Authentication

The modeler reuses the authentication infrastructure of cibseven-webclient. Every REST endpoint validates the session token provided in the request.

Disabling Authentication

Authentication is enabled by default. It can be disabled for local development or testing:

cibsevenmodeler:
  authentication:
    enabled: false

Or via environment variable:

CIBSEVENMODELER_AUTHENTICATION_ENABLED=false

Never disable authentication in production

Disabling authentication exposes all modeler REST endpoints without any access control. Only use this setting in isolated development or CI environments.

Integration with CIB seven Engine

Endpoints that interact with the CIB seven engine (deploy, start process) forward the authenticated user context to the engine. This ensures that engine audit trails reflect the actual user, not a service account.

Authentication

Disabling Authentication

Never disable authentication in production

Integration with CIB seven Engine

On this Page: