Will Identity (Keycloak) be released for Camunda 8 hosted/ cloud?

lasse · August 9, 2022, 12:19pm

Hello everyone,

Will authorization and role management via Keycloak/ Identity be released for Camunda 8 in the SaaS/Cloud version as well, or will this remain a feature solely for the self-managed instance?

If there are no plans to release it for the cloud, what is the best workaround to get our existing roles and rights management integrated?

I am currently evaluating Camunda, but in our existing infrastructure there is a Roles and Rights Management offering support for SAML/ OIDC. In the Camunda 8 SaaS I did not find a possibility to integrate identity providers, but while looking through the documentation I found the release notes and documentation for your Identity component (April 2022):

When using Camunda Platform 8 – Self-Managed, we’re introducing a new component called Identity, which replaces the previous IAM component. Identity utilizes Keycloak and allows you to manage users, roles, and permissions for Camunda Platform 8 components. It provides OpenID Connect and SAML support and supports connecting you to your own LDAP-based identity provider.
https://camunda.com/blog/2022/04/camunda-platform-8-0-released-whats-new/

But within your documentation it currently says the following:

Currently, the Identity UI does not offer support for configuring external identity providers. To configure an external identity provider, we recommend referencing the Keycloak documentation for adding a provider.
Configuring an external identity provider | Camunda 8 Docs

As this might hint to the feature being under active development, I would love to hear your plans about Identity in the future

Best Regards,
Lasse

jonathan.lukas · August 11, 2022, 6:25am

Hello @lasse ,

for Enterprise accounts, we can arrange SSO auth in C8 SaaS as well. We already have some customers who are using it.

If you want to know more, please get in touch with our Sales team. They can inform you about the general conditions and help you figuring out whether our current offer spans your requirements.

I hope this helps

Jonathan

lasse · August 11, 2022, 6:47am

Hi @jonathan.lukas

Thanks for your reply, we will get in touch with a sales representative once we are at a later stage of the evaluation.

Best Regards,
Lasse

Maxi_Gutierrez · May 5, 2023, 5:01pm

Hello @lasse @jonathan.lukas do you know if camunda saas improve this topic in 2023.

Thanks in advance.

Maxi

jonathan.lukas · May 5, 2023, 5:42pm

Hello @Maxi_Gutierrez ,

where do you see room for improvement?

Jonathan

Maxi_Gutierrez · May 5, 2023, 6:24pm

Hello @jonathan.lukas thank you for your answer.

I did the courses of the camunda 8 developer.
Doubts about the identity:
In the course you receive an invite to join to the camunda 8 saas organization in your corporative mail.
You need to create an account, set a password, etc.
In a large corporation you have a sso and also an ldap corporative to manage the identity.
The self registration isn´t really the best option.
Also to manage the group candidate in a process, I created manually those groups in my trial account. If you have a process with a human centric approach (several human task), with several approvals groups. These groups will be syncronized with one ldap group.
If you don´t have this you need to synchronize manually the identities/groups one by one.

My apologies by my spanglish.

Best regards
Maxi

system · January 31, 2024, 10:23am