In a front-end application users are authenticated and have an auth-token. If there was a direct connection to the back-end system of record, this token can be used to identify and trust the user in the back-end system of record (service provider). This causes the audit trail in the system of record to be valid, it can register who did what when.
If Camunda is used to orchestrate rest services (and our system of record), it seems that some kind of system-account needs to be used, but then we don’t know the actual user in the back-end, thus the audit trail becomes useless. In some applications in some industries (think: finance, pharma), this audit trail is valuable and mandatory.
What would be a secure and effective pattern to be able to use this front-end auth-token, ‘bridging’ Camunda in a secure manner, and being able to be used to identify the actual user in the back-end system of record, and have the audit-framework working? How can we be sure that we prevent identity spoofing?
Thanks!