Background info:
I have a business application A which needs to make API calls to both the Zeebe API as well as the Tasklist API. Both APIs are secured via Identity Authentication.
My approach for authenticating the business application is to create an application entity in Identity, called A. This creates a client ID and a client secret for this application. Then, under “Applications → A → Access to APIs”, I add the Zeebe write permission and the two available Tasklist API permissions.
In my Java application, I use the Zeebe client lib and the Tasklist client lib. When bulding both clients I pass the client ID and client secret of application A. The calls work successfully.
My question:
Is there a way to create the Identity application entity A via configuration? This way the client secret and client ID would be in the Identity configuration as opposed to manually configuring them on each environment?
Also, can the rest of the setup - setting tenants, setting permissions, etc. be done solely via configuration?
Hi @bpmnenthusiast - are you looking for something like this:
Would you be using Docker, Helm, or something else? Some of these configuration options will be changing with the 8.6 release, because the architecture/packaging of the software is changing, but there should still be support for this type of initialization.
I am using Docker Compose for local development and Helm for shared environments. I will then keep an eye on the changed architecture/packaging in 8.6.
One additional question: Is it perhaps possible to create and setup Tenant entities using environment variables similar to these ones? I looked at the docker-compose.yaml file that you had linked but in the initial setup of Identity no tenants are created.