At present state we have a REST Endpoint is open and available publicly to be accessible, So For example I have created one meeting with meeting ID “abc” and if anyone having access to the Rest Endpoint create same meeting using same meeting ID then that particular user will join in the meeting with others.
And in order to avoid that we need to put that REST Endpoint behind security so that only authenticated users can access it.
How can this be achieved via camundas user authorization?
So in short what I want is AVOID unauthenticated users ACCESS to REST API
I hope that this doc on using the REST Authentication will help: Configure Authentication | docs.camunda.org
Thanks!
dg
Any engine-specific request will then be authenticated against that engine’s identity service. Here in my case I have an API along with a base URL say for eg:
https://techniciandev/token → I want to make this secure under camundas authentication and it sits on a completely different server and not Camundas wildfly server.
Can I nest this API under Camundas user REST API to check if the user exists ( Get a User's Profile | docs.camunda.org) and then allow the user to access the https://techniciandev/token later?
I would look at using Keycloak already has nice integrations with Camunda
Thanks @Steven I will look into it and let you know!