Keycloak authentication server as backend for Flowable user and groups


Currently, we have EAR application that uses Keycloak for SSO management. As we approach the decision to integrate Flowable into the EAR application, we are at a cross road as to how to manage token between our EAR application and token required by Flowable when making REST call to Flowable server/engine. I understand that Flowable uses basic authentication for back and fort request. However, our EAR application does not manage password so we can’t construct the “Authorization: bearer ‘TOKEN’” needed to make the REST call.

So, am wondering if Flowable has the concept of using Keycloack for SSO (token) management - similar to something like this

If not, what is the best approach to take to integrate Flowable into our EAR application - embedded or standalone?

1 Like