Hi,
Be aware that there are in effect two restful APIs. One is the set of APIs used by the apps such as Tasklist and Cockpit. The other is the public rest API.
The public REST API can be accessed along these lines;
The default process engine is available out of the box by accessing /engine-rest/engine/default/{rest-methods} or simply /engine-rest/{rest-methods}. Any other shared (i.e., it is globally visible) process engine that is created later is available through /engine-rest/engine/{name}/{rest-methods} without any further configuration.
Hence you are trying the application’s ‘private’ APIs and the auth filter documentation is referring to the public APIs.
I suggest using the public REST APIs without authentication to get started, then add authentication…
regards
Rob