Users and groups management when using Camunda as embedded engine in springboot

Alaa_migdady · April 25, 2023, 10:32am

I am creating a springboot application, and using camunda as embedded engine.
My application has its own user management data model (users and groups) in another database . How do I sync Camunda’s users and groups with my application users and groups to avoid duplicate administration?

jonathan.lukas · April 26, 2023, 5:29am

Hello @Alaa_migdady ,

you will need to provide a custom identity provider to bridge from the process engine to your own setup.

There is an example here:

If you plan to use ldap, please look into our ldap identity provider plugin.

I hope this helps

Jonathan

Alaa_migdady · April 26, 2023, 1:14pm

hello @jonathan.lukas

Thank you for your reply.
But I want to ask:

if I use my custom identity provider, should I save the users into camunda database also??
will the authorizations be still performed by camunda system?
how I would register the custom identity provider to be used in Springboot application?

hassang · April 27, 2023, 4:44am

No

Yes

Alaa_migdady · May 2, 2023, 12:21pm

thank you @hassang

I implemented my own identity provider, but in the admin dashboard or even through rest apis I cant get a list of the users nor the groups even I can log in the web applications. are there other configurations should be done ?

and is there a way to manage user-group membership? is it doable through a ReadOnlyIdentityProvider ?

thanks in advance

hassang · May 2, 2023, 1:38pm

I believe below example could be of help to you

Alaa_migdady · May 3, 2023, 7:22am

thank you again @hassang and @jonathan.lukas.

it is the example I am already following

system · January 31, 2024, 10:48am