We have recently been on a mission to bring more coherence to Camunda products by developing a common identity and access management solution. Our new product, called Camunda Account, offers Single Sign-On and Single Sign-Out while laying the foundation of a common user and role management across Camunda products and LDAP support.

The planning and development of Camunda Account requires continuous communication and collaboration across different teams and stakeholders. This new objective is put into practice by our new cross-functional Shared Services team. 

Our mission is to centralize services across the Camunda portfolio by harmonizing the Camunda user experience, enabling the Product teams to accelerate product-specific innovation and build new functionalities that improve the synergy among Camunda products overall.

In this article, you will learn more about the features that are part of Camunda Account today and get insight into our roadmap.

Single Sign-On and More

The main goal of the Camunda Account project is to store user credentials securely in one place for use across multiple Camunda products. To achieve this, we have implemented widely spread specifications and best practices such as:

  • OAuth 2.0, the industry standard protocol for authorization. Using this standard allows us to grant third-party applications limited access to our services. Access is obtained on behalf of a Camunda Account user.
  • OpenID Connect, an identity layer on top of the OAuth 2.0 protocol. It allows third-party applications to obtain information about authenticated users.
  • OWASP, a report put together by security experts that describes security problems for web applications. OWASP Top 10 focuses on the 10 most important risks.

Besides these security-based specifications and best practices, we are also planning to perform internal and external security audits in order to minimize security risks specific to our application.

In the following sections we will introduce some features that are currently available on our  Camunda Account application.

Single Sign-On

This feature allows users to log in once and use all available products without having to log in to each one separately. For the initial version of Camunda Account, we integrated with Cawemo and launched it on September 30, 2020.

A diagram of how the login flow works can be seen in the following picture:

To see for yourself how Single Sign-On through Camunda Account works, you can simply go to cawemo.com, click on Sign up for free or Login after which you will be redirected to our Camunda Account website where you can enter your credentials. After signing up, you will be redirected back to Cawemo. You are now successfully logged-in to Cawemo using Camunda Account!

The following GIF shows the Sign up and Login flow.

When we integrate Camunda Account with more products in the future, you will be able to log in once after the first redirect to Camunda Account and be automatically logged-in after every following redirect.

As we can see in the first picture, besides logging in or registering using email and password, users are also able to use Social Login through Google or LinkedIn. The flow works exactly the same way regardless of whether user credentials or a social login is used.

Use of existing accounts

The fact that logging in to Cawemo now requires a login through Camunda Account does not mean that you will have to create a new account. All existing accounts registered with Cawemo have already been migrated to Camunda Account, meaning that you can keep using your existing credentials. This will also be the case with all other Camunda products that we integrate with in the coming months. 

Profile page

You are able to update your profile information through Camunda Account and have it automatically sync up with Cawemo and other Camunda products. If you decide to change your email or password, you only have to do it once, as Camunda Account is a central user data provider for all products.

What’s next?

Camunda Account will evolve as we add more and more features. 

Some of the planned improvements in the near future are:

  • On-premise version – first Camunda product that we will integrate with on-premise will be Cawemo. If you are already using Cawemo on-premise, you will be able to migrate user data to Camunda Account on-premise version.
  • LDAP integration – LDAP is an industry standard protocol for accessing directory services. It is a very useful feature for enterprise users. It will allow you to connect Camunda Account on-premise version with your existing LDAP server and have users authenticate themselves through it. You will be able to choose if you want to store user data in a SQL database, or have the data read from a LDAP server.
  • Camunda Forums integration – logging in to our community forums will work the same way as logging in to Cawemo right now. You will be able to use the same account.
  • Camunda Cloud integration – users of Camunda Cloud products such as Operate, Optimize and Zeebe will also be able to authenticate themselves using Camunda Account.

Alongside developing these new features, we want to continuously work on the user experience and this is where we need your help.

What do you think?

Now it is your turn. You can try out Camunda Account on Cawemo by signing up, logging in and editing your profile. Keep in mind that you can use your Cawemo credentials, if you have used Cawemo before. Afterward, head over to our Forum Thread to let us know what you think about Camunda Account. Your feedback and suggestions will be very much appreciated.

  • The Journey from Camunda BPM to Camunda...

    You might have noticed something a little different about our recent release announcement: Camunda BPM is now Camunda Platform. We’ve renamed our process automation solution to better reflect our mission to help organizations automate any process, anywhere. And, to be perfectly honest, we are also keeping up with what we’re hearing in the field — many of our users and customers already informally refer to “Camunda Platform” or even just “the platform” or simply “Camunda” when talking about the product. During CamundaCon 2020.2, our CEO, Jakob Freund, explained that processes are the algorithms that determine how an organization runs. They define how we work within our own team or across teams, and they influence the way we deal with our...

    Read more
  • Camunda Optimize 3.4.0 Released

    We’re excited to announce the release of Camunda Optimize 3.4.0. Camunda Optimize provides business activity monitoring for workflows, supporting continuous process improvement by providing transparency into your automated workflows and decisions. Business-friendly reports, dashboards and alerts make it possible to identify process bottlenecks and improve end-to-end processes. If you’d like to get started with Optimize 3.4.0 right away, you can download the release here with your Camunda Enterprise Platform customer credentials. And if you’re not yet a Camunda customer, you can sign up here for a free 30-day trial of the Camunda Enterprise Platform, which includes Camunda Optimize. In the rest of this post, we’ll highlight some of the new capabilities introduced in Optimize 3.4.0. Introducing Multi-Measure and Multi-Aggregation Reports...

    Read more
  • Cawemo Enterprise (On-Premises) 1.6 Released

    We’re happy to announce the 1.6 release of Cawemo Enterprise On-Premises. Cawemo is the specification platform of the Camunda stack, enabling all stakeholders to model and collaborate on BPMN and DMN diagrams and related files. The main improvements in this release are: DMN Modeling Cawemo supports modeling of DMN diagrams in addition to BPMN. Enhanced Template Editor In addition to UiPath, Cawemo supports templates for Automation Anywhere and External Service Tasks. Additionally, you are able to define BPMN Errors. Improved Access Rights Capabilities Organizations and projects can have more than one admin now. LDAP integration You can connect your on-premises installation to an LDAP server. As a Camunda Enterprise customer, you can install or upgrade to version 1.6 following our...

    Read more