Hello everybody,
I hope someone can help me with this problem. We use the following Camunda platform 8 in a Docker environment: GitHub - camunda/camunda-platform: Camunda Platform 8. We are currently building our own tasklist client. However, there are currently difficulties in accessing the tasks via GraphQL, since the Camunda task list and other Camunda components are protected by Keycloak. Unfortunately I don’t know how to proceed to authenticate myself correctly with Keycloak and to be able to make requests to the underlying API.
Through the Keycloak token endpoint (/auth/realms/camunda-platform/protocol/openid-connect/token) I can already get a bearer token from Keycloak. However, I still can’t make queries to the GraphQL endpoint of the tasklist with this token in the authorization header. Whenever this is attempted, a login HTML page is returned to me by Keycloak, regardless of which bearer token is used, or if a bearer token is used at all. On the contrary, the original camunda task list client works after manual authentication in the browser. However, we cannot reproduce this with any other client like Postman for example.
Feel free to ask additional questions.
This is the default response of my queries to the graphql endpoint.
I use these keys with their corresponding values for obtaining the token.
var urlencoded = new URLSearchParams();
urlencoded.append(“client_id”, “tasklist-api”);
urlencoded.append(“grant_type”, “password”);
urlencoded.append(“client_secret”, “myClientSecret…”);
urlencoded.append(“scope”, “openid”);
urlencoded.append(“username”, “myUsername”);
urlencoded.append(“password”, “myPassword”);
Thanks in advance!
