Setting tenantId during requests to REST API

Good day,

I am currently working on a project that integrates with the Camunda REST API using Spring boot. I have managed to get a custom TenantIdProvider wired up that sets the tenant id from our own authentication object which I see getting set on all of the created objects.

However, I cannot find how to set a tenant id so that the queries via the REST API are constrained to that tenant id. Can someone point me in the right direction?

Thanks,

-m

Hi Michael,

Welcome to the community! :tada:

The REST API should respect the tenant membership. (1)
Please make sure to enable the authorization in the REST API (camunda.bpm.authorization.enabled=true) as by default it’s disabled. (2)

I hope that helps.

(1): https://docs.camunda.org/manual/latest/user-guide/process-engine/multi-tenancy/
(2): https://docs.camunda.org/manual/latest/user-guide/spring-boot-integration/configuration/#camunda-engine-properties

Best regards,
Yana

@Yana Thanks for the reply.

We are not using the users/groups within Camunda, so setting the authorization is not going to work. We have a complex set of rules around users and groups within our application that is integrating with Camunda, so we need to be able to augment the requests going to Camunda to set the tenant ids during a request.

I was planning on registering a ClientFilter that would extract our authentication information, which would include the information under which tenant the request should run. But the closest thing I can see to use would be the IdentityProvider to re-set the authentication with the tenant.

Can I get the IdentityProvider through a Spring @Autowired annotation, or is there some other way to get it within a ClientFilter that I register with my custom CamundaJerseyResourceConfig?