Identity
Use Identity in Camunda 8 Self-Managed to manage authentication, access, and authorization for your users and applications.
About Identity
Identity is included by default in the Docker Compose and Helm deployments of Camunda 8 Self-Managed, and is configured by default to use a packaged Keycloak instance as an identity provider (IdP).
- Administrators can use Identity to manage users, groups, roles, permissions, and applications within the Camunda 8 platform.
- Identity supports both users (interacting via Camunda UIs) and applications (interacting via Camunda APIs, such as job workers) with secure authorization based on OAuth 2.0 standards.
- Users can log in to Camunda 8 component UIs via an IdP login page. Applications can authenticate via machine-to-machine (M2M) tokens.
- You can also choose to integrate Identity with an external OIDC provider or connect to an existing Keycloak installation.
Get started with Identity
If you're new to Identity, get started by learning how to open and log in to the Identity interface.
Configure Identity
Configure your Identity Keycloak and OIDC integration.
Authentication
Depending on your configuration, users and applications can authenticate with Camunda 8 via the IdP using the OAuth 2.0 protocol, using either a login page or M2M tokens.
Manage Identity
Manage and control access for your users and applications, using groups and roles/permissions (role-based access control).
- Manage users, groups, roles, and applications
- Manage access and permissions
- Manage tenants
- Mapping rules