The AIMMS PRO REST API allows users to securely interact with the AIMMS PRO cloud platform via a REST interface. This API is designed following the OpenAPI Specification . The API itself can be downloaded in YAML/JSON format from the link https://[account-name] The PRO REST API is only available for the PRO Platform running in the Azure Cloud.


Requests made to the PRO REST API are authenticated/authorized by means of API Keys. Users can generate API Keys from their PRO Portal Account settings page by clicking the Add API Key button:


Pressing this button will open a new API Key editor, where the user can fill in details regarding the key they want to create. The user should specify a key name, an expiration date, as well as the Scopes for that key. Scopes are the mechanism by which the user can restrict privileges for a given API key to subsets of the PRO REST API:

  1. The Authentication scope allows CRUD operations on Users/Groups

  2. The PublishAIMMS scope allows operations on AIMMS Versions.

  3. The PublishApp scope allows CRUD operations on AIMMS apps.


Pressing the Save button will generate a new API key with the properties selected by the user. The new key is shown to the user in a pop-up window:


The key will only be shown in plain text once (for security reasons) - so the user is advised to copy it ans store it securely. This key should be sent in the apikey header for every REST call the user want to make using this key for authentication/authorization.

Setting up Postman for REST API CALLS

This is an example on how to use Postman in order to perform CRUD operations an AIMMS applications using the PRO REST API:

  1. Start in the Postman request view:


2. Based on the API method to be tested, select the GET/PATCH/POST/DELETE command from the drop down menu.

3. The request URL depends on the API spec. In some cases, request parameters are present in the URL. Examples of the URL:



To know what URL should be used, check the corresponding API spec.

4. Within the scope of CRUD on applications, add an “apikey” header with the api key value. Note that the header name must correspond to what is defined in the api spec. Make sure to tick the checkbox after adding the “apikey” field. The rest of the header fields remain unchanged.


Application Upload (POST)

1. When publishing an application it is necessary to provide two fields: metadata and file. The field metadata needs to be provided in json format. The file field is a file upload that requires to point to a specific location. Example: (C:\Users\UserName\Postman\files). Insert the desired .aimmspack in files directory and point to this directory when uploading a file. Dont forget to select form-data format. Also note that both metadata and file names correspond to ones defined in the API spec.


The metadata example is provided below:

    "name": "project7003",
    "description": "my_project",
    "projectVersionId": "3.0",
    "aimmsVersionId": "",
    "attributes": {
        "additionalProp1": "prop_1",
        "additionalProp2": "prop_2",
        "additionalProp3": "prop_3",
        "isWebUI": "false",
        "iconUrl": "/icons/my_logo"
    "projectCategory": "cat_1"

Application Update (PATCH)

1. When updating an application, it is necessary to provide the body in JSON. Do not forget to select the “raw” format.

  1. For an application update, the following arguments can be used (if an argument is not provided, then it wont be changed):

  • Project description (“description”)

  • Project category (“projectCategory”)

  • Latest app tag (“isLatest”): latest app tag cannot be explicitly disabled for the selected app. When assigning the latest tag to an app (“isLatest”: true), it will be automatically removed from all other app with the same name.

  • Project attributes (“attributes”): project attributes represent a list of key-value pairs that allow to store additional information about the project. There are two reserved keywords:
    1. “isWebUI” key shows if a project is a web UI (“isWebUI”: “true”) or a win UI project (“isWebUI”: “false”)

    2. “iconUrl” key points to the location of the application icon to uploaded. Note that “/icons/” is a fixed path prefix and that the app icon must first be uploaded to the PRO storage under a given label (e.g. “my_logo”). Once the icon is placed in the PRO storage, it can be used for app publishing.

  • Project authorizations (“authorizations”): project authorizations represent a list of entries, where each entry consists of three fields. See an example of an authorization entry below:

    "authorization": 1,
    "deny": false,
    "entity": 16777095

The “entity” field is a unique ID of either environment, group or user which can be retrieved using the authentication rest API. The “authorization” value varies from 1 to 7 is directly related to read (“authorization”: 4), write (“authorization”: 2) and execute (“authorization”: 1) access. In order to enable multiple authorizations, add up the respective numbers. For example, “”authorization”: 5” corresponds to read and execute access. The “deny” field is “true” or “false” when authorization is not, or is permitted. It is also possible to grand the read permission and restrict the write permission for the same entity ID. This would look like the following:

    "authorization": 4,
    "deny": false,
    "entity": 16777095

    "authorization": 2,
    "deny": true,
    "entity": 16777095

In order to completely remove permissions from an app, assign permissions to an empty list. This can be done as follows:

"authorizations": []

Example: Using Postman to Activate an AIMMS Version

Postman can also be used to activate an AIMMS version via the REST API. The same basic one to four steps should be followed as in the previous example. The last step is to perform the actual activation. This is done by performing a PATCH operation on the https://[account-name] endpoint using the body described in AimmsVersion.yaml in the API schema:

    "activated": true,
    "authorization": [],
    "id": ""