Hi @NickiMueller,
I see that you are using external forms “jsf”. which means the current authentication should be set before starting the process or otherwise the engine will not know the authenticated user who starts the process.
Have a look at below post