diff --git a/docs/self-managed/identity/deployment/starting-configuration.md b/docs/self-managed/identity/deployment/starting-configuration.md index 06f8653a07..d6b8649eb1 100644 --- a/docs/self-managed/identity/deployment/starting-configuration.md +++ b/docs/self-managed/identity/deployment/starting-configuration.md @@ -35,9 +35,9 @@ create or update the following entities in Keycloak: ### Client scopes -| Name | Protocol | Description | -| ---------------- | -------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| camunda-identity | openid-connect | A default client scope that contains mappers to augment the token generated with information required by the components of Camunda Platform. Contains the mappers described in the [mappers](#mappers) section. | +| Name | Protocol | Description | +| ---------------- | -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| camunda-identity | openid-connect | A default client scope that contains mappers to augment the token generated with information required by the components of Camunda. Contains the mappers described in the [mappers](#mappers) section. | ### Mappers diff --git a/docs/self-managed/identity/user-guide/configuration/configure-external-identity-provider.md b/docs/self-managed/identity/user-guide/configuration/configure-external-identity-provider.md index a0534ab6db..772e7a3e89 100644 --- a/docs/self-managed/identity/user-guide/configuration/configure-external-identity-provider.md +++ b/docs/self-managed/identity/user-guide/configuration/configure-external-identity-provider.md @@ -18,12 +18,12 @@ To configure an external identity provider like OpenID Connect, SAML, LDAP, or A [Docker Compose](/self-managed/platform-deployment/docker.md#docker-compose) setup, Keycloak is available at [http://localhost:18080/](http://localhost:18080/). ::: -2. Click **Administrator Console** and log in using the Keycloak administrator credentials. The default administrator username is `admin`. When deploying Camunda Platform 8 with [Helm charts](/self-managed/platform-deployment/helm-kubernetes/overview.md), +2. Click **Administrator Console** and log in using the Keycloak administrator credentials. The default administrator username is `admin`. When deploying Camunda 8 with [Helm charts](/self-managed/platform-deployment/helm-kubernetes/overview.md), you can extract the password as described in [secrets extraction](/self-managed/platform-deployment/helm-kubernetes/upgrade.md#secrets-extraction). Using the example [Docker Compose](/self-managed/platform-deployment/docker.md#docker-compose) setup, the password is set via `KEYCLOAK_ADMIN_PASSWORD` environment variable and is `admin` per default. -3. Select the realm you are using with Camunda Platform 8. By default, this is **Camunda-platform**. +3. Select the realm you are using with Camunda 8. By default, this is **Camunda-platform**. ![keycloak-realm-select](../img/keycloak-admin-realm-select.png) 4. Add an identity provider using one of the following methods: 1. To add an OpenID Connect or SAML provider, select **Identity Providers** in the main menu, click **Add provider...**, and fill in all required configuration settings. diff --git a/docs/self-managed/identity/user-guide/configuration/connect-to-an-existing-keycloak.md b/docs/self-managed/identity/user-guide/configuration/connect-to-an-existing-keycloak.md index 3e256b6c97..dbe8c95860 100644 --- a/docs/self-managed/identity/user-guide/configuration/connect-to-an-existing-keycloak.md +++ b/docs/self-managed/identity/user-guide/configuration/connect-to-an-existing-keycloak.md @@ -35,7 +35,7 @@ To connect Identity to an existing Keycloak instance, take the following steps: ![keycloak-admin-client-update-2](../img/keycloak-admin-client-update-2.png) 9. Select the `manage-clients`, `manage-realm`, and `manage-users` role from the list and click **Assign**. :::note Why does Identity need these roles? - Identity is designed to allow users to manage the various entities related to the Camunda Platform. To achieve this, it requires specific access to the realm. + Identity is designed to allow users to manage the various entities related to Camunda. To achieve this, it requires specific access to the realm. ::: 10. Navigate to the **Credentials** tab and copy the client secret. 