Hello,
according to the architecture overview, camunda imports the data from the engines by calling a REST API. REST API is a web interface and provides an authentication mechanism (HTTP basic auth by default). Hence, all requests from Optimize to the engines are made using some user. I’ll call it “data import user”.
My question is: What permissions does the data import user need in order to be able to pull the data about processes? This should include information about the models as well as the information about the instances (execution time, status, incidents, historic variables etc)?
This section in the docs describes some permissions needed, but I’m a bit unsure what is meant there. The docs states
You can specify which user has access to certain process or decision definitions, including data related to that definition. By that we mean the user can only see, create, edit and delete reports to definitions they are authorized to.
Is it the data import user which is meant here? I think it’s not. IIUC, they mean the end users who use Optimize, create dashboards and reports etc. But there is no information about what permissions the data import user must have to correctly import the data.
Could anyone please answer that question?
Thank you!