Search process definitions - Operate REST API

Mihai · March 5, 2024, 3:41pm

Hello,

I have installed Camunda 8 self managed using docker compose and i am trying to access Operate using the REST API.
I was trying to call the Search process definition API using both curl and Postman but i am receiving this error:
{“timestamp”:“2024-03-05T15:39:27.170+00:00”,“status”:500,“error”:“Internal Server Error”,“message”:“An error occurred while attempting to decode the Jwt: Couldn’t retrieve remote JWK set: org.springframework.web.client.ResourceAccessException: I/O error on GET request for "http://localhost:18080/auth/realms/camunda-platform/protocol/openid-connect/certs\”: Connection refused",“path”:“/v1/process-definitions/search”}.
I am able to generate the api token both from curl and Postman.
Also form swagger-ui for Operate i am able to generate the call.
Keycloak is up and running.

Regards,

Mihai

nathan.loding · March 5, 2024, 4:52pm

Hi @Mihai - from that error, it looks like Operate can’t connect to Keycloak. Can you share your Docker configuration?

Mihai · March 6, 2024, 12:28pm

Hello @nathan.loding,

Below you have the Operate:

{
    "AppArmorProfile": "docker-default",
    "Args": [
        "--",
        "/usr/local/operate/bin/operate"
    ],
    "Config": {
        "AttachStderr": true,
        "AttachStdin": false,
        "AttachStdout": true,
        "Cmd": null,
        "Domainname": "",
        "Entrypoint": [
            "/sbin/tini",
            "--",
            "/usr/local/operate/bin/operate"
        ],
        "Env": [
            "ZEEBE_AUTHORIZATION_SERVER_URL=http://keycloak:8080/auth/realms/camunda-platform/protocol/openid-connect/token",
            "CAMUNDA_OPERATE_ELASTICSEARCH_URL=http://elasticsearch:9200",
            "ZEEBE_CLIENT_CONFIG_PATH=/tmp/zeebe_auth_cache",
            "management.endpoints.web.exposure.include=health",
            "CAMUNDA_OPERATE_IDENTITY_AUDIENCE=operate-api",
            "CAMUNDA_OPERATE_MULTITENANCY_ENABLED=false",
            "CAMUNDA_OPERATE_IDENTITY_CLIENTID=operate",
            "CAMUNDA_OPERATE_IDENTITY_BASEURL=http://identity:8084",
            "ZEEBE_TOKEN_AUDIENCE=zeebe-api",
            "CAMUNDA_OPERATE_IDENTITY_RESOURCEPERMISSIONSENABLED=false",
            "CAMUNDA_OPERATE_IDENTITY_ISSUER_URL=http://localhost:18080/auth/realms/camunda-platform",
            "CAMUNDA_OPERATE_ZEEBEELASTICSEARCH_URL=http://elasticsearch:9200",
            "SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_JWK_SET_URI=http://localhost:18080/auth/realms/camunda-platform/protocol/openid-connect/certs",
            "CAMUNDA_OPERATE_IDENTITY_CLIENTSECRET=",
            "management.endpoint.health.probes.enabled=true",
            "SPRING_PROFILES_ACTIVE=identity-auth",
            "ZEEBE_CLIENT_ID=zeebe",
            "SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_ISSUER_URI=http://localhost:18080/auth/realms/camunda-platform",
            "CAMUNDA_OPERATE_ZEEBE_GATEWAYADDRESS=zeebe:26500",
            "CAMUNDA_OPERATE_IDENTITY_ISSUER_BACKEND_URL=http://keycloak:8080/auth/realms/camunda-platform",
            "ZEEBE_CLIENT_SECRET=zecret",
            "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
        ],
        "ExposedPorts": {
            "8080/tcp": {}
        },
        "Healthcheck": {
            "Interval": 30000000000,
            "Retries": 5,
            "StartPeriod": 30000000000,
            "Test": [
                "CMD-SHELL",
                "wget -O - -q 'http://localhost:8080/actuator/health/readiness'"
            ],
            "Timeout": 1000000000
        },
        "Hostname": "741d53d17286",
        "Image": "camunda/operate:8.4.4",
        "Labels": {
            "com.docker.compose.config-hash": "9692f836042bc7948feffa58b50f3cc35431c3304bb752db2351695fb19ef729",
            "com.docker.compose.container-number": "1",
            "com.docker.compose.depends_on": "identity:service_started:false,elasticsearch:service_started:false,zeebe:service_started:false",
            "com.docker.compose.image": "sha256:81c0c76380e3ef516094132ab93690985b14eda74fb5f030ea1e6e0bd23a9bca",
            "com.docker.compose.oneoff": "False",
            "com.docker.compose.project": "camunda-platform-main",
            "com.docker.compose.project.config_files": "/home/mihai/Downloads/camunda-platform-main/docker-compose.yaml",
            "com.docker.compose.project.working_dir": "/home/mihai/Downloads/camunda-platform-main",
            "com.docker.compose.service": "operate",
            "com.docker.compose.version": "2.24.6",
            "io.k8s.description": "Tool for process observability and troubleshooting processes running in Camunda Platform 8",
            "io.openshift.min-cpu": "1",
            "io.openshift.min-memory": "512Mi",
            "io.openshift.non-scalable": "false",
            "io.openshift.tags": "bpmn,operate,camunda",
            "io.openshift.wants": "zeebe,elasticsearch",
            "org.opencontainers.image.authors": "operate@camunda.com",
            "org.opencontainers.image.base.digest": "sha256:6457d53fb065d6f250e1504b9bc42d5b6c65941d57532c072d929dd0628977d0",
            "org.opencontainers.image.base.name": "docker.io/library/alpine:3.19.1",
            "org.opencontainers.image.created": "2024-02-27T14:13:48Z",
            "org.opencontainers.image.description": "Tool for process observability and troubleshooting processes running in Camunda Platform 8",
            "org.opencontainers.image.documentation": "https://docs.camunda.io/docs/self-managed/operate-deployment/install-and-start/",
            "org.opencontainers.image.licenses": "Proprietary",
            "org.opencontainers.image.revision": "43af1f5a820e72c038e23287c5e191911c3302ee",
            "org.opencontainers.image.source": "https://github.com/camunda/camunda-operate",
            "org.opencontainers.image.title": "Camunda Operate",
            "org.opencontainers.image.url": "https://camunda.com/platform/operate/",
            "org.opencontainers.image.vendor": "Camunda Services GmbH",
            "org.opencontainers.image.version": "8.4.4"
        },
        "OnBuild": null,
        "OpenStdin": false,
        "StdinOnce": false,
        "Tty": false,
        "User": "1001:1001",
        "Volumes": {
            "/tmp": {}
        },
        "WorkingDir": "/usr/local/operate"
    },
    "Created": "2024-03-06T12:06:58.094100829Z",
    "Driver": "overlay2",
    "ExecIDs": null,
    "GraphDriver": {
        "Data": {
            "LowerDir": "/var/lib/docker/overlay2/0e2fa93d09bc4cd7a8f19d8a35b92af58dba8a7e39586b4502b46dac0a0228a4-init/diff:/var/lib/docker/overlay2/03b3c0ba5d67ca86bd3ec6074426e06376c1525a491dbb886c13a04f65b41660/diff:/var/lib/docker/overlay2/257822472b4b3d195524d6a32a239153bdf9bdfa9f2ad3629ea855e79c4aceb1/diff:/var/lib/docker/overlay2/c5ad2f50a7e58651db0083c1079fba2902b62cd67b7591338e918156ed654ad0/diff:/var/lib/docker/overlay2/029112249b1a76988241382dec9e8cf6f1ab223ffe2ec980d90a2713a44408a9/diff:/var/lib/docker/overlay2/872fc598f3a3cb188ab484951f990dca515a7a2e67ef48d13b3b48ba017df36b/diff:/var/lib/docker/overlay2/bad8b53d453caa357e91ff2f564e87a9b074a01639357bd0c2f5664ac1f008f3/diff:/var/lib/docker/overlay2/7f427c6f5cf75c9cc29ba02f9ca709f72890535d4254e8e7939b50586b854d9a/diff",
            "MergedDir": "/var/lib/docker/overlay2/0e2fa93d09bc4cd7a8f19d8a35b92af58dba8a7e39586b4502b46dac0a0228a4/merged",
            "UpperDir": "/var/lib/docker/overlay2/0e2fa93d09bc4cd7a8f19d8a35b92af58dba8a7e39586b4502b46dac0a0228a4/diff",
            "WorkDir": "/var/lib/docker/overlay2/0e2fa93d09bc4cd7a8f19d8a35b92af58dba8a7e39586b4502b46dac0a0228a4/work"
        },
        "Name": "overlay2"
    },
    "HostConfig": {
        "AutoRemove": false,
        "Binds": [
            "camunda-platform-main_operate_tmp:/tmp"
        ],
        "BlkioDeviceReadBps": null,
        "BlkioDeviceReadIOps": null,
        "BlkioDeviceWriteBps": null,
        "BlkioDeviceWriteIOps": null,
        "BlkioWeight": 0,
        "BlkioWeightDevice": null,
        "CapAdd": [
            "AUDIT_WRITE",
            "CHOWN",
            "DAC_OVERRIDE",
            "FOWNER",
            "FSETID",
            "KILL",
            "MKNOD",
            "NET_BIND_SERVICE",
            "NET_RAW",
