Integrate with external keycloak

If I want to use only zeebe self-managed kubernetes version and using helm to install.
Is it possible to integrate with external keycloak (existing one) without identity ?
I want to manage user and permission by using only one keycloak.

Hi @Tanodom_Chotbamrungp, welcome to the forums! Identity is the component that integrates with external authentication providers. If you use Zeebe standalone (free for production with <=8.5, requires a license for production >=8.6), then you would need to build your own authentication layer between Zeebe and external services. For instance, you have an application that authenticates with Keycloak and sends commands to Zeebe; the environment is configured to only allow requests to Zeebe from that application.

2 Likes

is there a documentation or tutorial on how to do that? @nathan.loding

@Lama - not from Camunda, because this isn’t a Camunda specific pattern. I don’t have an article off-hand, but I’m certain there’s some out there. Your request flow would look like:

Client -> Your API -> Zeebe

We have a similar pattern in the docs to solve for some CORS issues.