Problem: Camunda 8.5 Self-Managed Integration with Azure Intra Id without Keycloak

Community Community Feedback
9

I deleted the Docker volumes completely using commands and Docker Desktop. I also deleted the containers using docker-compose down and then restarted them with docker-compose up. However, I still get the same error message.

image
image3838×736 90 KB

here is my docker compose:

services:
  identity:
    image: camunda/identity:${CAMUNDA_PLATFORM_VERSION}
    ports:
      - "8080:8080"
    environment:
      IDENTITY_DATABASE_HOST: postgres
      IDENTITY_DATABASE_PORT: 5432
      IDENTITY_DATABASE_NAME: bitnami_keycloak
      IDENTITY_DATABASE_USERNAME: bn_keycloak
      IDENTITY_DATABASE_PASSWORD: "*****"
      # intra id config
      CAMUNDA_IDENTITY_TYPE: "MICROSOFT"
      CAMUNDA_IDENTITY_BASE_URL: http://${HOST}:8080
      CAMUNDA_IDENTITY_ISSUER: https://login.microsoftonline.com/${TENANT_ID}/v2.0
      CAMUNDA_IDENTITY_ISSUER_BACKEND_URL: https://login.microsoftonline.com/${TENANT_ID}/v2.0
      CAMUNDA_IDENTITY_CLIENT_ID: ${AZURE_AD_CLIENT_ID}
      CAMUNDA_IDENTITY_CLIENT_SECRET: ${AZURE_AD_CLIENT_SECRET}
      CAMUNDA_IDENTITY_AUDIENCE: ${AZURE_AD_CLIENT_ID}
      CAMUNDA_IDENTITY_INITIAL_CLAIM_NAME: "oid"
      CAMUNDA_IDENTITY_INITIAL_CLAIM_VALUE: "a675fefc-beea-421e-8b37-c145b9011cf3"
      # IDENTITY_AUTH_PROVIDER_GROUP_CLAIM: "groups"
      # CAMUNDA_IDENTITY_INITIAL_CLAIM_NAME: "groups"  # or "roles", depending on your Azure AD configuration
      # CAMUNDA_IDENTITY_INITIAL_CLAIM_VALUE: "1ed02b13-05da-4088-9667-67897fc017c9"  # The specific group ID or role that grants initial access
      #IDENTITY_KEYCLOAK_ENABLED: false
      SPRING_PROFILES_ACTIVE: "oidc"
    volumes:
      - ./keystore.jks:/etc/ssl/keystore.jks
    networks:
      - camunda-platform
      - identity-network

  postgres: # https://hub.docker.com/_/postgres
    container_name: postgres
    image: postgres:${POSTGRES_VERSION}
    ports:
      - "5432:5432"
    environment:
      POSTGRES_DB: bitnami_keycloak
      POSTGRES_USER: bn_keycloak
      POSTGRES_PASSWORD: "*****"
    restart: on-failure
    healthcheck:
      test: [ "CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}" ]
      interval: 10s
      timeout: 5s
      retries: 5
    volumes:
      - postgres:/var/lib/postgresql/data
    networks:
      - identity-network
      - shared-network

networks:
  camunda-platform:
    name: camunda-platform
  identity-network:
    name: identity-network
  shared-network:
    name: shared-network

volumes:
  postgres: