Camunda 8 - Self Managed - REST API

Hi team !!!

I have faced the issue to invoke rest API using Self Managed (Docker) . I have been reading the documentation but unfortunately I cannot move forward.

1-) Take Token:

2-) Invoke GetTask

Hi @Adriano_Malaquias, welcome to the forums! Have you added the bearer token generated in the first step to the Authorization header in the GetTask call? (In Postman, it’s under the “Authorization” tab.) With OAuth, you don’t need to send the client ID and secret on every request, only to generate the token.

Hi @nathan.loding !!! Thanks !!!

Yes, I have used .

@nathan.loding Also I revomed client_ID and client_secret but I got the same errors.

Hi @Adriano_Malaquias - the name of the header needs to be Bearer not Token (Postman docs). Try renaming it, remove the client ID and secret, and let me know if it works!

Hi @nathan.loding Same error.

1-) I removed the client_id and client_secret

2-) name is Bearer

@Adriano_Malaquias - apologies, I led you astray. I don’t use Postman much, and part of their interface changed since I last used it. Your first screenshot with “Bearer token” selected on the left for “Type” is correct.

If you use the first request, but without the client ID and secret, do you get the same error or something different?

@nathan.loding Thanks for your fast answer.

So, to create the token I have used the client_id and client_secret and I can get the response with token … following the print.

After that I try to use the token that I got to send to the API task. In the request of the API TASK I haven´t used any information on Header.

following the print.

Also my environment is Camunda 8 Self Managed Docker not SAAS.

@Adriano_Malaquias - using the token within Postman is the same between SaaS and Self Managed. How have you configured this client in Identity?

I have used this one that already exists. Do I need create other ??

Hi @Adriano_Malaquias - on the “Access to APIs” tab on that page, does the application have access to the Tasklist API that you are trying to call?

Hi @nathan.loding Thanks a lot for support. I did the configuration that you said and now I can use the token to invoke the API. I will try to create a process and reach out you if I have some issue.

Following the configuration

Hi everone.
I also have this error while I am trying to use operate api with Bearer token.
I call this request with postman

curl --location ‘
–header ‘Content-Type: application/x-www-form-urlencoded’
–data-urlencode ‘client_id=operate-api’
–data-urlencode ‘client_secret=13R5Y4zzDjkDaQMLywe7ZnzR72BZxuun’
–data-urlencode ‘grant_type=client_credentials’

it return this
“access_token”: “eyJh…”,
“expires_in”: 300,
“refresh_expires_in”: 0,
“token_type”: “Bearer”,
“not-before-policy”: 0,
“scope”: “profile email”

It return me token and I call operate api request with this token I gave error.

curl --location ‘
–header ‘Authorization: Bearer eyJ…’

it return this

“message”: “the provided claims are invalid”

I am using default keycloak client

Hi @IkhtiyorDev, welcome to the forums! You need to configure the clients in Identity, not Keycloak. Identity integrates with Keycloak, but it’s several more steps to configure access to the APIs without Identity.

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.