you can refer this post, if you’re facing issues with csrf filter.
Setting server.servlet.context-path in application.properties file, will solve this issue.
(or)
If you use camunda spring boot starter 3.3.0, it has a bug that would wrongfully apply the CSRF filter to the standalone REST API endpoints. So if you use 3.3.0 then upgrade to released 3.3.1 which should fix this.