This is a known issue with Camunda 8.8 that can occur due to several factors. Based on your description, here are the most likely causes and solutions:
1. Dual Identity Architecture Issue
Camunda 8.8 introduced a dual-identity architecture with two separate Identity UIs:
Management Identity (Port 8084): Limited functionality - only Roles and Mappings tabs
Orchestration Cluster Identity (Port 8088): Full functionality - includes Authorizations, Groups, Users, Roles, and Mappings tabs
Solution: Make sure you’re accessing the correct Identity UI at port 8088 for managing groups and user assignments. If you’re using port 8084, you won’t be able to manage groups properly.
2. Data Persistence Issue
The most common cause of groups/roles becoming unmanageable after restart is data persistence problems.
Check these points:
Ensure you’re not using docker compose down -v (the -v flag removes volumes and deletes persisted data)
Verify that your Identity container has proper write permissions to its data directory/volume mounts
Make sure your PostgreSQL data is properly persisted across restarts
3. Session Management
Changes to roles and permissions in Camunda 8.8 often require a complete logout/login cycle to take effect.
Solution: After making changes, completely log out and log back in to create a new session.
4. Known Limitations in 8.8
Authorizations should be assigned to groups rather than individual users via the UI
Early 8.8.0 versions had known bugs with Identity service initialization
Recommendation: If you’re using 8.8.0, consider upgrading to 8.8.1 or later for better stability.
Immediate Steps to Try:
Access Identity UI at port 8088 instead of 8084
Verify your Docker volumes are properly configured and persisted
Log out completely and log back in
Check that your user has the admin role assigned
Could you confirm which port you’re using to access the Identity UI and whether your data volumes are properly configured for persistence?
