I have Camunda 8 Self-managed running on my laptop. Identity is running and I’m trying to configure the rest of the consoles to use Identity as security provider starting with Tasklist.
I’ve followed the documentation and instructions that I’ve found in several posts and at the moment Tasklist is trying to connect with Identity/Keycloak to autenticate, but returns the error “No permission for Tasklist - Please check your configuration.” before even showing the login page.
I’m using the following environment settings:
- SPRING_PROFILES_ACTIVE = identity-auth
- CAMUNDA_TASKLIST_IDENTITY_ISSUER_URL = http://localhost:18080/auth/realms/camunda-platform
- CAMUNDA_TASKLIST_IDENTITY_ISSUER_BACKEND_URL = http://localhost:18080/auth/realms/camunda-platform
- CAMUNDA_TASKLIST_IDENTITY_CLIENTID = tasklist
- CAMUNDA_TASKLIST_IDENTITY_CLIENTSECRET =
- CAMUNDA_TASKLIST_IDENTITY_AUDIENCE = tasklist-api
- SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_ISSUER_URI = http://localhost:18080/auth/realms/camunda-platform
- SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_JWK_SET_URI = http://localhost:18080/auth/realms/camunda-platform/protocol/openid-connect/certs
I’ve added the tasklist application and tasklist-api in Identity and also the associated roles/permissions/scopes (to the best of my knowledge since I couldn’t find the details online).
… Bust something seems to be missing.
Some help would be appreciated!