Using Engine Rest application


I am actively using Engine-rest application for all rest queries from my application. Can I follow this approach or should I create my own set of REST api’s do what engine-rest provides? How can I secure the engine-rest to be accesses only from my application or admin user?



Hi @adat,

Using the prebuilt engine-rest application is perfectly fine. Custom REST endpoints make sense when you want to restrict or extend the number of exposed endpoints.

You can implement authentication by adding a servlet filter on top. The application ships already with an implementation for HTTP Basic Auth. Here is the docs entry that describes how you can activate that:




Thank you. I was confused as some of the It guys who were using the Camunda said that I should not be using the REST api approach and use the easy-rest. If it providing all the features why would someone rewrite it