11. Set the `IDENTITY_CLIENT_SECRET` [environment variable](/docs/self-managed/identity/deployment/configuration-variables.md) with the value from **Step 9**. diff --git a/docs/self-managed/identity/user-guide/configuration/making-identity-production-ready.md b/docs/self-managed/identity/user-guide/configuration/making-identity-production-ready.md index b8e2b7140c..3cb4e92c9f 100644 --- a/docs/self-managed/identity/user-guide/configuration/making-identity-production-ready.md +++ b/docs/self-managed/identity/user-guide/configuration/making-identity-production-ready.md @@ -19,7 +19,7 @@ To ensure recovery is possible, we recommend regularly backing up the database s #### Helm deployment -If you deployed Camunda Platform 8 using our [Helm charts](../../../platform-deployment/helm-kubernetes/overview.md), +If you deployed Camunda 8 using our [Helm charts](../../../platform-deployment/helm-kubernetes/overview.md), by default there will be a Postgres database deployed with it. In this instance, we recommend reading the [Postgres documentation](https://www.postgresql.org/docs/current/backup.html) for guidance on backing up. diff --git a/docs/self-managed/identity/what-is-identity.md b/docs/self-managed/identity/what-is-identity.md index 1d76cc53b1..124e2e605f 100644 --- a/docs/self-managed/identity/what-is-identity.md +++ b/docs/self-managed/identity/what-is-identity.md @@ -2,14 +2,14 @@ id: what-is-identity title: "What is Identity?" sidebar_label: "What is Identity?" -description: "Identity is the component within the Camunda Platform 8 stack responsible for authentication and authorization." +description: "Identity is the component within the Camunda 8 stack responsible for authentication and authorization." --- :::note Looking for IAM documentation? From version 8.0.0+ the IAM component has been replaced with the Identity component. ::: -Identity is the component within the Camunda Platform 8 stack responsible for authentication and authorization. It allows you to manage: +Identity is the component within the Camunda 8 stack responsible for authentication and authorization. It allows you to manage: - Applications - APIs diff --git a/docs/self-managed/modeler/web-modeler/configuration/configuration.md b/docs/self-managed/modeler/web-modeler/configuration/configuration.md index d6587be93d..adf5340777 100644 --- a/docs/self-managed/modeler/web-modeler/configuration/configuration.md +++ b/docs/self-managed/modeler/web-modeler/configuration/configuration.md @@ -12,7 +12,7 @@ Web Modeler Self-Managed is available to [enterprise customers](../../../../refe The different components of Web Modeler Self-Managed can be configured using environment variables. Each component's variables are described below. - For a working example configuration showing how the components are correctly wired together, see the [Docker Compose file for Web Modeler](../../../platform-deployment/docker#web-modeler-1). -- If you are using the Camunda Platform 8 [Helm chart](../../../platform-deployment/helm-kubernetes/deploy.md) to set up Web Modeler, read more about the different configuration options in the chart's [README file](https://github.com/camunda/camunda-platform-helm/blob/main/charts/camunda-platform/README.md#web-modeler). +- If you are using the Camunda 8 [Helm chart](../../../platform-deployment/helm-kubernetes/deploy.md) to set up Web Modeler, read more about the different configuration options in the chart's [README file](https://github.com/camunda/camunda-platform-helm/blob/main/charts/camunda-platform/README.md#web-modeler). ## Configuration of the `restapi` component @@ -98,7 +98,7 @@ Refer to the [Advanced Logging Configuration Guide](./logging.md#logging-configu | `OAUTH2_TOKEN_ISSUER` | URL of the token issuer (used for JWT validation). | `https://keycloak.example.com/auth/realms/camunda-platform` | - | | `KEYCLOAK_BASE_URL` | Base URL of the Keycloak instance. | `https://keycloak.example.com` | - | | `KEYCLOAK_CONTEXT_PATH` | [optional]
Context path Keycloak serves resources on.
