By default every user is an admin


Hi ,
I deployed a spring-boot powered camunda .

I am trying to create a new user (say “apple”) in camunda-admin panel , the user will have access to “tasklist” only .

But ,that user can access all the panels “cockpit” , “tasklist” , “admin” . WHY ???

Is every user an admin user in camunda ( by default) OR am I doing something wrong ???

HOW I created the new user ?

This is what i get at the welcome panel …


Hi @Arsh_Baghel,

you are right, each new user does have full access. However, the permission management in camunda can be configured on a very granular level depending on your requirements. Check the tab “Authorizations” in the navbar. Detailed information about permission management can be found here:


Hi @FabianHinsenkamp ,
I tried the steps , but the result is the same. :tired_face:

Steps i followed ::

  1. create 2 users --> test1 , test2 .
  2. create a group --> test_group.
  3. add the 2 users to the group .
  4. aplied the “Application Authorizations” to the group.




RESULT) :tired_face: :

PS : I tried the basic tomcat restart also .

Help !!!


Also , when i used to utilise Version 7.7 of camunda ,every new user I created used to have no rights (by default ).

But, in the Version 7.8 every user is by default admin-member …WHY???

Version 7.7:::


Hi @Arsh_Baghel,

I can not reproduce the behaviour described by you. Please check your “list of groups” view it should look similar to mine: The type of your group should be “WORKFLOW”.

Why is ist relevant to you if a user has non or all permissions by default?


Hi @FabianHinsenkamp ,

I used “WORKFLOW” in the “Type” of group .

But , still I can see that the users in this group can see all the applications(Cockpit , Admin , tasklist ) , despite me not explicitly giving them any permissions .

Now , replying to :: Why is this relevant to you if a user has non or all permissions by default?
Ans->: have created a system where , a loan-request is analysed using camunda’s Workflow manager , and some users should only have access to the tasklist , so that they can work o the task(s) they are assigned to .


Hi @Arsh_Baghel,

thanks for checking the group type. Now, can you please check your authorization config in your spring boot project. Probably you haven’t set camunda.bpm.authorization.enabled.

Check the documentation for more details


Hi @FabianHinsenkamp ,
I tried this config and it worked , thanks …

Shouldn’t these authorization-settings be enabled by default .