Medidata Blog

APIs vs. Bots: Automating Clinical Trial Technology Tasks

Sep 25, 2023 - 2 min read
APIs vs. Bots: Automating Clinical Trial Technology Tasks

During a clinical trial, sponsors/CROs may have bulk, repetitive tasks to execute, such as setting up user accounts or classifying documents to be filed in the TMF (trial master file). Clinical IT teams may want to automate such processes to alleviate user burden, and they have options on how to automate clinical trial tasks. This blog post discusses these alternatives and proposes the best way to implement automation in clinical trials.

What Are Some of the Options for Automating Repetitive User Tasks?

Repetitive tasks can be automated in several ways. This post explores the following three ways:

  1. Using an API (application programming interface)
  2. Bulk uploads from files
  3. Bots

What Is Essential in Evaluating Which of the Above Methods to Use?

Clinical trial technologies must have robust security, privacy, and access controls. They must provide comprehensive audit trails of who did what and when they did it. Users must take relevant eLearnings and pass tests before they are allowed to perform functions within clinical trial systems. Most systems give users specific access rights to limit their access to only the functions and data they need for their role.

Using Automation to Perform User Tasks Must Not Violate the Above Requirements.

Using APIs

An API is a way for another software application to communicate with the application that has the API. It is usually implemented and documented in terms of services that can be called from outside the application to enable the automation of user tasks or to create an integration between applications.

Using Bulk Uploads

Some everyday bulk user tasks (e.g., creating users and role assignments or importing laboratory results data) can be made easier by the system providing the ability to import data from files with the required data format and automating any associated system actions (i.e., creating user accounts).

Using Bots

A ‘bot’ is a software application that executes automated tasks by impersonating a user of the application, for example, creating multiple user accounts or populating forms with various data sets.

How Does Medidata Enable the Automation of Repetitive Tasks?

Medidata supports bulk uploads for specific tasks and provides highly configurable APIs to enable automation and integration. Using Medidata’s APIs to automate tasks is secure, robust, and future-proof. Services enabled via a Medidata API respect access controls and don’t allow the services to be misused. Changes to Medidata’s APIs are backward compatible so that applications using them don’t break when the API changes.

For security reasons, software developers at our customers must first register their ‘API app’ with Medidata before executing calls to our APIs. We have extensive documentation of our APIs in the Knowledge Hub (Note: this link is only accessible to Medidata staff and users).

We do not support using bots; using bots is against Medidata’s Terms of Use (ToU).

Bots are not the right solution for automating tasks in clinical trial systems due to security concerns and the potential for broken workflows resulting from user interface changes.  

Using bots compromises the security, privacy, and access control requirements described above. For example, malicious bots can steal data or launch a denial-of-service attack, overwhelming the system and making it unavailable or non-performant for real users.

Bots mimic the actions of a user with mouse movement and keystrokes. When the user interface of the application changes, the bot will malfunction, disrupting customers’ workflows.


Clinical IT teams should select clinical trial technologies that provide open, highly configurable, secure APIs to enable automation and integration. Medidata offers robust, secure, and future-proof APIs to allow our customers to execute their repetitive tasks and workflows safely and efficiently.

Featured Articles

Subscribe to Our Blog Newsletter