Hi @Karim_Gillani,
the sso-kubernetes example does not yet consider security aspects of the REST interface. You will have to implement a security filter for the Camunda REST API
- A general example can be found here: https://github.com/camunda-consulting/code/blob/master/snippets/springboot-security-sso/src/main/java/com/camunda/demo/filter/rest/StatelessUserAuthenticationFilter.java
- You will have to adopt it for Keycloak and OAuth2 or whatever flavour you desired to use
- Which means that you have to
- get the authenticated user ID and
- query the groups of this user.
An example how to do this for the web application is https://github.com/camunda/camunda-bpm-identity-keycloak/blob/master/examples/sso-kubernetes/src/main/java/org/camunda/bpm/extension/keycloak/showcase/sso/KeycloakAuthenticationProvider.java. REST will be similar. If I can spare some time, I will add it to the sso example one day.
That should give you at least a direction to go.
Regards
Gunnar