Authentication filter for engine-rest API's


#1

Hi,

I have removed the comment in the authentication filter(camunda-auth) of web.xml in engine-rest folder of the server.
Is it possible to call specific engine-rest API’s without authentication.

Thanks in advance


#2

Hi @Ramanathan_Saravanan

As stated in camunda docs
https://docs.camunda.org/manual/7.8/reference/rest/overview/authentication/

“The authentication provider is exchangeable. You can implement the interface org.camunda.bpm.engine.rest.security.auth.AuthenticationProvider to provide another authentication method and change the filter’s initialization parameter accordingly.”


#3

Hi @hassang,

Thanks for the reply.

Is there any way to whitelist a particular list of engine-rest API’s in web.xml or any other way.