Manage access and permissions
Manage and control access to Camunda 8 APIs and custom applications using permissions and roles.
About permissions
When using and managing permissions, it is important to understand the following key concepts:
- APIs represent the different Camunda 8 components, such as Operate, Tasklist, and so on.
- Each API defines its own set of permissions that to control API access.
- Permissions are organized using roles that can be assigned to users either directly or via Groups.
- You can also assign permissions to your custom application, such as a job worker for example.
You can also use resource authorizations to grant more fine-grained access control to Camunda 8 resources to users and groups.
Permissions
Each API (representing a component) defines its own set of permissions to control API access.
The following permissions are available:
Component | API | Permissions available |
---|---|---|
Identity | Camunda Identity Resource Server |
|
Operate | Operate API |
|
Optimize | Optimize API |
|
Tasklist | Tasklist API |
|
Web Modeler | Web Modeler Internal API |
|
Web Modeler | Web Modeler API |
Permissions granted to a user or M2M application are added to the permissions.{audience}
claim of the access token.