            "SETFCAP",
            "SETGID",
            "SETPCAP",
            "SETUID",
            "SYS_CHROOT"
        ],
        "CapDrop": [
            "AUDIT_CONTROL",
            "BLOCK_SUSPEND",
            "DAC_READ_SEARCH",
            "IPC_LOCK",
            "IPC_OWNER",
            "LEASE",
            "LINUX_IMMUTABLE",
            "MAC_ADMIN",
            "MAC_OVERRIDE",
            "NET_ADMIN",
            "NET_BROADCAST",
            "SYSLOG",
            "SYS_ADMIN",
            "SYS_BOOT",
            "SYS_MODULE",
            "SYS_NICE",
            "SYS_PACCT",
            "SYS_PTRACE",
            "SYS_RAWIO",
            "SYS_RESOURCE",
            "SYS_TIME",
            "SYS_TTY_CONFIG",
            "WAKE_ALARM"
        ],
        "Cgroup": "",
        "CgroupParent": "",
        "CgroupnsMode": "private",
        "ConsoleSize": [
            0,
            0
        ],
        "ContainerIDFile": "",
        "CpuCount": 0,
        "CpuPercent": 0,
        "CpuPeriod": 0,
        "CpuQuota": 0,
        "CpuRealtimePeriod": 0,
        "CpuRealtimeRuntime": 0,
        "CpuShares": 0,
        "CpusetCpus": "",
        "CpusetMems": "",
        "DeviceCgroupRules": null,
        "DeviceRequests": null,
        "Devices": [],
        "Dns": [],
        "DnsOptions": null,
        "DnsSearch": null,
        "ExtraHosts": [],
        "GroupAdd": null,
        "IOMaximumBandwidth": 0,
        "IOMaximumIOps": 0,
        "IpcMode": "private",
        "Isolation": "",
        "Links": null,
        "LogConfig": {
            "Config": {},
            "Type": "json-file"
        },
        "MaskedPaths": [
            "/proc/asound",
            "/proc/acpi",
            "/proc/kcore",
            "/proc/keys",
            "/proc/latency_stats",
            "/proc/timer_list",
            "/proc/timer_stats",
            "/proc/sched_debug",
            "/proc/scsi",
            "/sys/firmware",
            "/sys/devices/virtual/powercap"
        ],
        "Memory": 0,
        "MemoryReservation": 0,
        "MemorySwap": 0,
        "MemorySwappiness": null,
        "NanoCpus": 0,
        "NetworkMode": "camunda-platform-main_camunda-platform",
        "OomKillDisable": null,
        "OomScoreAdj": 0,
        "PidMode": "",
        "PidsLimit": null,
        "PortBindings": {
            "8080/tcp": [
                {
                    "HostIp": "",
                    "HostPort": "8081"
                }
            ]
        },
        "Privileged": false,
        "PublishAllPorts": false,
        "ReadonlyPaths": [
            "/proc/bus",
            "/proc/fs",
            "/proc/irq",
            "/proc/sys",
            "/proc/sysrq-trigger"
        ],
        "ReadonlyRootfs": false,
        "RestartPolicy": {
            "MaximumRetryCount": 0,
            "Name": "no"
        },
        "Runtime": "runc",
        "SecurityOpt": null,
        "ShmSize": 67108864,
        "UTSMode": "",
        "Ulimits": null,
        "UsernsMode": "",
        "VolumeDriver": "",
        "VolumesFrom": null
    },
    "HostnamePath": "/var/lib/docker/containers/a692bb5c3afef0ae4987009d1da1b4978c705724d40684c8dfb15d88a4e44a90/hostname",
    "HostsPath": "/var/lib/docker/containers/a692bb5c3afef0ae4987009d1da1b4978c705724d40684c8dfb15d88a4e44a90/hosts",
    "Id": "a692bb5c3afef0ae4987009d1da1b4978c705724d40684c8dfb15d88a4e44a90",
    "Image": "sha256:81c0c76380e3ef516094132ab93690985b14eda74fb5f030ea1e6e0bd23a9bca",
    "LogPath": "/var/lib/docker/containers/a692bb5c3afef0ae4987009d1da1b4978c705724d40684c8dfb15d88a4e44a90/a692bb5c3afef0ae4987009d1da1b4978c705724d40684c8dfb15d88a4e44a90-json.log",
    "MountLabel": "",
    "Mounts": [
        {
            "Destination": "/tmp",
            "Driver": "local",
            "Mode": "z",
            "Name": "camunda-platform-main_operate_tmp",
            "Propagation": "",
            "RW": true,
            "Source": "/var/lib/docker/volumes/camunda-platform-main_operate_tmp/_data",
            "Type": "volume"
        }
    ],
    "Name": "/operate",
    "NetworkSettings": {
        "Bridge": "",
        "EndpointID": "",
