I am starting a process instance using Camunda rest API (POST /process-definition/key/aProcessDefinitionKey/start) . Am making an ajax POST call.
Currently, whoever has the process engine url can start the process. So i want to introduce JWT authorization to avoid this. Are there any good examples available on how to do this?
I have gone through documentation but didn’t find configuration steps or any examples explaining how this can be configured.
Camunda supports Basic Auth mechanism, by default it was disabled. You can enable if needed. For JWT Authorization, you can provide configurations by using Spring Security module. You need to include jjwt.jar dependency in classpath for JWT Authorization.
Sorry, am very much new to this authorization procedure and camunda as well.
we are not placing any code on wildfly where camunda is configured. except that we are deploying the bpmn files and then using external service for implementations and inline scripts.
So, where do i place this code for enabling authorization?
Hey there. I’m using the Camunda Engine with Spring Boot and a basic Camunda Starter Project. I’m trying to be able to execute API calls where you need to be authenticated. If I implement the class that @aravindhrs mentioned I’m able to get the API call done.
But I at least think that is not correct way or is it the only way? After I found the documentation for Spring Boot and Camunda I added this lines to my application.yaml and thought the basic authorization would work now but it does not:
camunda.bpm:
run:
auth.enabled: true
What I’m trying to achieve is an API call with Postman (Perform an Authorization Check): {{baseUrl}}/authorization/check?permissionName=ALL&resourceName=*&resourceType=1
Hi ,On the same lines , Authorization for Camunda Rest API,for Users in Custom DB.
We followed as said in https://github.com/camunda-community-hub/camunda-bpm-identity-keycloak#readme.
We were able to Integrate the Camunda Engine/Web app and our Application User DB.
Challenges exist in terms of auithoring/allowing one/more users for every step involved.Appreciate If Someone can point on it.
Can you give more specifics about what exactly you’re trying to do?
Are you saying that you would like the same use to complete all steps of a given process that they start?
Hi Niall,
We have developed our application in Microservices Architecture,And we have need to involve the Work flows , our Application has users in Keycloak, and we are using Keycloak (JWT Authorization) for Application authorization thru spring boot,
Now We have to call the Workflows from our Spring boot application( which has the application specific *.bpmn etc embedded),
So we have deployed the camunda as a spring boot, Web App for the Admin GUI, and as a Rest API , To be specific we have to allow specific users to start the Processes, and ,specific user to continue the steps involved in completing, So how to allow Authorize Step Rest API for tha specific user. For every workflow definied, when the process starts ,only then the users who can complete the step will be feeded, So its dynamic. "Authorization of Entitled user in Rest API "
Are you saying that you would like the same use to complete all steps of a given process that they start? thanks for that, yes that too…
Rgds