Add security to Camunda Rest api

Hello everyone,
recently I was asked to implement Keycloak to my spring application to manage users and groups for Camunda.

Everything on the cockpit is working as intended but if I make a Post/Get using Postman to one of the camunda rest api (lets say: http://localhost:8084/engine-rest/user) without beeing authenticated, I still get an answer while it should respond with a 403 since im not logged in.

Is there a way to implement a security system for that endpoint?

Hi,

There is a section in the documentation here which talks to this…

regards

Rob

Here i’ve found what i needed to implement: https://github.com/camunda/camunda-bpm-identity-keycloak/tree/master/examples/sso-kubernetes

Under the Optional Security for the Camunda REST Api section.