Restrictions of user for CREATE access not working


i have create a spring boot starter camunda project and I am using camunda rest Api for all operations. I want to restrict some of the users to have only READ access for , process instance , process definition, Task etc. so for that I have created one group and assign users to group and then I added that group in Authorisation for process instance , process definition, Task and gave only READ access.

but still users able to create new process instance, complete task etc

can anyone please help me.

Hi @abhi1o3,

in the camunda-bpm-spring-boot-starter, authorzation is disabled by default: and

You have to enable it your application.yaml

Hope this helps, Ingo