src/main/resources/application.yaml

logging:
  level:
    root: INFO
management:
  endpoint:
    health:
      show-details: "always"
  security:
    enabled: false
  endpoints:
    web:
      base-path: /
spring:
  flyway:
    enabled: false
  security:
    enabled: false
  datasource:
    url: jdbc:postgresql://${CAMUNDA_DB_HOST:localhost}:${CAMUNDA_DB_PORT:5432}/${CAMUNDA_DB_NAME:camunda}${CAMUNDA_DB_CONN_OPTIONS:}
    username: ${CAMUNDA_DB_USER_NAME:camunda}
    password: ${CAMUNDA_DB_PASSWORD:camunda}
camunda:
  api:
    auth:
      enabled: true
  ui: 
    auth:
      enabled: false
  bpm:
    authorization:
      enabled: true
    admin-user:
      id: admin
      password: ${CAMUNDA_ADMIN_PASSWORD:admin}
      firstName: Admin
    filter:
      create: All tasks
    generic-properties:
      properties:
        generalResourceWhitelistPattern: '[.a-zA-Z0-9@_-]+'
    database:
#    We manage database versioning through flyway. Using this can cause the schema to go out of sync.
      schema-update: false

    webapp:
      application-path: /
camundaGroups:
  rpe:
    adGroupId: c36eaede-a0ae-4967-8fed-0a02960b1370
    tenantId: rpe
    groupId: rpe
    accessControl: user
  work-allocation:
    adGroupId: cdeb331b-adfe-46a7-a2c8-a628e2d35d96
    tenantId: work-allocation
    groupId: work-allocation
    accessControl: user
    s2sServiceNames:
      - wa_task_management_api
      - wa_task_configuration_api
      - wa_workflow_api
  civil-unspecified:
    adGroupId: 40c33f5a-24d0-4b22-a923-df8a80a59cd9
    tenantId: civil-unspecified
    groupId: civil-unspecified
    accessControl: user
    s2sServiceNames:
      - unspec-service

camundaAdminGroupId: c36eaede-a0ae-4967-8fed-0a02960b1370
camundaAccess:
  user:
    deploymentAccess: true
    taskAccess: true
    processDefinition: true
    processInstance: true
    batchAccess: true
    decisionDefinitionAccess: true
    optimiseAccess: true

server:
  servlet:
    context-path: /
  port: 8999
idam:
  s2s-auth:
    url: ${S2S_URL:http://localhost:4552}
---
spring:
  profiles: springauth
  security:
    enabled: true
    oauth2:
      client:
        registration:
          azure:
            provider: azure
            client-id: ${CLIENT_ID}
            client-secret: ${CLIENT_SECRET}
            authorization-grant-type: authorization_code
            scope:
              - openid
        provider:
          azure:
            issuer-uri: ${ISSUER_URI:https://sts.windows.net/531ff96d-0ae9-462a-8d2d-bec7c0b42082/}
camunda:
  ui:
    auth:
      enabled: true