We are providing below information in the properties file to make the zeebeclient communicate with the SaaS Camunda environment from the spring boot implementation.
zeebe.client.cloud.region=xxxxx
zeebe.client.cloud.clusterId=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
zeebe.client.cloud.clientId=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
zeebe.client.cloud.clientSecret=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
However, we need to provide additional two values grant_type and audience along with above mentioned four parameters to work with Task and Operate REST API exposed by Camunda.
Could you please share me any reference implementation which is using clientId, clientSecret from the properties file along with grant_type and audience to generate the token which can be used to invoke the REST API.
Also, I want to generate the REST API url at runtime using the region and clusterId defined in the properties file as well.
I don’t want to define same values in the properties file to manage by myself for above requirement and want to reuse already defined values in the property file.
Hi @Suman_Paul - I believe the grant_type is always cilent_credentials. When you generate the client credentials, there is a “Download” button. The downloaded file should contain the audience and scopes, and URLs for all the services that credential is authorized for. (See bottom of this docs page.) I think that should give you all you need so you don’t have to manually maintain those values.
@nathan.loding Thank you for your response. I am already aware of the information shared by you and having all related values needed to call operate REST API. Using those values, I am trying to invoke POST operation “/v1/variables/search” and receiving 401 error. In that context, I am looking for a sample Java code example to invoke the above-mentioned operation and to utilize the same properties already defined to work with Zeebe client.
Hi @Suman_Paul - can you confirm that you created the credentials for Operate? On the API’s tab, it should list what services it has access to. Does the error you receive back contain any other details? Some OAuth failures provide a more detailed explanation.
I also missed your question about the audience value. For Operate, the audience is operate.camunda.io, which you can find documented here. (Each service should have the appropriate audience documented on its own page.)