Knogin
[Developers]

IBM Maximo OSLC Connector

The IBM Maximo OSLC Connector links an existing IBM Maximo asset and maintenance system to the Argus platform over the OASIS OSLC REST interface, so the work orders and assets a customer already manages become a live par

Back to All Modules
Category: Data IntegrationLast Updated: May 26, 2026
data-integrationcompliance

Overview#

The IBM Maximo OSLC Connector links an existing IBM Maximo asset and maintenance system to the Argus platform over the OASIS OSLC REST interface, so the work orders and assets a customer already manages become a live part of their operational picture.

Organisations that run IBM Maximo Manage or the Maximo Application Suite for enterprise asset management rarely want to replace it. This connector lets them keep that investment and still gain a modern operational view. Once a Maximo instance is registered, its work orders flow into Argus automatically on every sync cycle, its assets are reachable for enrichment, and detected outages can be pushed back to Maximo as Service Requests in a single step.

The result is the end of duplicate data entry between the field-operations system and the operational-intelligence platform. Because each tenant keeps its own sync watermark, only records that changed since the last cycle are transferred after the first load, so integration overhead stays low even for utilities and infrastructure operators with very large Maximo deployments.

Key Features#

  • Secure Connection Registration: Register each Maximo instance once, with login credentials encrypted per record at rest using authenticated AES-GCM bound to the stored row, so a stolen value cannot be replayed against another connection.
  • SSRF-Protected URL Validation: Every Maximo base address is validated before it is stored, so a registered connection can never be turned into a pivot toward internal services.
  • Connectivity Testing with Latency: Confirm credentials and reachability against the live Maximo OSLC login endpoint on demand, with a round-trip latency figure returned for each test.
  • Incremental Work-Order Synchronisation: Pull work orders over the OSLC filter and field-selection interface with paginated fetch, so each cycle moves only the records that matter.
  • Status Mapping: Maximo lifecycle codes (WAPPR, APPR, INPRG, COMP, CLOSE, CAN) are mapped to the Argus work-order states, so a work order reads the same on both sides.
  • Per-Entity Sync Watermarks: Each connection keeps a watermark per entity type recording the last sync time, status, and record count, so only changed records transfer after the initial load.
  • Asset Retrieval: Fetch asset records from the Maximo asset object structure for enrichment and reconciliation alongside synced work orders.
  • Outage Push-Back: Send an Argus outage to Maximo as a Service Request in one step, with title and reference fields populated automatically and the external reference carried back for traceability.

Use Cases#

  • Electricity, Water, and Gas Utilities: Bring planned and in-progress maintenance work orders from Maximo into the operating picture, and raise a Service Request in Maximo the moment Argus detects an outage, so field crews work from one consistent backlog.
  • Infrastructure and Network Operators: Keep large Maximo deployments synchronised without bespoke middleware, relying on the per-entity watermark to hold integration overhead low across many sites.
  • Transport and Facilities Operators: Reconcile asset records held in Maximo with live operational entities, so the assets behind an incident are already understood when an operator opens it.
  • Control Room Modernisation: Give operators a single view that already reflects the maintenance system, removing the constant switch between the asset management client and the operational platform.
  • Reliability and Maintenance Teams: Use the audited stream of synced work orders and pushed Service Requests to study recurring faults and target preventive maintenance.

Integration#

The connector exposes its full capability through an authenticated, organisation-scoped GraphQL surface, so a customer plugs in by registering one connection and then driving testing, work-order sync, asset retrieval, and outage push-back from their own applications or the Argus console.

  • OSLC Connectivity: Argus talks to Maximo over the vendor's own OSLC REST endpoints using HTTP Basic authentication over HTTPS to obtain a session, exactly as Maximo expects, so no bespoke agent has to be deployed alongside the asset system.
  • Bi-Directional Flow: Work orders move from Maximo into Argus, and outages move from Argus back into Maximo as Service Requests, so both systems stay aligned without manual re-keying.
  • Normalised Models: Maximo work orders become Argus work-order records with mapped statuses, and synced items are emitted as live operational entities, giving customers a consistent model across every connected source.
  • Identity and Access: Access is governed by OAuth2-issued tokens carried as JSON Web Tokens, with every operation scoped to the calling organisation and recorded for compliance.
  • Webhooks and Downstream Workflows: Once work orders and outages land in the platform, existing notification, alerting, and dispatch workflows pick them up, so the benefit reaches field crews without custom plumbing.

The published operations cover read access through the maximoConnections and maximoSyncState queries, and write access through the registerMaximoConnection, testMaximoConnection, triggerMaximoWorkOrderSync, and pushOutageToMaximo mutations.

Open Standards#

  • OASIS OSLC (Open Services for Lifecycle Collaboration): the REST query model used for every Maximo call, including the oslc.where filter predicate, the oslc.select field selection, the oslc.pageSize paging control, and the rdfs:member collection responses.
  • Dublin Core Terms (dcterms): standard descriptive metadata terms used for title and resource description fields in OSLC payloads, such as dcterms:title.
  • RDF Schema (rdfs): used for collection responses in the OSLC payload, where member lists arrive under rdfs:member.
  • IBM SPI namespace (spi:): the Maximo-specific OSLC property namespace carrying work-order fields such as spi:wonum, spi:status, spi:description, spi:assetnum, spi:siteid, spi:targetstart, spi:targetfinish, spi:externalrefid, and spi:reportedproblemcode.
  • REST: all Maximo interaction follows a resource-oriented architectural style over plain HTTP verbs and resource paths such as /maximo/oslc/os/mxwo, /maximo/oslc/os/mxasset, and /maximo/oslc/os/mxsr.
  • RFC 8259 JSON: OSLC requests and responses, and the normalised records stored in Argus, are exchanged as standard structured JSON.
  • RFC 7617 HTTP Basic Authentication: Maximo login credentials are presented using the standard Basic scheme over HTTPS, as required by the OSLC login endpoint.
  • RFC 8446 TLS / HTTPS: every connection to Maximo runs over transport-layer security, protecting credentials and operational data in transit.
  • OAuth 2.0 (RFC 6749): caller access is authorised through standard token issuance before any operation runs.
  • JSON Web Token (RFC 7519): organisation-scoped access is carried in signed JWT bearer tokens.
  • GraphQL: the public surface is published as a typed, schema-described interface for predictable, organisation-scoped requests.
  • NIST SP 800-38D AES-GCM: stored Maximo credentials are protected with authenticated AES in Galois/Counter Mode, binding each ciphertext to its own record.
  • ISO 8601: sync watermark times and work-order target dates use the standard date-time representation for unambiguous incremental queries.

Security & Compliance#

  • Encrypted Credentials at Rest: Maximo usernames and passwords are never stored in clear text. Each is encrypted with authenticated AES-GCM and tied to the specific connection record, so a value taken from storage cannot be reused against another row.
  • SSRF Defence: A Maximo base address is validated at registration, closing the primary window through which a connection could otherwise be redirected at internal infrastructure.
  • Strict Tenant Isolation: Every read, sync, and push is scoped to the calling organisation, so one customer can never read or act on another customer's connections, work orders, or assets.
  • Authenticated Surface: All operations require an authenticated, authorised caller; anonymous access is rejected.
  • Immutable Audit Logging: Connection registration, work-order ingestion batches, and every outage pushed to Maximo are written to an append-only interoperability audit trail for review and compliance reporting.

Last Reviewed: 2026-05-26 Last Updated: 2026-05-26

Ready to Build?

Get started with our APIs or contact our integration team for support.