Skip to main content
The use property defines the workflow’s reusable components, including authentication policies, catalogs, errors, extensions, functions, retry policies, secrets, and timeouts. These components can be referenced throughout the workflow, promoting reusability and maintainability.

Properties

authentications
map[string, authentication]
A name/value mapping of the workflow’s reusable authentication policies.See Authentication for details on supported authentication types.
catalogs
map[string, catalog]
A name/value mapping of the workflow’s reusable resource catalogs.Catalogs allow workflows to integrate with externally defined resources.
errors
map[string, error]
A name/value mapping of the workflow’s reusable errors.Define common error definitions that can be referenced throughout the workflow.
extensions
extension[]
A list of the workflow’s reusable extensions.Extensions enable execution of tasks before or after other tasks.
functions
map[string, task]
A name/value mapping of the workflow’s reusable tasks.Define functions that can be called multiple times throughout the workflow.
retries
map[string, retryPolicy]
A name/value mapping of the workflow’s reusable retry policies.Define retry strategies that can be applied to different tasks.
secrets
string[]
A list containing the workflow’s secrets.Reference secrets that the workflow requires for execution.
timeouts
map[string, timeout]
A name/value mapping of the workflow’s reusable timeouts.Define timeout configurations that can be referenced by tasks.

Authentication

Defines authentication mechanisms for accessing services and resources.

Basic Authentication

basic.username
string
required
The username to use.
basic.password
string
required
The password to use.

Bearer Authentication

bearer.token
string
required
The bearer token to use.

OAuth2 Authentication

oauth2.authority
uri-template
required
The URI that references the authority to use when making OAuth2 calls.
oauth2.grant
string
required
The grant type to use.Supported values: authorization_code, client_credentials, password, refresh_token, urn:ietf:params:oauth:grant-type:token-exchange
oauth2.client.id
string
The client id to use.Required if client.authentication has not been set to none.
oauth2.client.secret
string
The client secret to use, if any.
oauth2.scopes
string[]
The scopes, if any, to request the token for.
oauth2.audiences
string[]
The audiences, if any, to request the token for.

OpenID Connect Authentication

oidc.authority
uri-template
required
The URI that references the authority to use when making OpenIdConnect calls.
oidc.grant
string
required
The grant type to use.Supported values: authorization_code, client_credentials, password, refresh_token, urn:ietf:params:oauth:grant-type:token-exchange
oidc.client.id
string
The client id to use.
oidc.client.secret
string
The client secret to use, if any.

Catalog

A resource catalog is an external collection of reusable components that can be referenced and imported into workflows.
endpoint
endpoint
required
The endpoint that defines the root URL at which the catalog is located.

Extension

Extensions enable the execution of tasks prior to those they extend, offering the flexibility to potentially bypass the extended task entirely.
extend
string
required
The type of task to extend.Supported values: call, composite, emit, extension, for, listen, raise, run, set, switch, try, wait, all
when
string
A runtime expression used to determine whether or not the extension should apply in the specified context.
before
task[]
The list of tasks to execute, if any, before the extended task.
after
task[]
The list of tasks to execute, if any, after the extended task.

Examples

Authentication Policies

use:
  authentications:
    # Basic authentication
    sampleBasic:
      basic:
        username: admin
        password: password123
    
    # OAuth2 authentication
    petStoreOAuth2:
      oauth2: 
        authority: https://petstore.swagger.io/.well-known/openid-configuration
        grant: client_credentials
        client:
          id: workflow-runtime
          secret: "**********"
        scopes: [ api ]
        audiences: [ runtime ]
    
    # Bearer authentication
    apiToken:
      bearer:
        token: ${ .secrets.apiToken }

Reusable Functions

use:
  functions:
    getAvailablePets:
      call: openapi
      with:
        document:
          endpoint: https://petstore.swagger.io/v2/swagger.json
        operationId: findByStatus
        parameters:
          status: available
    
    logMessage:
      call: http
      with:
        method: post
        endpoint: https://fake.log.collector.com
        body:
          message: ${ . }

Extensions

use:
  extensions:
    # Logging extension that applies to all tasks
    - externalLogging:
        extend: all
        before:
          - sendLog:
              call: http
              with:
                method: post
                endpoint: https://fake.log.collector.com
                body:
                  message: ${ "Executing task '\($task.reference)'..." }
        after:
          - sendLog:
              call: http
              with:
                method: post
                endpoint: https://fake.log.collector.com
                body:
                  message: ${ "Executed task '\($task.reference)'..." }
    
    # Mock service extension for testing
    - mockService:
        extend: call
        when: $task.call == "http" and ($task.with.uri != null and ($task.with.uri | startswith("https://mocked.service.com")))
        before:
          - intercept:
              set:
                statusCode: 200
                headers:
                  Content-Type: application/json
                content:
                  foo:
                    bar: baz
              then: exit

Catalogs

use:
  catalogs:
    global:
      endpoint:
        uri: https://github.com/serverlessworkflow/catalog
        authentication:
          basic:
            username: user
            password: '012345'

Retry Policies

use:
  retries:
    standardRetry:
      delay:
        seconds: 3
      backoff:
        exponential: {}
      limit:
        attempt:
          count: 5

Secrets

use:
  secrets:
    - my-oauth2-secret
    - database-credentials
    - api-keys

Timeouts

use:
  timeouts:
    shortTimeout:
      after:
        seconds: 30
    longTimeout:
      after:
        minutes: 5

Complete Example

document:
  dsl: '1.0.3'
  namespace: test
  name: comprehensive-use-example
  version: '0.1.0'
use:
  secrets:
    - my-oauth2-secret
  authentications:
    petStoreOAuth2:
      oauth2: 
        authority: https://petstore.swagger.io/.well-known/openid-configuration
        grant: client_credentials
        client:
          id: workflow-runtime
          secret: "**********"
        scopes: [ api ]
        audiences: [ runtime ]
  extensions:
    - externalLogging:
        extend: all
        before:
          - sendLog:
              call: http
              with:
                method: post
                endpoint: https://fake.log.collector.com
                body:
                  message: ${ "Executing task '\($task.reference)'..." }
  functions:
    getAvailablePets:
      call: openapi
      with:
        document:
          endpoint: https://petstore.swagger.io/v2/swagger.json
        operationId: findByStatus
        parameters:
          status: available
do:
  - callFunction:
      call: getAvailablePets

Build docs developers (and LLMs) love

Get started for freeTalk to us