<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix">I like those ideas too. Some have
already been talked about but regarded as "nice to have".<br>
<br>
The question is do we want me to spend extra weeks on all those
features or do we want to get started on CLI? <br>
<br>
Right now, I have batch import implemented for Users, Clients, and
Identity Providers. It's easy to add the replace, skip, error
feature, so I'll probably spend a couple of extra hours today
doing that.<br>
<br>
Personally, I think the best approach is to implement the simplest
possible version of the feature and then get feedback to see what
enhancements are really needed. If you want to try out the import
feature, It's here:<br>
<a class="moz-txt-link-freetext" href="https://github.com/ssilvert/keycloak/tree/user-import-export">https://github.com/ssilvert/keycloak/tree/user-import-export</a><br>
<br>
On 10/21/2015 6:00 AM, Stian Thorgersen wrote:<br>
</div>
<blockquote
cite="mid:CAJgngAcbk1QbfX1xzh0S9DQLpASEd-tTrgM+L=mUT33vQLo66Q@mail.gmail.com"
type="cite">
<div dir="ltr">Those are nice additional options we could have.
Simply have a checkbox to re-generate realm keys and another
checkbox to re-generate client secrets (if a client is using jwt
auth then we shouldn't re-generate the keys for the client as we
don't store the private key).</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On 21 October 2015 at 10:06, Thomas
Raehalme <span dir="ltr"><<a moz-do-not-send="true"
href="mailto:thomas.raehalme@aitiofinland.com"
target="_blank">thomas.raehalme@aitiofinland.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">
<div>
<div>
<div>I think all of these sound useful!<br>
<br>
</div>
May I suggest another useful option when importing
realm or client, which is to re-generate keys and
secrets?<br>
<br>
</div>
Best regards,<br>
</div>
Thomas<br>
<div class="gmail_extra"><br>
<div class="gmail_quote">
<div>
<div class="h5">On Wed, Oct 21, 2015 at 11:00 AM,
Stian Thorgersen <span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:sthorger@redhat.com"
target="_blank">sthorger@redhat.com</a>></span>
wrote:<br>
</div>
</div>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div>
<div class="h5">
<div dir="ltr">After your last email with
regards to removing the import button from
client create page I had an idea.
<div><br>
</div>
<div>How about we do the following:</div>
<div><br>
</div>
<div><br>
</div>
<div>Import/export single</div>
<div>--------------------------</div>
<div>On realm, client, identity provider and
user federation create pages we add the
import button. This will prefill the form
and let the user review before importing.
This is how realm and client works now. We'd
also add a link to export a single entity
when displaying it in the admin console
(next to the delete icon).</div>
<div><br>
</div>
<div>Batch export</div>
<div>-----------------</div>
<div>When exporting a realm you can select
what you want to export. The option would
include realm settings, clients, identity
brokers, user federation, users,
credentials. Further there would be an
option if export would be done to a file or
a json download. If export to file is
selected you would get the option to export
credentials for users, if json download is
selected that option would be disabled.</div>
<div><br>
</div>
<div>Batch import</div>
<div>-----------------<br>
</div>
<div>We should have options to import a realm
as well as import into an existing realm.
For this we should have an option to select
what happens if resources exists (for
example client with client-id exists, or
user with username exists). Options could be
replace, skip, warn, error, etc..</div>
<div><br>
</div>
<div><br>
</div>
<div>Finally I was also thinking about an
option where we'd have a import directory on
the server. Any files in this would be
imported on startup. Once imported we'd add
a "<filename>.imported" or
"<filename>.failed". Same here it
would be nice to be able to somehow specify
the strategy if the resource exists.</div>
</div>
<br>
</div>
</div>
_______________________________________________<br>
keycloak-dev mailing list<br>
<a moz-do-not-send="true"
href="mailto:keycloak-dev@lists.jboss.org"
target="_blank">keycloak-dev@lists.jboss.org</a><br>
<a moz-do-not-send="true"
href="https://lists.jboss.org/mailman/listinfo/keycloak-dev"
rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a><br>
</blockquote>
</div>
<br>
</div>
</div>
</blockquote>
</div>
<br>
</div>
</blockquote>
<br>
</body>
</html>