Hi all,
I think I might have found a (relative) simple solution to this problem. It does require custom implementation but I expect I will work (did not have time to test it yet).
As per the documentation here you can easily change the authentication mechanism (for the engine-rest app). By implementing a class that implements the org.camunda.bpm.engine.rest.security.auth.AuthenticationProvider interface, you should be able to provide authentication details. An example implementation is provided by Camunda (Basic authentication implementation). You could provide your own implementation, add it to the web.xml (as described in the basic auth example) and all requests should be authenticated using your implementation.
This does only solve the authentication part of the issue, but it is a start? Authorization details still need to be provided in Camunda itself. (Usernames and groups need to exist)
If anyone has any remarks or any experience with this approach, sharing is caring ;).
P.s. @rohansshetty7: Is this what you are trying to do?
Kind regards
Pieter