Hi,
As in my projects in Camunda 7 I want to create my own Tasklist application.
In Camunda 7 there are an API to get the active tasks per process instances.
In Camunda 8 I think the corresponding API is the GrahpQL API.
As per documentation, any request to GraphQL must have a token sent as Bearer.
I tried to get one access token as here:
I tried with the given docker-compose file. I needed to wait some time until all apps were available.
I get only a response if I give Tasklist at least read permissions:
Yes, as you said above: curl --location --request POST 'http://localhost:18080/auth/realms/camunda-platform/protocol/openid-connect/token' --header 'Content-Type: application/x-www-form-urlencoded' --data-urlencode 'client_id=tasklist' --data-urlencode 'client_secret=XALaRPl5qwTEItdwCMiPS62nVpKs7dL7' --data-urlencode 'grant_type=client_credentials'
The response is: {"error":"unauthorized_client","error_description":"Client not enabled to retrieve service account"}
First, in the Identity component of (GitHub - camunda/camunda-platform: Camunda Platform 8) the Tasklist application I think it should be configured by default with read and write permission on the “Tasklist API”.
Then, here (Authentication | Camunda Platform 8) to the paragraph "2. Add permissions to an application for Tasklist API. " I think it should be added "Make sure that the GraphQL queries need read permission on "Tasklist API" and the mutations needs write permission"