_Note_: With Keycloak 17, the default path was changed from `/auth` to `/`. | `/` | `/auth` | -| `KEYCLOAK_REALM` | Keycloak realm used for Camunda Platform. | `camunda-platform` | - | +| `KEYCLOAK_REALM` | Keycloak realm used for Camunda. | `camunda-platform` | - | | `KEYCLOAK_JWKS_URL` | [Internal](#notes-on-host-names-and-port-numbers) URL used to request Keycloak's JSON Web Key Set (for JWT verification). | `http://keycloak:8080/auth/realms/camunda-platform/protocol/openid-connect/certs` | - | | `IDENTITY_BASE_URL` | [Internal](#notes-on-host-names-and-port-numbers) base URL of the Identity API (used to fetch user data). | `http://identity:8080` | - | diff --git a/versioned_docs/version-1.3/components/best-practices/architecture/deciding-about-your-stack-c7.md b/versioned_docs/version-1.3/components/best-practices/architecture/deciding-about-your-stack-c7.md index b70e294d1f..5e1712ff8b 100644 --- a/versioned_docs/version-1.3/components/best-practices/architecture/deciding-about-your-stack-c7.md +++ b/versioned_docs/version-1.3/components/best-practices/architecture/deciding-about-your-stack-c7.md @@ -1,5 +1,5 @@ --- -title: Deciding about your Camunda 7 stack +title: Deciding about your Camunda Platform 7 stack tags: - Architecture - Stack diff --git a/versioned_docs/version-1.3/components/best-practices/architecture/deciding-about-your-stack.md b/versioned_docs/version-1.3/components/best-practices/architecture/deciding-about-your-stack.md index 43bd30fff4..a3d7bd9818 100644 --- a/versioned_docs/version-1.3/components/best-practices/architecture/deciding-about-your-stack.md +++ b/versioned_docs/version-1.3/components/best-practices/architecture/deciding-about-your-stack.md @@ -12,7 +12,7 @@ tags: If you don't have special architecture requirements, we recommend using SaaS following the proposed greenfield stack. :::caution Camunda Cloud -This best practice targets Camunda Cloud only! If you look for Camunda Platform 7, please refer to [Deciding about your Camunda 7 stack](../deciding-about-your-stack-c7/). +This best practice targets Camunda Cloud only! If you look for Camunda Platform 7, please refer to [Deciding about your Camunda Platform 7 stack](../deciding-about-your-stack-c7/). ::: ## The greenfield stack diff --git a/versioned_docs/version-1.3/components/best-practices/architecture/extending-human-task-management-c7.md b/versioned_docs/version-1.3/components/best-practices/architecture/extending-human-task-management-c7.md index eae263778d..ccad9b3006 100644 --- a/versioned_docs/version-1.3/components/best-practices/architecture/extending-human-task-management-c7.md +++ b/versioned_docs/version-1.3/components/best-practices/architecture/extending-human-task-management-c7.md @@ -1,5 +1,5 @@ --- -title: Extending human task management in Camunda 7 +title: Extending human task management in Camunda Platform 7 tags: - Human Task - Delegation @@ -14,7 +14,7 @@ tags: This best practice targets Camunda Platform 7.x only and is an appendum to [understanding human task management](../understanding-human-tasks-management/). ::: -## The Camunda 7 task lifecyle +## The Camunda Platform 7 task lifecyle Do not show the *lifecycle* of user *tasks* in the process model, they are generic and common to all processes and so can be controlled by using the [Camunda BPM task lifecycle](https://docs.camunda.org/manual/latest/webapps/tasklist/task-lifecycle/) features. diff --git a/versioned_docs/version-1.3/components/best-practices/architecture/sizing-your-environment-c7.md b/versioned_docs/version-1.3/components/best-practices/architecture/sizing-your-environment-c7.md index 7329147109..0b8d1fcf51 100644 --- a/versioned_docs/version-1.3/components/best-practices/architecture/sizing-your-environment-c7.md +++ b/versioned_docs/version-1.3/components/best-practices/architecture/sizing-your-environment-c7.md @@ -1,6 +1,6 @@ --- id: sizing-your-environment-c7 -title: Sizing Your Camunda 7 Environment +title: Sizing Your Camunda Platform 7 Environment tags: - Database - Performance @@ -18,7 +18,7 @@ This best practice targets Camunda Platform 7.x only! If you are using Camunda C You do not need big hardware to run Camunda. The hardware requirements are basically determined by two things: -1. The container/application server you want to use (see [deciding about your Camunda 7 stack](../deciding-about-your-stack-c7/). +1. The container/application server you want to use (see [deciding about your Camunda Platform 7 stack](../deciding-about-your-stack-c7/). 