Authentication
Most requests of the Public REST API need to include a bearer token
as an Authorization request header.
Given a valid token mySecret, the header would need to be set as follows:
Authorization: Bearer mySecret
The token used to access the Optimize API can be a configurable shared secret (except in Camunda 8 SaaS mode) or a JWT compliant with the OAuth2 Protocol (all modes).
Refer to Public API Configuration for the particular configuration to access the public API using a token.
How to obtain the access token for Camunda 8
You must obtain a token to use the Optimize API. When you create an Optimize client, you get all the information needed to connect to Optimize.
See our guide on building your own client.
The following settings are needed:
| Name | Description | Default value |
|---|---|---|
| client id | Name of your registered client | - |
| client secret | Password for your registered client | - |
| audience | Permission name; if not given use default value | optimize.camunda.io |
| authorization server url | Token issuer server | - |
Send a token issue POST request to the authentication server with the following content:
{
"client_id": "<client-id>",
"client_secret": "<client-secret>",
"audience": "<audience>",
"grant_type": "client_credentials"
}
See the following example with curl:
curl -X POST --header 'content-type: application/json' --data '{"client_id": "<client-id>", "client_secret":"<client-secret>","audience":"<audience>","grant_type":"client_credentials"}' https://<authorization server url>
If the authentication is successful, the authentication server sends back the access token, when it expires, scope, and type:
{
"access_token": "ey...",
"scope": "...",
"expires_in": 86400,
"token_type": "Bearer"
}
Use it in Postman
Work with this API in our Postman collection.