Hey,
some time ago we migrated from Camunda 7.9 to 7.10. In 7.9 we could create new entities in admin web app but now this functionality seems to be gone.
During the migration we switched from general docker container to our own spring-boot based distribution. Could we have missed something during the migration or spinning up our distribution?
User I’m using is in admin group and I can still edit the entities, just creation became unavailable (there is no “new user” button for example.
Hi @Wojciech_Pitula,
that is indeed weird. Can you confirm for me that in the page Admin > Authorizations > User the group camunda-admin has ALL Permissions on entity type *?
KR
Martin
This is indeed strange. Could you please open the Network tab of you browsers development tools (F12) and have a look at the requests made when you login? There should be user?memberOfGroup=camunda-admin and authorization/check requests. Please verify that the returned list of admins actually contains your userID.
Also, on the User Page, please open the developer console and paste the following:
angular.element('body > div.ctn-main > div > div:nth-child(3) > section > div > header > div.col-xs-4.text-right > a').scope().availableOperations
is the operation create true?
There is none of mentioned requests. When I log in there are exactly 3 json requests executed:
The first one lists “admin” as authorized webapp and the second one specifies that my user is a member of “camunda-admin” group.
When I go to the admin app there are two additional requests:
I also navigated to users lists but no authorization-requests were made there as well.
Output from the angular query is an empty object {}.
P.S. thanks a lot for your help and enagement! 
Hmm, so that tells me that the permissions are not passed to component correctly. I’ll have to look at the source code more closely to find out why that might be the case.
Does this apply only to accounts created before the upgrade? I.e. does a new user have this problem as well? You can create new users with the REST-API Create user | docs.camunda.org
Just checked, the newly created user sees the same UI without the button.
Hello boys, any progress? I migrated to another DB (mysql > postgre) with fresh state - delete all wokr (tasks, bpmns, users) to start a new chapter ale I am not seeing add user / group in admin UI. New admin user is camunda admin, has all rights to everything etc. I use the same code 
only change was a DB connection. BTW now even kermit, which is default user, hardcoded in java wont work - he is missing even in DB.
Found a solution - we changed the way how we use CORS configuration. We specifically added CORS headers in interceptor, but it did not work for camunda. So the simple solution is, revert CORS headers for our FE department into nginx for theirs api and let camunda use standard cors configuration in spring boot.
I had the same issue where I have a development and a testing environments. The add user/group/tenant works in development but not in testing; both using the same Docker image.
After hours of troubleshooting and googling where I read your post a few times while thinking “no, I don’t have interceptor let alone CORS …”. Then it dawned to me that I’m using Kubernetes with NGINX Ingress and yes, by default my Jenkins job that create the ingress inject the “enable CORS” annotation! So I went back to that ingress and removed the annotation and voila the add user/group/tenant now works in my testing environment.
Thanks for the post!