2. Things you do in [Delegation Code](https://docs.camunda.org/manual/latest/user-guide/process-engine/delegation-code/) like service tasks. For example, when calling SOAP WebServices or when doing complex calculations in Java, more CPU time is consumed within the delegation code (your code) than in Camunda. The only way to get reliable figures for your project and environment is to do load testing on a close-to-production environment. We recommend doing this if in doubt. Steering the REST API via load generator tools like JMeter is relatively easy. @@ -79,7 +79,7 @@ Depending on the container, you need around 500 MB—1 GB of disk space. We reco ### Chose a good database -As mentioned in [deciding about your Camunda 7 stack](../deciding-about-your-stack-c7/), we recommend Oracle or PostgreSQL. Together with DB2, we made the best performance observations there. +As mentioned in [deciding about your Camunda Platform 7 stack](../deciding-about-your-stack-c7/), we recommend Oracle or PostgreSQL. Together with DB2, we made the best performance observations there. Note that H2 is seldom used in production, and we do not have much experience with heavy load on this database ([H2 FAQ: Is it Reliable?](http://www.h2database.com/html/faq.html#reliable)). diff --git a/versioned_docs/version-1.3/components/best-practices/architecture/sizing-your-environment.md b/versioned_docs/version-1.3/components/best-practices/architecture/sizing-your-environment.md index 8c4ccbfbc0..9788790312 100644 --- a/versioned_docs/version-1.3/components/best-practices/architecture/sizing-your-environment.md +++ b/versioned_docs/version-1.3/components/best-practices/architecture/sizing-your-environment.md @@ -11,7 +11,7 @@ tags: In order to define and size your environment for Camunda Cloud appropriately, you need to understand the factors that influence hardware requirements. Then you can apply this knowledge to select the appropriate Camunda Cloud SaaS hardware package or size your self-managed Kubernetes cluster. :::caution Camunda Cloud only -This best practice targets Camunda Cloud only! If you are looking at Camunda Plaform, please visit [Sizing your Camunda 7 environment](../sizing-your-environment-c7/). +This best practice targets Camunda Cloud only! If you are looking at Camunda Plaform, please visit [Sizing your Camunda Platform 7 environment](../sizing-your-environment-c7/). ::: diff --git a/versioned_docs/version-8.1/self-managed/identity/deployment/starting-configuration.md b/versioned_docs/version-8.1/self-managed/identity/deployment/starting-configuration.md index 425ee43cfc..d17148e336 100644 --- a/versioned_docs/version-8.1/self-managed/identity/deployment/starting-configuration.md +++ b/versioned_docs/version-8.1/self-managed/identity/deployment/starting-configuration.md @@ -34,9 +34,9 @@ create or update the following entities in Keycloak: ### Client scopes -| Name | Protocol | Description | -| ---------------- | -------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| camunda-identity | openid-connect | A default client scope that contains mappers to augment the token generated with information required by the components of Camunda Platform. Contains the mappers described in the [mappers](#mappers) section | +| Name | Protocol | Description | +| ---------------- | -------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| camunda-identity | openid-connect | A default client scope that contains mappers to augment the token generated with information required by the components of Camunda. Contains the mappers described in the [mappers](#mappers) section | ### Mappers diff --git a/versioned_docs/version-8.1/self-managed/identity/user-guide/configure-external-identity-provider.md b/versioned_docs/version-8.1/self-managed/identity/user-guide/configure-external-identity-provider.md index 14346d38d5..7c74638a21 100644 --- a/versioned_docs/version-8.1/self-managed/identity/user-guide/configure-external-identity-provider.md +++ b/versioned_docs/version-8.1/self-managed/identity/user-guide/configure-external-identity-provider.md @@ -18,12 +18,12 @@ To configure an external identity provider like OpenID Connect, SAML, LDAP, or A [Docker Compose](/self-managed/platform-deployment/docker.md#docker-compose) setup, Keycloak is available at [http://localhost:18080/](http://localhost:18080/). ::: -2. Click **Administrator Console** and log in using the Keycloak administrator credentials. The default administrator username is `admin`. When deploying Camunda Platform 8 with [Helm charts](/self-managed/platform-deployment/helm-kubernetes/overview.md), +2. Click **Administrator Console** and log in using the Keycloak administrator credentials. The default administrator username is `admin`. When deploying Camunda 8 with [Helm charts](/self-managed/platform-deployment/helm-kubernetes/overview.md), you can extract the password as described in [secrets extraction](/self-managed/platform-deployment/helm-kubernetes/upgrade.md#secrets-extraction). Using the example [Docker Compose](/self-managed/platform-deployment/docker.md#docker-compose) setup, the password is set via `KEYCLOAK_ADMIN_PASSWORD` environment variable and is `admin` per default. -3. Select the realm you are using with Camunda Platform 8. By default, this is **Camunda-platform**. +3. Select the realm you are using with Camunda 8. By default, this is **Camunda-platform**. ![keycloak-realm-select](img/keycloak-realm-select.png) 4. Add an identity provider using one of the following methods: 1. To add an OpenID Connect or SAML provider, select **Identity Providers** in the main menu, click **Add provider...**, and fill in all required configuration settings. diff --git a/versioned_docs/version-8.1/self-managed/identity/user-guide/connect-to-an-existing-keycloak.md b/versioned_docs/version-8.1/self-managed/identity/user-guide/connect-to-an-existing-keycloak.md index 5a1584cd33..eb1c95402d 100644 --- a/versioned_docs/version-8.1/self-managed/identity/user-guide/connect-to-an-existing-keycloak.md +++ b/versioned_docs/version-8.1/self-managed/identity/user-guide/connect-to-an-existing-keycloak.md @@ -34,7 +34,7 @@ To connect Identity to an existing Keycloak instance, take the following steps: 8. Assign the `manage-clients`, `manage-realm`, and `manage-users` role from the **Available Roles** list. ![keycloak-admin-update-client-4](img/keycloak-admin-update-client-4.png) :::note Why does Identity need these roles? - Identity is designed to allow users to manage the various entities related to the Camunda Platform. To achieve this, it requires specific access to the realm. + Identity is designed to allow users to manage the various entities related to Camunda. To achieve this, it requires specific access to the realm. ::: 9. Navigate to the **Credentials** tab and copy the client secret. ![keycloak-admin-copy-client-credentials.png](img/keycloak-admin-copy-client-credentials.png) diff --git a/versioned_docs/version-8.1/self-managed/identity/what-is-identity.md b/versioned_docs/version-8.1/self-managed/identity/what-is-identity.md index 6b05f73166..a523a6c542 100644 --- a/versioned_docs/version-8.1/self-managed/identity/what-is-identity.md +++ b/versioned_docs/version-8.1/self-managed/identity/what-is-identity.md @@ -8,7 +8,7 @@ sidebar_label: "What is Identity?" From version 8.0.0+ the IAM component has been replaced with the Identity component. ::: -Identity is the component within the Camunda Platform 8 stack responsible for authentication and authorization. It allows you to manage: +Identity is the component within the Camunda 8 stack responsible for authentication and authorization. It allows you to manage: - Applications - APIs diff --git a/versioned_docs/version-8.1/self-managed/web-modeler/configuration.md b/versioned_docs/version-8.1/self-managed/web-modeler/configuration.md index 434b61594f..a76aed661d 100644 --- a/versioned_docs/version-8.1/self-managed/web-modeler/configuration.md +++ b/versioned_docs/version-8.1/self-managed/web-modeler/configuration.md @@ -14,7 +14,7 @@ However, we encourage you to provide feedback via your designated support channe The different components of Web Modeler Self-Managed can be configured using environment variables. Each component's variables are described below. - For a working example configuration showing how the components are correctly wired together, see the [Docker Compose file for Web Modeler](../../platform-deployment/docker#web-modeler-1). -- If you are using the Camunda Platform 8 [Helm chart](../platform-deployment/helm-kubernetes/deploy.md) to set up Web Modeler, read more about the different configuration options in the chart's [README file](https://github.com/camunda/camunda-platform-helm/blob/main/charts/camunda-platform/README.md#web-modeler-beta). +- If you are using the Camunda 8 [Helm chart](../platform-deployment/helm-kubernetes/deploy.md) to set up Web Modeler, read more about the different configuration options in the chart's [README file](https://github.com/camunda/camunda-platform-helm/blob/main/charts/camunda-platform/README.md#web-modeler-beta). ### Configuration of the `restapi` component @@ -88,7 +88,7 @@ Web Modeler integrates with Identity and Keycloak for authentication and authori | `OAUTH2_TOKEN_ISSUER` | URL of the token issuer (used for JWT validation). | `https://keycloak.example.com/auth/realms/camunda-platform` | - | | `KEYCLOAK_BASE_URL` | Base URL of the Keycloak instance. | `https://keycloak.example.com` | - | | `KEYCLOAK_CONTEXT_PATH` | [optional]
