Running Flowable as a Micro-service

We want run Flowable as a microservice (for workflows a BPM engine is apt) amongst the other services we have or/and eventually may build.

Flowable REST API:
The REST APIs provided by Flowable are authenticated with HTTP Basic Authentication. Is there a way this can be disabled or configured to use an existing auth service we already have?

User/Group database and Auth:
Can we have the Flowable REST API querying an existing user/group database instead of a local database Flowable is attached to?


If anyone is running Flowable as a microservice with an external auth service, your thoughts/ideas on this matter would be really appreciated.

Thanks in advance.

The rest application uses by default basic auth in the configuration, see

Spring Security is used there, so anything that Spring security supports is possible.

You can easily define your own application + Configuration classes to use them in a different way and by depending on the rest classes by adding the flowable-rest dependency (see

Alternatively, you can add your own configuration by adding it to a package that is scanned on boot (

@joram, Thank you for these pointers! They are a great starting point for me. Can’t underscore enough because I am new to the Java/Spring world as well.

No problem. if you’re stuck somewhere along the road, post here so we and other people can help you.