Rights for execution of certain REST APIs

Hello
is there a possibility to restrict the usage of certain REST APIs (like /message) to certain users or groups of users?

Thanks in advance

Hello @jaxx ,

you can implement a filter that checks the auth of a user.

Example can be found here:

This is an out-of-the box filter (spring-boot in this case) that uses the Authorization provided by the engine for REST API usage.

Hope this helps

Jonathan

Can this be implemented in Camunda RUN platform?

@jaxx not by default, but by creating a class like this, packaging it and adding it to RUN classpath, it should work.