Clarify "application" in Identity docs

camunda / camunda-docs

Camunda 8 Documentation, including all components and features

https://docs.camunda.io/

Other

54 stars 182 forks source link

Clarify "application" in Identity docs #2630

Open akeller opened 1 year ago

akeller commented 1 year ago

Is "application" a Keycloak term? I see a 1:1 mapping here for our C8 components. Every component is an application. But Zeebe isn't in the screenshots, so does that not include Zeebe?
Do we have recommendations for the application type for each of our C8 components?

Originally posted by @akeller in https://github.com/camunda/camunda-platform-docs/pull/2587#pullrequestreview-1629400258

dlavrenuek commented 11 months ago

@akeller Application is not a Keycloak but rather an Auth0 term. In Keycloak it is just a client. Zeebe is not an application because users can not login into it and it also does not call other apis itself (as an M2M application would do). It just provides an API that can be interacted with, so in our architecture it is an API. Do you think that the current applications docs page should be further improved?

Do we have recommendations for the application type for each of our C8 components? User should not try to modify or create any c8 applications, these are created/updated automatically by preconfigured data in Identity. We are working on support for generic OpenIDC providers without Keycloak, which would require manually creating each application, so documentation for clients would be part of it.

akeller commented 11 months ago

I recommend defining an "application" and maybe including where the name comes from (Auth0).

In the SaaS console, we refer to "Camunda apps" as Console, Modeler, Tasklist, Optimize, and Operate. I want to make sure we are clear about what we refer to when discussing applications and apps.

What does this page refer to? Why would I create a new application? A custom Tasklist implementation? Or is this pre-work for the generic OpenIDC provider task you referred to?

dlavrenuek commented 11 months ago

As described on this page, there are 3 types of applications: public, confidential and m2m. Public and confidential applications are applications where a user can log in, this could be a custom Tasklist or any custom web-based (or even mobile) app, that needs to operate in the c8 context (f.e. use the Tasklist, Operate or Modeler APIs). An M2M application is an application that does not have a UI and just runs, f.e. a service worker.

The SaaS "Apps" are technically also applications. On SM we do not have the destinction between applications (c8 apps) and clients (other apps/workers). I can see that this can create confusions for users switching from SaaS to SM but also provides additional challenges in maintaining the docs.

When you say defining an "application", do you mean adding this as a term to glossary?

akeller commented 11 months ago

Let me do this in a PR. I think we have the pieces, but we need some links to bring things together.