Skip to main content
Version: 8.8 (unreleased)

Authentication

There are different ways to authenticate to your cluster. The following sections describe how to authenticate using the Java client.

In Java code, create a BasicAuthCredentialsProvider and provide it with your username and password:

final var credentialsProvider =
new BasicAuthCredentialsProviderBuilder()
.username(username)
.password(password)
.build();

Next, provide the credentials provider to the client builder:

final var client = CamundaClient.newClientBuilder()
// other configuration
.credentialsProvider(credentialsProvider)
.build();

The client will now add an Authorization header to each request with the value Basic username:password. username:password is base64 encoded.

Environment Variables

You can also use environment variables to provide the username and password. The following environment variables are supported:

export CAMUNDA_BASIC_AUTH_USERNAME='username'
export CAMUNDA_BASIC_AUTH_PASSWORD='password'

When using environment variables you don't have to provide the username and password to the CredentialsProvider.

Environment variables will by default override any values provided in Java code. You can enforce that Java code values have precedence via the .applyEnvironmentOverrides(false) API on the BasicAuthCredentialsProviderBuilder.