Context path Keycloak serves resources on.
_Note_: With Keycloak 17, the default path was changed from `/auth` to `/`. | `/` | `/auth` | -| `KEYCLOAK_REALM` | Keycloak realm used for Camunda Platform. | `camunda-platform` | - | +| `KEYCLOAK_REALM` | Keycloak realm used for Camunda. | `camunda-platform` | - | | `KEYCLOAK_JWKS_URL` | [Internal](#notes-on-host-names-and-port-numbers) URL used to request Keycloak's JSON Web Key Set (for JWT verification). | `http://keycloak:8080/auth/realms/camunda-platform/protocol/openid-connect/certs` | - | | `IDENTITY_BASE_URL` | [Internal](#notes-on-host-names-and-port-numbers) base URL of the Identity API (used to fetch user data). | `http://identity:8080` | - | diff --git a/versioned_docs/version-8.2/self-managed/identity/deployment/starting-configuration.md b/versioned_docs/version-8.2/self-managed/identity/deployment/starting-configuration.md index 06f8653a07..d6b8649eb1 100644 --- a/versioned_docs/version-8.2/self-managed/identity/deployment/starting-configuration.md +++ b/versioned_docs/version-8.2/self-managed/identity/deployment/starting-configuration.md @@ -35,9 +35,9 @@ create or update the following entities in Keycloak: ### Client scopes -| Name | Protocol | Description | -| ---------------- | -------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| camunda-identity | openid-connect | A default client scope that contains mappers to augment the token generated with information required by the components of Camunda Platform. Contains the mappers described in the [mappers](#mappers) section. | +| Name | Protocol | Description | +| ---------------- | -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| camunda-identity | openid-connect | A default client scope that contains mappers to augment the token generated with information required by the components of Camunda. Contains the mappers described in the [mappers](#mappers) section. | ### Mappers diff --git a/versioned_docs/version-8.2/self-managed/identity/user-guide/configuration/configure-external-identity-provider.md b/versioned_docs/version-8.2/self-managed/identity/user-guide/configuration/configure-external-identity-provider.md index 3499c1d071..335a9673bc 100644 --- a/versioned_docs/version-8.2/self-managed/identity/user-guide/configuration/configure-external-identity-provider.md +++ b/versioned_docs/version-8.2/self-managed/identity/user-guide/configuration/configure-external-identity-provider.md @@ -18,12 +18,12 @@ To configure an external identity provider like OpenID Connect, SAML, LDAP, or A [Docker Compose](/self-managed/platform-deployment/docker.md#docker-compose) setup, Keycloak is available at [http://localhost:18080/](http://localhost:18080/). ::: -2. Click **Administrator Console** and log in using the Keycloak administrator credentials. The default administrator username is `admin`. When deploying Camunda Platform 8 with [Helm charts](/self-managed/platform-deployment/helm-kubernetes/overview.md), +2. Click **Administrator Console** and log in using the Keycloak administrator credentials. The default administrator username is `admin`. When deploying Camunda 8 with [Helm charts](/self-managed/platform-deployment/helm-kubernetes/overview.md), you can extract the password as described in [secrets extraction](/self-managed/platform-deployment/helm-kubernetes/upgrade.md#secrets-extraction). Using the example [Docker Compose](/self-managed/platform-deployment/docker.md#docker-compose) setup, the password is set via `KEYCLOAK_ADMIN_PASSWORD` environment variable and is `admin` per default. -3. Select the realm you are using with Camunda Platform 8. By default, this is **Camunda-platform**. +3. Select the realm you are using with Camunda 8. By default, this is **Camunda-platform**. ![keycloak-realm-select](../img/keycloak-realm-select.png) 4. Add an identity provider using one of the following methods: 1. To add an OpenID Connect or SAML provider, select **Identity Providers** in the main menu, click **Add provider...