[keycloak-dev] Admin REST - User Roles
Stian Thorgersen
sthorger at redhat.com
Wed Sep 30 07:39:32 EDT 2015
Does the response actually contain the roles though? You're parsing to
UserRepresentation
then printing it out afterwards.
On 30 September 2015 at 13:24, Remi Cartier <remi.cartier at imetrik.com>
wrote:
> Marek,
>
> I see, thank you for your reply.
>
> Wouldn't it be less error/question prone if the endpoint returning all the
> users wouldn't show the *roles attributes ?
> Because they will always be null if I understood correctly.
>
> Regards.
>
> Rémi.
>
> ------------------------------
> *From:* Marek Posolda [mposolda at redhat.com]
> *Sent:* Wednesday, September 30, 2015 6:21 AM
> *To:* Remi Cartier; keycloak-dev at lists.jboss.org
> *Subject:* Re: [keycloak-dev] Admin REST - User Roles
>
> Hi,
>
> to retrieve realm role mappings of user, you need to use the endpoint like
> http://localhost:8080/auth/admin/realms/demo/users/{userid}/role-mappings/realm
> . See the docs for details:
> http://keycloak.github.io/docs/rest-api/overview-index.html
>
> Marek
>
> On 29/09/15 19:06, Remi Cartier wrote:
>
> Hi guys,
>
> first of all, thank you for that great piece of software, it’s amazing !
>
> Now, down to business.
>
> When I do :
>
> keycloak = Keycloak.getInstance(getKeycloakServerURL(),
> getKeycloakRealm(), getKeycloakRealmAdminUsername(),
> getKeycloakRealmAdminPassword(), getKeycloakClientId());
> for (UserRepresentation userRepresentation :
> keycloak.realm(getKeycloakRealm()).users().search(null, 0,
> Integer.MAX_VALUE)) {
> log.info(ToStringBuilder.reflectionToString(userRepresentation,
> ToStringStyle.JSON_STYLE));
> }
>
> The information I get does not contain any roles, all the roles related
> fields are ‘null’. -
>
> {"self":null,"id":"0556717e-ffb9-4c2d-b85b-533d9396f243","createdTimestamp":1443542144845,"username":"admin","enabled":true,"totp":false,"emailVerified":true,"firstName":"first
> name","lastName":"last
> name","email":null,"federationLink":null,"serviceAccountClientId":null,"attributes":{key1=[value1]},"credentials":null,"requiredActions":[],"federatedIdentities":null,"realmRoles":null,"clientRoles":null,"clientConsents":null,"applicationRoles":null,"socialLinks":null}
> However in the admin interface I have setup roles at each layer : realm,
> client
>
> The user I am using to do the queries has all the *realm* roles associated.
>
> is there anything else I need to do ?
>
> thank you for your help !
>
> ------------------------------
>
>
> REMI CARTIER
> B.O.S.S. (Business & Operation Support Systems) P.O (Product Owner)
>
> *IMETRIK GLOBAL INC.*
> *T :* +1 514 448-6407 x2009
> *T :* +1 866 276-5382 (toll free)
> *F :* +1 514 904-0611
>
> 740 Notre Dame St. West, Suite 1575
> Montreal, Quebec, Canada H3C 3X6
> imetrik.com <http://www.imetrik.com/>
>
>
>
> _______________________________________________
> keycloak-dev mailing listkeycloak-dev at lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-dev
>
>
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20150930/43647599/attachment-0001.html
More information about the keycloak-dev
mailing list