        "Gateway": "",
        "GlobalIPv6Address": "",
        "GlobalIPv6PrefixLen": 0,
        "HairpinMode": false,
        "IPAddress": "",
        "IPPrefixLen": 0,
        "IPv6Gateway": "",
        "LinkLocalIPv6Address": "",
        "LinkLocalIPv6PrefixLen": 0,
        "MacAddress": "",
        "Networks": {
            "camunda-platform-main_camunda-platform": {
                "Aliases": [
                    "operate",
                    "741d53d17286",
                    "a692bb5c3afe"
                ],
                "DNSNames": [
                    "operate",
                    "741d53d17286",
                    "a692bb5c3afe"
                ],
                "DriverOpts": null,
                "EndpointID": "888f24dd786f826663ef4d5e75364a2c98092ca9d17256664b7188db07603537",
                "Gateway": "X.X.X.X",
                "GlobalIPv6Address": "",
                "GlobalIPv6PrefixLen": 0,
                "IPAMConfig": {},
                "IPAddress": "Y.Y.Y.Y",
                "IPPrefixLen": 16,
                "IPv6Gateway": "",
                "Links": null,
                "MacAddress": "ZZZZZZZ",
                "NetworkID": "30914d4916595d4ed47c0ba5d55f549f8e362dce669041e0720ae27db4bb82e6"
            }
        },
        "Ports": {
            "8080/tcp": [
                {
                    "HostIp": "0.0.0.0",
                    "HostPort": "8081"
                },
                {
                    "HostIp": "::",
                    "HostPort": "8081"
                }
            ]
        },
        "SandboxID": "f0f44c3c916e8c501a7ea1f8624395f597ab39d6c533e38ae82b0552e5987e72",
        "SandboxKey": "/var/run/docker/netns/f0f44c3c916e",
        "SecondaryIPAddresses": null,
        "SecondaryIPv6Addresses": null
    },
    "Path": "/sbin/tini",
    "Platform": "linux",
    "Portainer": {
        "ResourceControl": {
            "Id": 21,
            "ResourceId": "a692bb5c3afef0ae4987009d1da1b4978c705724d40684c8dfb15d88a4e44a90",
            "SubResourceIds": [],
            "Type": 1,
            "UserAccesses": [],
            "TeamAccesses": [],
            "Public": false,
            "AdministratorsOnly": true,
            "System": false
        }
    },
    "ProcessLabel": "",
    "ResolvConfPath": "/var/lib/docker/containers/a692bb5c3afef0ae4987009d1da1b4978c705724d40684c8dfb15d88a4e44a90/resolv.conf",
    "RestartCount": 0,
    "State": {
        "Dead": false,
        "Error": "",
        "ExitCode": 0,
        "FinishedAt": "0001-01-01T00:00:00Z",
        "Health": {
            "FailingStreak": 0,
            "Log": [
                {
                    "End": "2024-03-06T12:14:33.188472618Z",
                    "ExitCode": 0,
                    "Output": "{\"status\":\"UP\"}",
                    "Start": "2024-03-06T12:14:33.013286125Z"
                },
                {
                    "End": "2024-03-06T12:15:03.38036994Z",
                    "ExitCode": 0,
                    "Output": "{\"status\":\"UP\"}",
                    "Start": "2024-03-06T12:15:03.190414617Z"
                },
                {
                    "End": "2024-03-06T12:15:33.516243507Z",
                    "ExitCode": 0,
                    "Output": "{\"status\":\"UP\"}",
                    "Start": "2024-03-06T12:15:33.382241215Z"
                },
                {
                    "End": "2024-03-06T12:16:03.72571814Z",
                    "ExitCode": 0,
                    "Output": "{\"status\":\"UP\"}",
                    "Start": "2024-03-06T12:16:03.51859163Z"
                },
                {
                    "End": "2024-03-06T12:16:33.887504947Z",
                    "ExitCode": 0,
                    "Output": "{\"status\":\"UP\"}",
                    "Start": "2024-03-06T12:16:33.727595672Z"
                }
            ],
            "Status": "healthy"
        },
        "OOMKilled": false,
        "Paused": false,
        "Pid": 619978,
        "Restarting": false,
        "Running": true,
        "StartedAt": "2024-03-06T12:06:59.593205057Z",
        "Status": "running"
    }
}

and here you have the Keycloak:

{
    "AppArmorProfile": "docker-default",
    "Args": [
        "/opt/bitnami/scripts/keycloak/run.sh"
    ],
    "Config": {
        "AttachStderr": true,
        "AttachStdin": false,
        "AttachStdout": true,
        "Cmd": [
            "/opt/bitnami/scripts/keycloak/run.sh"
        ],
        "Domainname": "",
        "Entrypoint": [
            "/opt/bitnami/scripts/keycloak/entrypoint.sh"
        ],
        "Env": [
            "KEYCLOAK_ADMIN_USER=admin",
            "KEYCLOAK_ADMIN_PASSWORD=admin",
            "KEYCLOAK_HTTP_RELATIVE_PATH=/auth",
            "KEYCLOAK_DATABASE_HOST=postgres",
            "KEYCLOAK_DATABASE_PASSWORD=",
            "PATH=/opt/bitnami/common/bin:/opt/bitnami/java/bin:/opt/bitnami/keycloak/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
            "HOME=/",
            "OS_ARCH=amd64",
            "OS_FLAVOUR=debian-11",
            "OS_NAME=linux",
            "APP_VERSION=21.1.2",
            "BITNAMI_APP_NAME=keycloak",
            "JAVA_HOME=/opt/bitnami/java"
        ],
        "ExposedPorts": {
            "8080/tcp": {}
        },
        "Healthcheck": {
            "Interval": 30000000000,
            "Retries": 5,
            "StartPeriod": 30000000000,
            "Test": [
                "CMD",
                "curl",
                "-f",
                "http://localhost:8080/auth"
            ],
            "Timeout": 15000000000
        },
        "Hostname": "25472d3e09f9",
        "Image": "bitnami/keycloak:21.1.2",
        "Labels": {
            "com.docker.compose.config-hash": "e2491cb347a73ca595730ca4b273ae36198e41df2fb7d32abc5f9b0cb32ced7a",
            "com.docker.compose.container-number": "1",
            "com.docker.compose.depends_on": "postgres:service_started:false",
            "com.docker.compose.image": "sha256:4cd42f9ea0aa0a3d95feb7863d58303b32a871367e0e1372acdbfff37b16d995",
            "com.docker.compose.oneoff": "False",
            "com.docker.compose.project": "camunda-platform-main",
            "com.docker.compose.project.config_files": "/home/mihai/Downloads/camunda-platform-main/docker-compose.yaml",
            "com.docker.compose.project.working_dir": "/home/mihai/Downloads/camunda-platform-main",
            "com.docker.compose.service": "keycloak",
            "com.docker.compose.version": "2.24.6",
            "com.vmware.cp.artifact.flavor": "sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e",
            "org.opencontainers.image.base.name": "docker.io/bitnami/minideb:bullseye",
            "org.opencontainers.image.created": "2023-07-26T17:00:57Z",
            "org.opencontainers.image.description": "Application packaged by VMware, Inc",
            "org.opencontainers.image.licenses": "Apache-2.0",
            "org.opencontainers.image.ref.name": "21.1.2-debian-11-r27",
            "org.opencontainers.image.title": "keycloak",
            "org.opencontainers.image.vendor": "VMware, Inc.",
            "org.opencontainers.image.version": "21.1.2"
        },
        "OnBuild": null,
        "OpenStdin": false,
        "StdinOnce": false,
        "Tty": false,
        "User": "1001",
        "Volumes": null,
        "WorkingDir": ""
    },
    "Created": "2024-03-05T15:15:20.996093754Z",
    "Driver": "overlay2",
    "ExecIDs": null,
    "GraphDriver": {
        "Data": {
            "LowerDir": "/var/lib/docker/overlay2/7a2badda3dc346b26ccab6e2fec1f0d5176c97017af15d948310cc75d20c6261-init/diff:/var/lib/docker/overlay2/29a8b0bd45dd1d708135772c4670d9ed01e1b2983dd83b2f13d1f84be4be3511/diff",
            "MergedDir": "/var/lib/docker/overlay2/7a2badda3dc346b26ccab6e2fec1f0d5176c97017af15d948310cc75d20c6261/merged",
            "UpperDir": "/var/lib/docker/overlay2/7a2badda3dc346b26ccab6e2fec1f0d5176c97017af15d948310cc75d20c6261/diff",
            "WorkDir": "/var/lib/docker/overlay2/7a2badda3dc346b26ccab6e2fec1f0d5176c97017af15d948310cc75d20c6261/work"
        },
        "Name": "overlay2"
    },
    "HostConfig": {
        "AutoRemove": false,
        "Binds": null,
        "BlkioDeviceReadBps": null,
        "BlkioDeviceReadIOps": null,
        "BlkioDeviceWriteBps": null,
        "BlkioDeviceWriteIOps": null,
        "BlkioWeight": 0,
        "BlkioWeightDevice": null,
        "CapAdd": null,
        "CapDrop": null,
        "Cgroup": "",
        "CgroupParent": "",
        "CgroupnsMode": "private",
        "ConsoleSize": [
            0,
            0
        ],
        "ContainerIDFile": "",
        "CpuCount": 0,
        "CpuPercent": 0,
        "CpuPeriod": 0,
        "CpuQuota": 0,
        "CpuRealtimePeriod": 0,
        "CpuRealtimeRuntime": 0,
        "CpuShares": 0,
        "CpusetCpus": "",
        "CpusetMems": "",
        "DeviceCgroupRules": null,
        "DeviceRequests": null,
        "Devices": null,
        "Dns": null,
        "DnsOptions": null,
        "DnsSearch": null,
        "ExtraHosts": [],
        "GroupAdd": null,
        "IOMaximumBandwidth": 0,
        "IOMaximumIOps": 0,
        "IpcMode": "private",
        "Isolation": "",
        "Links": null,
        "LogConfig": {
            "Config": {},
            "Type": "json-file"
        },
        "MaskedPaths": [
            "/proc/asound",
            "/proc/acpi",
            "/proc/kcore",
            "/proc/keys",
            "/proc/latency_stats",
            "/proc/timer_list",
            "/proc/timer_stats",
            "/proc/sched_debug",
            "/proc/scsi",
            "/sys/firmware",
            "/sys/devices/virtual/powercap"
        ],
        "Memory": 0,
        "MemoryReservation": 0,
        "MemorySwap": 0,
        "MemorySwappiness": null,
        "Mounts": [
            {
                "Source": "camunda-platform-main_keycloak-theme",
                "Target": "/opt/bitnami/keycloak/themes/identity",
                "Type": "volume",
                "VolumeOptions": {}
            }
        ],
        "NanoCpus": 0,
        "NetworkMode": "camunda-platform-main_identity-network",
        "OomKillDisable": null,
        "OomScoreAdj": 0,
        "PidMode": "",
        "PidsLimit": null,
        "PortBindings": {
            "8080/tcp": [
                {
                    "HostIp": "",
                    "HostPort": "18080"
                }
            ]
        },
        "Privileged": false,
        "PublishAllPorts": false,
        "ReadonlyPaths": [
            "/proc/bus",
            "/proc/fs",
            "/proc/irq",
            "/proc/sys",
            "/proc/sysrq-trigger"
        ],
        "ReadonlyRootfs": false,
        "RestartPolicy": {
            "MaximumRetryCount": 0,
            "Name": "on-failure"
        },
        "Runtime": "runc",
        "SecurityOpt": null,
        "ShmSize": 67108864,
        "UTSMode": "",
        "Ulimits": null,
        "UsernsMode": "",
        "VolumeDriver": "",
        "VolumesFrom": null
    },
    "HostnamePath": "/var/lib/docker/containers/25472d3e09f96fc0ac708b3965f9abf7278d3f0c6ad67a19ce940ade09e6767b/hostname",
    "HostsPath": "/var/lib/docker/containers/25472d3e09f96fc0ac708b3965f9abf7278d3f0c6ad67a19ce940ade09e6767b/hosts",
    "Id": "25472d3e09f96fc0ac708b3965f9abf7278d3f0c6ad67a19ce940ade09e6767b",
    "Image": "sha256:4cd42f9ea0aa0a3d95feb7863d58303b32a871367e0e1372acdbfff37b16d995",
    "LogPath": "/var/lib/docker/containers/25472d3e09f96fc0ac708b3965f9abf7278d3f0c6ad67a19ce940ade09e6767b/25472d3e09f96fc0ac708b3965f9abf7278d3f0c6ad67a19ce940ade09e6767b-json.log",
    "MountLabel": "",
    "Mounts": [
        {
            "Destination": "/opt/bitnami/keycloak/themes/identity",
            "Driver": "local",
            "Mode": "z",
            "Name": "camunda-platform-main_keycloak-theme",
            "Propagation": "",
            "RW": true,
            "Source": "/var/lib/docker/volumes/camunda-platform-main_keycloak-theme/_data",
            "Type": "volume"
        }
    ],
    "Name": "/keycloak",
    "NetworkSettings": {
        "Bridge": "",
        "EndpointID": "",
        "Gateway": "",
        "GlobalIPv6Address": "",
        "GlobalIPv6PrefixLen": 0,
        "HairpinMode": false,
        "IPAddress": "",
        "IPPrefixLen": 0,
        "IPv6Gateway": "",
        "LinkLocalIPv6Address": "",
        "LinkLocalIPv6PrefixLen": 0,
        "MacAddress": "",
        "Networks": {
            "camunda-platform-main_camunda-platform": {
                "Aliases": [
                    "keycloak",
                    "25472d3e09f9"
                ],
                "DNSNames": [
                    "keycloak",
                    "25472d3e09f9"
                ],
                "DriverOpts": null,
                "EndpointID": "fc1385d4502abc82f164b727687e77549cea358e1e3c4c8d5a3bdd598e6fde7f",
                "Gateway": "X.X.X.X",
                "GlobalIPv6Address": "",
                "GlobalIPv6PrefixLen": 0,
                "IPAMConfig": null,
                "IPAddress": "Y.Y.Y.Y",
                "IPPrefixLen": 16,
                "IPv6Gateway": "",
                "Links": null,
                "MacAddress": "ZZZZZZZZ",
                "NetworkID": "30914d4916595d4ed47c0ba5d55f549f8e362dce669041e0720ae27db4bb82e6"
            },
            "camunda-platform-main_identity-network": {
                "Aliases": [
                    "keycloak",
                    "25472d3e09f9"
                ],
                "DNSNames": [
                    "keycloak",
                    "25472d3e09f9"
                ],
                "DriverOpts": null,
                "EndpointID": "399dc3050e8220fdcfc74ce4a9e7dd15eaedb19bccd5c8749bc18d3a3afa5bb1",
                "Gateway": "W.W.W.W",
                "GlobalIPv6Address": "",
                "GlobalIPv6PrefixLen": 0,
                "IPAMConfig": null,
                "IPAddress": "A.A.A.A",
                "IPPrefixLen": 16,
                "IPv6Gateway": "",
                "Links": null,
                "MacAddress": "02:42:ac:1d:00:02",
                "NetworkID": "4c76a04fb5b7a56a9efacaebef7e3a2f88704cec7b692c21922ad04822b00e05"
            }
        },
        "Ports": {
            "8080/tcp": [
                {
                    "HostIp": "0.0.0.0",
                    "HostPort": "18080"
                },
                {
                    "HostIp": "::",
                    "HostPort": "18080"
                }
            ]
        },
        "SandboxID": "3813c99f53929b814369dc4855dbc94e3c2572beccc6cf880de24641c81914a7",
        "SandboxKey": "/var/run/docker/netns/3813c99f5392",
        "SecondaryIPAddresses": null,
        "SecondaryIPv6Addresses": null
    },
    "Path": "/opt/bitnami/scripts/keycloak/entrypoint.sh",
    "Platform": "linux",
    "ProcessLabel": "",
    "ResolvConfPath": "/var/lib/docker/containers/25472d3e09f96fc0ac708b3965f9abf7278d3f0c6ad67a19ce940ade09e6767b/resolv.conf",
    "RestartCount": 0,
    "State": {
        "Dead": false,
        "Error": "",
        "ExitCode": 0,
        "FinishedAt": "2024-03-06T11:55:58.812519873Z",
        "Health": {
            "FailingStreak": 0,
            "Log": [
                {
                    "End": "2024-03-06T12:15:48.742421119Z",
                    "ExitCode": 0,
                    "Output": "  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current\n                                 Dload  Upload   Total   Spent    Left  Speed\n\r  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0\r  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0\n",
                    "Start": "2024-03-06T12:15:48.538814818Z"
                },
                {
                    "End": "2024-03-06T12:16:18.92973967Z",
                    "ExitCode": 0,
                    "Output": "  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current\n                                 Dload  Upload   Total   Spent    Left  Speed\n\r  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0\r  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0\n",
                    "Start": "2024-03-06T12:16:18.744177889Z"
                },
                {
                    "End": "2024-03-06T12:16:49.135574161Z",
                    "ExitCode": 0,
                    "Output": "  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current\n                                 Dload  Upload   Total   Spent    Left  Speed\n\r  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0\r  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0\n",
                    "Start": "2024-03-06T12:16:48.930957549Z"
                },
                {
                    "End": "2024-03-06T12:17:19.317044462Z",
                    "ExitCode": 0,
                    "Output": "  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current\n                                 Dload  Upload   Total   Spent    Left  Speed\n\r  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0\r  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0\n",
                    "Start": "2024-03-06T12:17:19.136886035Z"
                },
                {
                    "End": "2024-03-06T12:17:49.479173302Z",
                    "ExitCode": 0,
                    "Output": "  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current\n                                 Dload  Upload   Total   Spent    Left  Speed\n\r  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0\r  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0\n",
                    "Start": "2024-03-06T12:17:49.318221114Z"
                }
            ],
            "Status": "healthy"
        },
        "OOMKilled": false,
        "Paused": false,
        "Pid": 613302,
        "Restarting": false,
        "Running": true,
        "StartedAt": "2024-03-06T11:59:12.409040661Z",
        "Status": "running"
    }
}

I deleted the client secret, passwords and IPs.
Regards,

Mihai

nathan.loding · March 6, 2024, 1:48pm

Hi @Mihai - apologies, I meant your docker-compose.yaml or similar file. There’s a lot of good detail about just the Operate container there, but it doesn’t show much about the rest of the services and how they connect. Did you use the docker-compose.yaml from the camunda-platform repo?

Mihai · March 6, 2024, 2:21pm

Hello @nathan.loding. I used the docker compose yaml from camunda platform repo without modifying anything.
One thing i tried to modified according to what is written in the guideline here:
Authentication and authorization | Camunda 8 Docs
I tried to set camunda.operate.identity.resourcePermissionsEnabled: true.
I didn’t manage to to that because: if i leave the variable with false i am eble to deploy processes from Desktop Modeler and these are seen by Operate. When i am changing the variable (directly in Portainer) to true Operate still works but it doesn’t see anymore the deployed processes from Desktop Modeler.

Regards,

Mihai

nathan.loding · March 6, 2024, 2:23pm

@Mihai - if you enable resource-based authorizations, you need to create a separate authorization for Desktop Modeler. But I don’t think that’s related to this issue. Do you have the same issue with other APIs (for instance, Tasklist)? Or is only Operate broken?

Mihai · March 6, 2024, 5:47pm

Keycloak is the only one that it is working. I can obtain the API token either from Postman or from curl:

curl --location --request POST ‘http://localhost:18080/auth/realms/camunda-platform/protocol/openid-connect/token’
–data-urlencode ‘client_id=operate’
–data-urlencode ‘client_secret=“deleted-by-me”’
–data-urlencode ‘grant_type=client_credentials’

For example if i am trying to run this:

curl -L -X POST ‘http://localhost:8082/v1/tasks/search’
-H ‘Content-Type: application/json’
-H ‘Accept: application/json’
-H 'Authorization: Bearer ’
–data-raw ‘{}’

In Postman i get bad request (even if the request in my opinion is ok):

<!doctype html><html lang="en"><head><title>HTTP Status 400 – Bad Request</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 400 – Bad Request</h1></body></html>

or in curl: curl: (47) Maximum (50) redirects followed.
In swagger of course it is working…

nathan.loding · March 6, 2024, 7:40pm

@Mihai - that’s interesting, and I can’t replicate it with that docker-compose.yaml, so I must have an environment variable or something set differently than you. Can you share your full docker-compose.yaml and .env file? (If you’re more comfortable sharing it privately, you can message them to me.) If there’s an issue with our Docker example I’d love to identify it and get it corrected!

Dzmitry_Kozich · March 7, 2024, 4:19pm

I encountered the same issue. I downloaded the latest version of the Camunda platform from GitHub - camunda/camunda-platform: Links to Camunda Platform 8 resources, releases, and local development config, didn’t make any changes, followed the startup instructions, and still got this error. I tried changing the version to 8.4 (GitHub - camunda/camunda-platform at stable/8.4), but the problem persisted with this version as well. I also ran docker volume prune -a between version changes. I found a complaint about this problem that was created a week ago. It looks like this problem appeared recently.

nathan.loding · March 7, 2024, 4:20pm

Hi @Dzmitry_Kozich, welcome to the forums! Thanks for this info. I’m looking into this today, hopefully I’ll have an answer tomorrow!

nathan.loding · March 7, 2024, 8:29pm

@Mihai and @Dzmitry_Kozich - I’ve been able to recreate the problem. I don’t have a fix yet, but hang tight!

nathan.loding · March 7, 2024, 11:02pm

@Mihai and @Dzmitry_Kozich - the fix is in this pull request, which hasn’t been backported to all affected (yet - it will be soon). Anywhere you see http://${HOST}:18080 in the docker-compose.yaml file, replace with http://keycloak:8080.

Mihai · March 8, 2024, 12:35pm

Thank you very much for your help @nathan.loding.
Now it is working.
I have tried 2 calls: one for Operate: Search process definitions and the other for Task search: Task search
Is there any possibility to increase the validity period for the access tokens?
Now i have the default value: 300 which i believe are 5 mins.

nathan.loding · March 8, 2024, 4:03pm

Hi @Mihai - I’ve never made this change myself, but I am pretty sure it’s done in Keycloak. Keycloak (http://localhost:18080) → “camunda-platform” realm → Realm settings → Tokens. I would refer to Keycloak’s documentation for more information.

system · March 15, 2024, 4:03pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.