I am going through the process of enabling HTTP Basic Authentication on the Camunda REST API.
Prior to enabling authentication, I made sure the following curls produce the expected HTTP 200 result:
curl -v http://192.168.99.100:8080/engine-rest/engine
curl -v http://192.168.99.100:8080/engine-rest/process-instance
I then enabled basic authentication using these instructions…
When I retest these:
curl -v http://192.168.99.100:8080/engine-rest/engine
curl -v http://192.168.99.100:8080/engine-rest/process-instance
The engine call works as expected. The process-instance call gets a 401 as expected.
I then encode my (real) userid and password:
$ echo "jon:not_my_real_password" | base64
am9uOm5vdF9teV9yZWFsX3Bhc3N3b3JkCg==
And add this as a header to the curl:
curl -v -H “Authorization: Basic am9uOm5vdF9teV9yZWFsX3Bhc3N3b3JkCg==” http://192.168.99.100:8080/engine-rest/process-instance
However, this also yields an HTTP 401.
Obviously, I used my real password to generate the userid:password encoding I used in practice.
I don’t understand why I am still getting HTTP 401 errors since I believed I followed the configuration instructions to the letter, and I encoded the credentials in the expected manner. The user I am using (jon) is the default admin user that is created when camunda starts for the first time. If I retry the curl too many times I start getting a 500 response from the API which indicates I have to unlock the user and when I do that from the admin console, I continue to get 401 errors from the process-instance API until I lock it out again.
Is there some other configuration I need to apply somewhere to make this work?