diff --git a/lib/bas/utils/operaton/base_operaton_client.rb b/lib/bas/utils/operaton/base_operaton_client.rb
index 61f3b1c..b646d5c 100644
--- a/lib/bas/utils/operaton/base_operaton_client.rb
+++ b/lib/bas/utils/operaton/base_operaton_client.rb
@@ -2,6 +2,7 @@
 
 require "faraday"
 require "json"
+require "base64"
 
 module Utils
   module Operaton
@@ -10,10 +11,12 @@ module Operaton
     # shared by all Operaton API clients.
     #
     class BaseClient
-      def initialize(base_url:)
+      def initialize(base_url:, username: nil, password: nil)
         raise ArgumentError, "base_url is required" if base_url.to_s.strip.empty?
 
         @base_url = base_url.chomp("/")
+        @username = username
+        @password = password
         @conn = build_conn
       end
 
@@ -23,6 +26,7 @@ def build_conn
         # Override to add multipart support for file uploads and URL encoding for form data
         Faraday.new(url: @base_url) do |f|
           f.request :json
+          f.response :logger
           f.response :json, content_type: /\bjson$/
           f.adapter Faraday.default_adapter
           f.options.timeout = 30
@@ -30,17 +34,36 @@ def build_conn
         end
       end
 
+      def basic_auth_required?
+        return false if @username.to_s.empty? || @password.to_s.empty?
+
+        uri = URI.parse(@base_url)
+        host = uri.host
+        !(host.nil? || host.include?("localhost") || host == "127.0.0.1")
+      end
+
       def full_url(path)
         "#{@base_url}#{path.start_with?("/") ? path : "/#{path}"}"
       end
 
+      def add_auth_headers(req)
+        return unless basic_auth_required?
+
+        token = Base64.strict_encode64("#{@username}:#{@password}")
+        req.headers["Authorization"] = "Basic #{token}"
+      end
+
       def get(path, params = {})
-        response = @conn.get(full_url(path), params)
+        response = @conn.get(full_url(path)) do |req|
+          add_auth_headers(req)
+          req.params.update(params)
+        end
         handle_response(response)
       end
 
       def post(path, body = {}, headers = {})
         response = @conn.post(full_url(path)) do |req|
+          add_auth_headers(req)
           req.headers.update(headers) if headers.any?
           req.body = body
         end
diff --git a/lib/bas/utils/operaton/external_task_client.rb b/lib/bas/utils/operaton/external_task_client.rb
index d7f61b1..8ca3328 100644
--- a/lib/bas/utils/operaton/external_task_client.rb
+++ b/lib/bas/utils/operaton/external_task_client.rb
@@ -23,7 +23,11 @@ class ExternalTaskClient < BaseClient
       def initialize(params)
         @worker_id = params[:worker_id]
         validate_params!(params)
-        super(base_url: params[:base_url])
+        super(
+          base_url: params[:base_url],
+          username: params[:username],
+          password: params[:password]
+        )
       end
 
       def fetch_and_lock(topics_str, lock_duration: 10_000, max_tasks: 1, use_priority: true, variables: [])
diff --git a/lib/bas/utils/operaton/process_client.rb b/lib/bas/utils/operaton/process_client.rb
index 8382633..ba84626 100644
--- a/lib/bas/utils/operaton/process_client.rb
+++ b/lib/bas/utils/operaton/process_client.rb
@@ -16,9 +16,9 @@ module Operaton
     #   tasks = client.deploy_process(file_path, deployment_name: deployment_name)
     #
     class ProcessClient < BaseClient
-      def initialize(base_url:)
+      def initialize(base_url:, username: nil, password: nil)
         @logger = defined?(Rails) ? Rails.logger : Logger.new($stdout)
-        super(base_url: base_url)
+        super(base_url: base_url, username: username, password: password)
       end
 
       def deploy_process(file_path, deployment_name:)
@@ -37,6 +37,10 @@ def deploy_process(file_path, deployment_name:)
         post("/deployment/create", payload)
       end
 
+      def test_engine
+        get("/engine")
+      end
+
       def instance_with_business_key_exists?(process_key, business_key)
         query_params = {
           processDefinitionKey: process_key,