How to authenticate the Camunda-operate REST API

Hi All,

I need to access the camunda-operate REST API. I try to access this rest-api from POST-MAN tool, it’s throwing an exception like { “message”: “Full authentication is required to access this resource” }


Hi @Guna, the best way to ask for help is to give a set of unambiguous steps to reproduce the problem that you are trying to solve.

Sometimes the error is some earlier step, and this helps to surface this; and also it enables others to get to the point where you are stopped, so they can take a look at it.

Here is what I did to reproduce your issue:

  1. Start the Operate profile using docker-compose from here:
  2. Open Postman.
  3. Create GET request with localhost:8080/api/incidents/byError
  4. Press “Send”

Result: 401 Unauthorized

Here is how I got it to work:

  1. Login at the Operate web interface.
  2. Open developer tools and look for the authentication credential the web UI is using. Check headers, parameters, and cookies.
  3. Copy the value for the JSESSIONID cookie.
  4. Set a JSESSION cookie in Postman, with the value copied from the browser.
  5. Re-run the request.

Result: Works.

If I wanted to automate that, then I’d figure out how the authentication screen is passing credentials back to the server. Disclaimer: this is a hack, but it gives you a starting point.

There is a swagger interface at localhost:8080/swagger-ui.html that documents the Operate REST API.

I’m not sure how supported (including stability) access to the Operate REST API will be going forward.

Depending on what you are doing, you may be better off querying Elastic Search directly.

Thank you so much @jwulf for you quick and detailed response.

Hereafter, I will follow the steps. I will try to querying Elastic Search directly.


1 Like

Good idea.

One thing to note is that the Zeebe Elastic Search exporter creates one set of data, and Operate transforms that and creates another set of data for its own purposes.

This is how exporters work best - if you need to do some transformation of data for consumption by another system (in this case Operate), you export it first, and do the transformation outside Zeebe so that the transformation doesn’t impact the throughput of the broker.

1 Like