Default authentication of engine rest in spring boot application?

Can anyone please confirm, is authentication on by default for camunda spring boot application.

If yes, then how to turn it off.

Problem is I am unable to access rest endpoints unless I am logged in to web-app like cockpit, Else I am getting unauthorized access error on rest endpoints.


authorization is disabled in camunda by default (see ProcessEngineConfiguration: protected boolean authorizationEnabled = false;)

in spring boot starter, we reuse this, (see AuthorizationProperty: private boolean enabled = Defaults.INSTANCE.isAuthorizationEnabled();)

you can overwrite it via property: camunda.bpm.authorization.enabled=true

1 Like

In addition to Jan’s answer, the REST API that is embedded into the web applications is secured accordingly. This cannot be switched off. Switch to the standalone REST API artifact.

1 Like

Thanks a lot. It worked.

1 Like