Camunda supports Basic Auth mechanism, by default it was disabled. You can enable if needed. For JWT Authorization, you can provide configurations by using Spring Security module. You need to include jjwt.jar dependency in classpath for JWT Authorization.
Refer this docs for JWT implementation: https://github.com/jwtk/jjwt
Code for enabling Basic Auth:
@Configuration
public class CamundaSecurityFilter {
@Bean
public FilterRegistrationBean<Filter> processEngineAuthenticationFilter() {
FilterRegistrationBean<Filter> registration = new FilterRegistrationBean<>();
registration.setName("camunda-auth");
registration.setFilter(getProcessEngineAuthenticationFilter());
registration.addInitParameter("authentication-provider",
"org.camunda.bpm.engine.rest.security.auth.impl.HttpBasicAuthenticationProvider");
registration.addUrlPatterns("/*");
registration.setOrder(1);
return registration;
}
@Bean
public Filter getProcessEngineAuthenticationFilter() {
return new ProcessEngineAuthenticationFilter();
}
}