The Camunda Platform 8 configuration
The authentication strategy to use for the Camunda 8 SDK. Defaults to 'OAUTH'.
If you are passing in a custom IHeadersProvider implementation, you can set this to 'NONE' to disable the default authentication.
Password for Basic Auth. Set this when using the BASIC auth strategy with CAMUNDA_AUTH_STRATEGY.
Username for Basic Auth. Set this when using the BASIC auth strategy with CAMUNDA_AUTH_STRATEGY.
The base url for the Admin Console API.
Credentials id for Admin Console and Modeler API
Credentials secret for Admin Console and Modeler API
The audience parameter for an Admin Console OAuth token request. Defaults to api.cloud.camunda.io when connecting to Camunda SaaS, and '' otherwise
The password for Cookie authentication when CAMUNDA_AUTH_STRATEGY is set to COOKIE. Defaults to 'demo'
The login endpoint for Cookie authentication (for use with C8Run in 8.7). Defaults to http://localhost:8080/api/login
The username for Cookie authentication when CAMUNDA_AUTH_STRATEGY is set to COOKIE. Defaults to 'demo'
When using custom or self-signed certificates with mTLS, provide the path to the client certificate chain. Works with Zeebe gRPC.
When using custom or self-signed certificates with mTLS, provide the path to the client private key. Works with Zeebe gRPC.
In an environment using self-signed certificates, provide the path to the server certificate. Provide this to allow the client to connect to a server secured with this cert.
In an environment using self-signed certificates, provide the server certificate as a string. Provide this to allow the client to connect to a server secured with this cert.
Custom user agent
Maximum polling backoff time in milliseconds for Job Workers when an error is encountered. Defaults to 16000 (16 seconds).
The log level for logging. Defaults to 'info'. Values (in order of priority): 'error', 'warn', 'info', 'http', 'verbose', 'debug', 'silly'. Set to 'none' to suppress logging.
The base url for the Modeler API. Defaults to Camunda Saas - https://modeler.camunda.io/api
The audience parameter for a Modeler OAuth token request. Defaults to api.cloud.camunda.io when connecting to Camunda SaaS, and '' otherwise See: https://github.com/camunda/camunda-8-js-sdk/issues/60
Set to true to disable OAuth completely
The OAuth token (used for CAMUNDA_AUTH_STRATEGY "BEARER")
How soon in milliseconds before its expiration time a cached OAuth token should be considered expired. Defaults to 1000
The OAuth token exchange endpoint url
The base url for the Operate API
The audience parameter for an Operate OAuth token request. Defaults to operate.camunda.io
The base url for the Optimize API
The audience parameter for an Optimize OAuth token request. Defaults to optimize.camunda.io
Control TLS for Zeebe GRPC connections. Defaults to true.
Note: This setting interacts with the ZEEBE_INSECURE_CONNECTION setting in zeebeGrpcSettings.
CAMUNDA_SECURE_CONNECTION is true and ZEEBE_INSECURE_CONNECTION is false, a secure TLS connection will be used.CAMUNDA_SECURE_CONNECTION is false or ZEEBE_INSECURE_CONNECTION is true, an insecure connection will be used.CAMUNDA_SECURE_CONNECTION to true and ZEEBE_INSECURE_CONNECTION to true will result in a warning
and an insecure connection will be used.CAMUNDA_SECURE_CONNECTION to false and ZEEBE_INSECURE_CONNECTION to false will result in a warning
and an insecure connection will be used.Set to true to enable an output log file with debugging information and diagnostic traces to assist Camunda Support in technical support.
Optionally provide a file path for the support log. By default it will be emitted as camunda-support.log
The base url for the Tasklist API
The audience parameter for a Tasklist OAuth token request. Defaults to tasklist.camunda.io
The tenant id when multi-tenancy is enabled
The directory to cache OAuth tokens on-disk. Defaults to $HOME/.camunda
Set to true to disable disk caching of OAuth tokens and use memory caching only
Optional scope parameter for OAuth (needed by some OIDC, such as Microsoft Entra)
The audience parameter for a Zeebe OAuth token request. This is a synonym for and has precedence over ZEEBE_TOKEN_AUDIENCE. If this value is not set, ZEEBE_TOKEN_AUDIENCE will be used.
The address for the Zeebe gRPC Gateway. Defaults to localhost:26500
This is the client ID for the client credentials
This is the client secret for the client credentials
The address for the Zeebe gRPC Gateway. Defaults to localhost:26500. If a value is also provided for ZEEBE_ADDRESS, that value will be used preferentially.
The address for the Zeebe REST API. Defaults to localhost:8080
The audience parameter for a Zeebe OAuth token request. Defaults to zeebe.camunda.io
This channel argument controls the maximum number of pings that can be sent when there is no other data (data frame or header frame) to be sent. GRPC Core will not continue sending pings if we run over the limit. Setting it to 0 allows sending pings without sending data.
Minimum allowed time between a server receiving successive ping frames without sending any data frame. Int valued, milliseconds. Default: 90000
Defaults to 90000.
The time between the first and second connection attempts, in ms. Defaults to 1000.
This channel argument if set to 1 (0 : false; 1 : true), allows keepalive pings to be sent even if there are no calls in flight. Defaults to 1.
After a duration of this time the client/server pings its peer to see if the transport is still alive. Int valued, milliseconds. Defaults to 360000.
After waiting for a duration of this time, if the keepalive ping sender does not receive the ping ack, it will close the transport. Int valued, milliseconds. Defaults to 120000.
The maximum time between subsequent connection attempts, in ms. Defaults to 10000.
The minimum time between subsequent connection attempts, in ms. Default is 1000ms, but this can cause an SSL Handshake failure. This causes an intermittent failure in the Worker-LongPoll test when run against Camunda Cloud. Raised to 5000ms. See: https://github.com/grpc/grpc/issues/8382#issuecomment-259482949
Log level of Zeebe Client and Workers - 'DEBUG' | 'INFO' | 'NONE'. Defaults to 'INFO'
Zeebe client log output can be human-readable 'SIMPLE' or structured 'JSON'. Defaults to 'SIMPLE'
The gRPC channel can "jitter". This suppresses a connection error message if the channel comes back within this window in milliseconds. Defaults to 3000
Immediately connect to the Zeebe Gateway (issues a silent topology request). Defaults to false
This suppresses intermediate errors during initial connection negotiation. On Camunda SaaS this defaults to 6000, on Self-Managed to 0
Maximum number of retries of network operations before failing. Defaults to -1 (infinite retries)
When retrying failed network operations, retries back off to this maximum period. Defaults to 10s
Automate retrying operations that fail due to network conditions or broker backpressure. Defaults to true
How long in seconds the long poll Job Activation request is held open by a worker. Defaults to 60
After a long poll Job Activation request, this is the cool-off period in milliseconds before the worker requests more work. Defaults to 300
Use an insecure connection for Zeebe GRPC.
Note: This setting interacts with the CAMUNDA_SECURE_CONNECTION setting.
ZEEBE_INSECURE_CONNECTION is false and CAMUNDA_SECURE_CONNECTION is true, a secure TLS connection will be used (recommended).ZEEBE_INSECURE_CONNECTION is true or CAMUNDA_SECURE_CONNECTION is false, an insecure connection will be used.ZEEBE_INSECURE_CONNECTION to true and CAMUNDA_SECURE_CONNECTION to true will result in a warning
and an insecure connection will be used.ZEEBE_INSECURE_CONNECTION to false and CAMUNDA_SECURE_CONNECTION to false will result in a warning
and an insecure connection will be used.
Validates settings consistency and logs warnings for conflicting TLS configuration.