Authorization for Camunda REST API

Camunda supports Basic Auth mechanism, by default it was disabled. You can enable if needed. For JWT Authorization, you can provide configurations by using Spring Security module. You need to include jjwt.jar dependency in classpath for JWT Authorization.

Refer this docs for JWT implementation: https://github.com/jwtk/jjwt

Code for enabling Basic Auth:

@Configuration
public class CamundaSecurityFilter {

  @Bean
  public FilterRegistrationBean<Filter> processEngineAuthenticationFilter() {
    FilterRegistrationBean<Filter> registration = new FilterRegistrationBean<>();
    registration.setName("camunda-auth");
    registration.setFilter(getProcessEngineAuthenticationFilter());
    registration.addInitParameter("authentication-provider",
        "org.camunda.bpm.engine.rest.security.auth.impl.HttpBasicAuthenticationProvider");
    registration.addUrlPatterns("/*");
    registration.setOrder(1);
    return registration;
  }

  @Bean
  public Filter getProcessEngineAuthenticationFilter() {
    return new ProcessEngineAuthenticationFilter();
  }
}
2 Likes