**, and fill in all required configuration settings. diff --git a/versioned_docs/version-8.2/self-managed/identity/user-guide/configuration/connect-to-an-existing-keycloak.md b/versioned_docs/version-8.2/self-managed/identity/user-guide/configuration/connect-to-an-existing-keycloak.md index 63753fb0a6..ea784278a7 100644 --- a/versioned_docs/version-8.2/self-managed/identity/user-guide/configuration/connect-to-an-existing-keycloak.md +++ b/versioned_docs/version-8.2/self-managed/identity/user-guide/configuration/connect-to-an-existing-keycloak.md @@ -33,7 +33,7 @@ To connect Identity to an existing Keycloak instance, take the following steps: 8. Assign the `manage-clients`, `manage-realm`, and `manage-users` role from the **Available Roles** list. ![keycloak-admin-update-client-4](../img/keycloak-admin-update-client-4.png) :::note Why does Identity need these roles? - Identity is designed to allow users to manage the various entities related to the Camunda Platform. To achieve this, it requires specific access to the realm. + Identity is designed to allow users to manage the various entities related to Camunda. To achieve this, it requires specific access to the realm. ::: 9. Navigate to the **Credentials** tab and copy the client secret. 10. Set the `IDENTITY_CLIENT_SECRET` [environment variable](/docs/self-managed/identity/deployment/configuration-variables.md) with the value from **Step 9**. diff --git a/versioned_docs/version-8.2/self-managed/identity/user-guide/configuration/making-identity-production-ready.md b/versioned_docs/version-8.2/self-managed/identity/user-guide/configuration/making-identity-production-ready.md index b8e2b7140c..3cb4e92c9f 100644 --- a/versioned_docs/version-8.2/self-managed/identity/user-guide/configuration/making-identity-production-ready.md +++ b/versioned_docs/version-8.2/self-managed/identity/user-guide/configuration/making-identity-production-ready.md @@ -19,7 +19,7 @@ To ensure recovery is possible, we recommend regularly backing up the database s #### Helm deployment -If you deployed Camunda Platform 8 using our [Helm charts](../../../platform-deployment/helm-kubernetes/overview.md), +If you deployed Camunda 8 using our [Helm charts](../../../platform-deployment/helm-kubernetes/overview.md), by default there will be a Postgres database deployed with it. In this instance, we recommend reading the [Postgres documentation](https://www.postgresql.org/docs/current/backup.html) for guidance on backing up. diff --git a/versioned_docs/version-8.2/self-managed/identity/what-is-identity.md b/versioned_docs/version-8.2/self-managed/identity/what-is-identity.md index 1d76cc53b1..124e2e605f 100644 --- a/versioned_docs/version-8.2/self-managed/identity/what-is-identity.md +++ b/versioned_docs/version-8.2/self-managed/identity/what-is-identity.md @@ -2,14 +2,14 @@ id: what-is-identity title: "What is Identity?" sidebar_label: "What is Identity?" -description: "Identity is the component within the Camunda Platform 8 stack responsible for authentication and authorization." +description: "Identity is the component within the Camunda 8 stack responsible for authentication and authorization." --- :::note Looking for IAM documentation? From version 8.0.0+ the IAM component has been replaced with the Identity component. ::: -Identity is the component within the Camunda Platform 8 stack responsible for authentication and authorization. It allows you to manage: +Identity is the component within the Camunda 8 stack responsible for authentication and authorization. It allows you to manage: - Applications - APIs diff --git a/versioned_docs/version-8.2/self-managed/modeler/desktop-modeler/deploy-to-self-managed.md b/versioned_docs/version-8.2/self-managed/modeler/desktop-modeler/deploy-to-self-managed.md index 526faaee9f..a6d0762a3d 100644 --- a/versioned_docs/version-8.2/self-managed/modeler/desktop-modeler/deploy-to-self-managed.md +++ b/versioned_docs/version-8.2/self-managed/modeler/desktop-modeler/deploy-to-self-managed.md @@ -1,30 +1,30 @@ --- id: deploy-to-self-managed title: Deploy diagram -description: "Desktop Modeler can directly deploy diagrams and start process instances in Camunda Platform 8 Self-Managed." +description: "Desktop Modeler can directly deploy diagrams and start process instances in Camunda 8 Self-Managed." --- -Desktop Modeler can directly deploy diagrams and start process instances in Camunda Platform 8 Self-Managed. Follow the steps below to deploy a diagram: +Desktop Modeler can directly deploy diagrams and start process instances in Camunda 8 Self-Managed. Follow the steps below to deploy a diagram: 1. Click the rocket-shaped deployment icon: ![deployment icon](./img/deploy-icon.png) -2. Click **Camunda Platform 8 Self-Managed**: +2. Click **Camunda 8 Self-Managed**: ![deployment configuration](./img/deploy-empty.png) 3. Input the `Cluster endpoint`: -![deployment via Camunda Platform 8](./img/deploy-endpoint.png) +![deployment via Camunda 8](./img/deploy-endpoint.png) :::note -You can connect to Camunda Platform 8 both securely and insecurely through the `https` and `http` protocols. +You can connect to Camunda 8 both securely and insecurely through the `https` and `http` protocols. Secured connections to a remote endpoint will only be established if the remote server certificate is trusted by the app. Ensure that signing trusted roots and intermediate certificates [are known to the app](/components/modeler/desktop-modeler/flags/flags.md#zeebe-ssl-certificate). ::: -4. Select **OAuth**, and input the credentials in case your gateway requires authentication: +1. Select **OAuth**, and input the credentials in case your gateway requires authentication: :::note The OAuth URL needs to contain the full path to the token endpoint, i.e. `https:///realms/camunda-platform/protocol/openid-connect/token`. diff --git a/versioned_docs/version-8.2/self-managed/modeler/web-modeler/configuration/configuration.md b/versioned_docs/version-8.2/self-managed/modeler/web-modeler/configuration/configuration.md index d6587be93d..adf5340777 100644 --- a/versioned_docs/version-8.2/self-managed/modeler/web-modeler/configuration/configuration.md +++ b/versioned_docs/version-8.2/self-managed/modeler/web-modeler/configuration/configuration.md @@ -12,7 +12,7 @@ Web Modeler Self-Managed is available to [enterprise customers](../../../../refe The different components of Web Modeler Self-Managed can be configured using environment variables. Each component's variables are described below. - For a working example configuration showing how the components are correctly wired together, see the [Docker Compose file for Web Modeler](../../../platform-deployment/docker#web-modeler-1). -- If you are using the Camunda Platform 8 [Helm chart](../../../platform-deployment/helm-kubernetes/deploy.md) to set up Web Modeler, read more about the different configuration options in the chart's [README file](https://github.com/camunda/camunda-platform-helm/blob/main/charts/camunda-platform/README.md#web-modeler). +- If you are using the Camunda 8 [Helm chart](../../../platform-deployment/helm-kubernetes/deploy.md) to set up Web Modeler, read more about the different configuration options in the chart's [README file](https://github.com/camunda/camunda-platform-helm/blob/main/charts/camunda-platform/README.md#web-modeler). ## Configuration of the `restapi` component @@ -98,7 +98,7 @@ Refer to the [Advanced Logging Configuration Guide](./logging.md#logging-configu | `OAUTH2_TOKEN_ISSUER` | URL of the token issuer (used for JWT validation). | `https://keycloak.example.com/auth/realms/camunda-platform` | - | | `KEYCLOAK_BASE_URL` | Base URL of the Keycloak instance. | `https://keycloak.example.com` | - | | `KEYCLOAK_CONTEXT_PATH` | [optional]
Context path Keycloak serves resources on.
_Note_: With Keycloak 17, the default path was changed from `/auth` to `/`. | `/` | `/auth` | -| `KEYCLOAK_REALM` | Keycloak realm used for Camunda Platform. | `camunda-platform` | - | +| `KEYCLOAK_REALM` | Keycloak realm used for Camunda. | `camunda-platform` | - | | `KEYCLOAK_JWKS_URL` | [Internal](#notes-on-host-names-and-port-numbers) URL used to request Keycloak's JSON Web Key Set (for JWT verification). | `http://keycloak:8080/auth/realms/camunda-platform/protocol/openid-connect/certs` | - | | `IDENTITY_BASE_URL` | [Internal](#notes-on-host-names-and-port-numbers) base URL of the Identity API (used to fetch user data). | `http://identity:8080` | - |