name and description for your policy. You can choose an existing category for the policy or create a new one. You can also decide to add the custom policy to an existing playbook, or create a new one.




From the drop down target menu, select Audit Activities.


Add columns and filters to the report as needed to create your policy.


Setup remediation for your policy


In the next stage, enable remediation and choose Run workflow from the drop down menu. Select the workflow that is appropriate for your workflow. Note the comment about this being an event based remediation, and as such it will run whenever an event is detected. You will not be able to define a schedule.




You can use the Preview button to verify that the selected workflow is the one you require. You will be asked to map the variables defined within the execution inputs of your workflow to their column in the report. If the names of the variables in your workflow match the column headers in your report, the Automap button can be used to automatically match them. Otherwise, use the lighting bolt on each input to define which column in the report should be used 


Exceptions


It is not possible to set exceptions on event based remediations. If you wish to exclude particular events or users, you should filter them out when creating your custom policy.


4. Open REST API

To get started, you will need your API key, CompanyId, and the Workflow public API URL to call the Workflow public API.  

 

4a. How to Obtain your API Key

  1. Once logged in your CoreView portal with administrative rights, select Settings > API keys
  2. Add new API key by clicking on the "Add new API key”. You will add an 'App Name' (in this example, we have called ours "Workflow"), an "Expiration date" (defaults to one year), and any comments that you want to put in the "Notes" field.
    Important: As soon as you created the API key, you need to copy it as that won’t be visible anymore: 


 


 

  1. Click the blue checkmark in the top right of the dialog box to save.


 

Graphical user interface, application

Description automatically generated 


 

4b. How to Obtain your Companyid and Environment

For your CompanyId and your environment, please contact the CoreView Support Team and refer to the following table for identifying the right URLs to use:

 


V2 API URLs
Authenticationhttps://www.loginportal.online/api/auth
Europehttps://coreflowapi.coreview.com 
Canadahttps://coreflowcaeapi.coreview.com
AUS
https://coreflowausapi.coreview.com
East UShttps://coreflowusapi.coreview.com
Gov UShttps://coreflowusgovapi.coreview.com

 

4c. Setting up Postman to test triggering workflows with the CoreView API

  1. Import the postman script into your Postman. 

 

Graphical user interface, text, application, email

Description automatically generated 

 

  1. Set up your environment variables as follows 


Table

Description automatically generated 

 

 

 

4d. Use your API Key to get a JWT token 

The API Key generated in the previous step does not allow you to run a Workflow directly.  This API Key allows you to call the CoreView Central Authentication API to get a JWT token, which you can use to trigger a Workflow.

 

Use the following URL based on your environment:

 

V2 API URLs

Authentication

https://www.loginportal.online/api/auth


Please refer to the "Get JWT Token" request on the attached Postman collection document for reference. 

  

You need to use your API Key as the Bearer Token in the Authorization of the Request.

  

Graphical user interface, text, application, email

Description automatically generated 

 

Calling this API will give you this JSON output: 

 

 

Graphical user interface, text, application, email

Description automatically generated 

 

  

{ 

    "userId": "123456", 

    "sessionId": "dflkgdfklgjdlkfgjpfg", 

    "userName": "username", 

    "displayName": " displayName ", 

    "bearerToken": "eyJ0exxxxxxxxxxxxxxx", 

    "refreshToken": "eyJ0eXAxxxxxxxxxxxx", 

    "profileUrl": "xxxxxxxxx", 

    "roles": [ 

        "Service" 

    ], 

    "permissions": [], 

    "responseStatus": {} 

} 

  

Keep the bearerToken value (your JWT token) you received so that you can reuse it to trigger your workflow. You can also save the refreshToken to ask for a new JWT token if this one expires. 

 

4e. Run your Workflow 

The CoreFlow API can now be called using the JWT token obtained in the previous step to start a workflow. 

 

Looking to the Postman collection, check the "Start Manual Executions" request.

 

To trigger your workflow, identify your workflow Id from your workflow definition details in CoreView (see screenshot below): 

 

 

 

 

Make sure in your request that: 

  • The JWT token you got from the previous call is set as your Bearer Token in this request, 
  • Your workflowId parameter is set as part of the request URL, 
  • Your companyId is set into the "x-scompany" header. 

 

Graphical user interface, text, application, email

Description automatically generated 

 

 

Lastly, identify the required properties of your workflow input, looking into your workflow definition (Editing your workflow and clicking on the "Configure Execution Inputs"): 

 

 

Required inputs need to be sent in the request body as properties from the JSON (see the example below in Postman highlighting how to set input properties): 

 

Graphical user interface, text, application, email

Description automatically generated 

  

As per supported values types (string, number, or boolean), values set as properties in the request follow the definition of those types in JSON.

  

Let's recap all steps for this request to be ready: 

  • Set the Bearer token to the JWT value you got from the previous call, 
  • Set the workflowId you want to run in the REST API path, 
  • Set the HTTP header "x-scompany" to your companyId value, 
  • Set the required inputs from your workflow into the request body. 

 

 

 

From that point, send your request, and your workflow will be on its way! 

 

Happy workflows! 


Open API Attachment json: