Invalid CORS request In self-managed camunda 8.

I am using helm-chart to deploy camunda 8 with keycloak integration with identity, I haven’t changed most default values except for hostnames issuer, backend issuer url etc.

I am accessing this deployment via cloudflare. Issue that I am facing is when i login into identity and all my get APIs are successful but i am not able to create anything.

Error I get is 403 UnAuthorized. I created a new user in keycloak and assigned all permissions to this user. even this user is not able to create anything.

403 error shows Invalid CORS request in response message.

This is something you need to tune on the cloudflare side. Check cloudflare documentation about CORS.

Hi,

I have tried tunning cloudflare setting by using 2 options 1 by using bypass to origin and 2nd by allowing cors headers and methods.

there is no change in response.

I see the request reach my nginx running in cluster so i doubt the issue is from cloudflare. In nginx the request is correctly directed to camunda-platform-identity service, but there is no log in identity service regarding the request.

I would suggest to put more tracing on the Cloudflare. Cloudflare HTTP request headers | Cloudflare Fundamentals docs

Hi @mehuls90
Were you able to solve the problem?

Regards,
Alex

No, I was not able to resolve this

I have exactly the same issue with Identity 8.6.9. I have it installed on my own server and accessible via Nginx proxy, which handles SSL.
All other components (Operate/Optimize/Tasklist) work OK. What may I do to debug and solve this issue with Identity? Is this an issue of Identity CORS settings (and if so, how may it be configured) or something missing in Nginx configuration?