Cloud BPM v11.4 supports API IP Filtering

Connect to Workflow from the Backbone System more securely

PR-en-v114-ip-filtering-20170911.pdf

Kyoto, Japan – September 11th, 2017 – Questetra, Inc., the global SaaS provider of Business Process Management (BPM), today announced that they have published the new version 11.4 of the Cloud-based Workflow product “Questetra BPM Suite” on Sep 11th, 2017. In this new version, you can configure “Allowed IP” onto each Data Catching Event (API Endpoint) of Workflow. (API IP Filtering)

To improve the productivity of day-to-day operations, automation of Business Processes is essential. Work style reform is recommended today, and cases of API connection, such as automatically starting a Workflow system from a business system in an in-house server or cloud storage service AWS, are no longer unusual. (e.g. Starting “Materials sending Process” when there is an application to the campaign site, starting “Lecturing Process” upon service contract, etc.)

On and after the new version 11.4, you can set “list of IPs that allow access” for each API-URI (Endpoint of Questetra BPM Suite). We have supported various kinds of secure communication so far, but from now on, it will be possible to realize cooperation between systems with even higher security levels.

Questetra BPM Suite

Cloud-based Workflow “Questetra BPM Suite” is a business platform for realizing environments of paper-less and remote-working.

Business issues are controlled according with Business Flow Diagram. When a process reaches human task, the user will be asked to input. Also, when an issue reaches to automated Step, the predetermined processing (server-side processing) such as “Generate PDF” and “Save to cloud storage” is performed automatically. (BPM: Business Process Management)

You can apply it to various business operations such as “Approval request flow”, “Document translation flow”, “Quality check process”, “Invoice issuance process”. Process owner of each Business Process can practice “improvement of Business Process” little by little in daily work. (Examples of Business Flow Diagram: http://en.workflow-sample.net/ )

API IP Filtering function

Regarding access to Start Event and Catching Intermediate Event (“Message Catch Event API”), you can set “source IP address to allow access” for the URI path, in addition to the access restriction by the “API key” so far (Whitelisting by “Source IP” or “IP range CIDR”). You can apply different IP restrictions to each one of plural events. System administrator privilege is required for setting.

Message Start Event (HTTP): Starting a Process upon an HTTP request comes to the URI
Catching Message Intermediate Event (HTTP): Standing by for an HTTP request coming to the URI
Message Start Event (Form): Starting a Process if there is a post on a Web form for human

Note 1) The Workflow App connection (Process Model connection) within the same Workflow platform is not affected by the API IP Filtering.

Note 2) Developer APIs such as “System Setting APIs” to change setting of Workflow platform and “Workflow APIs” to control flowing Issues are not subject to the API IP Filtering function, initially. Please use secure communication by “OAuth 2 authorization” or “Basic authentication” as before.

IP Filtering setting for “Message start event (form)” will restrict access by human. Please see the articles of the Workflow-sample for specific applying method. http://en.workflow-sample.net/2018/09/kaizen-suggestion.html

IP Address Filtering

Other Improvements

User-Interface IP Filtering

“Source IP address to allow access” can be set also for user access from personal computers, smartphones, etc. (Whitelisting)

Format of API Access URI

Resource information such as “Workflow App ID” and “Event Node ID” was specified in the query part and body part when accessing Start Event and Catching Intermediate Event (“Message Catch Event API”), so far. From now on, it will be possible to specify it by “path parameter “. (e.g. “/System/Event/MessageStart/APP-ID/NODE-ID/start”)