<div dir="ltr">I&#39;d like to get import/export done properly. The addition of being able to add bits and pieces to import in a directory would be really helpful on Docker/OpenShift/etc..<div><br></div><div>Besides, CLI is on hold until we decide what to do. We&#39;re not going to decide on that in the next week weeks. I&#39;m not sure we have the resources available to do CLI properly before Christmas, so it would probably be better to wait.</div></div><div class="gmail_extra"><br><div class="gmail_quote">On 21 October 2015 at 14:15, Stan Silvert <span dir="ltr">&lt;<a href="mailto:ssilvert@redhat.com" target="_blank">ssilvert@redhat.com</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
  
    
  
  <div text="#000000" bgcolor="#FFFFFF">
    <div>I like those ideas too.  Some have
      already been talked about but regarded as &quot;nice to have&quot;.<br>
      <br>
      The question is do we want me to spend extra weeks on all those
      features or do we want to get started on CLI?  <br>
      <br>
      Right now, I have batch import implemented for Users, Clients, and
      Identity Providers.  It&#39;s easy to add the replace, skip, error
      feature, so I&#39;ll probably spend a couple of extra hours today
      doing that.<br>
      <br>
      Personally, I think the best approach is to implement the simplest
      possible version of the feature and then get feedback to see what
      enhancements are really needed.  If you want to try out the import
      feature, It&#39;s here:<br>
      <a href="https://github.com/ssilvert/keycloak/tree/user-import-export" target="_blank">https://github.com/ssilvert/keycloak/tree/user-import-export</a><div><div class="h5"><br>
      <br>
      On 10/21/2015 6:00 AM, Stian Thorgersen wrote:<br>
    </div></div></div><div><div class="h5">
    <blockquote type="cite">
      <div dir="ltr">Those are nice additional options we could have.
        Simply have a checkbox to re-generate realm keys and another
        checkbox to re-generate client secrets (if a client is using jwt
        auth then we shouldn&#39;t re-generate the keys for the client as we
        don&#39;t store the private key).</div>
      <div class="gmail_extra"><br>
        <div class="gmail_quote">On 21 October 2015 at 10:06, Thomas
          Raehalme <span dir="ltr">&lt;<a href="mailto:thomas.raehalme@aitiofinland.com" target="_blank">thomas.raehalme@aitiofinland.com</a>&gt;</span>
          wrote:<br>
          <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
            <div dir="ltr">
              <div>
                <div>
                  <div>I think all of these sound useful!<br>
                    <br>
                  </div>
                  May I suggest another useful option when importing
                  realm or client, which is to re-generate keys and
                  secrets?<br>
                  <br>
                </div>
                Best regards,<br>
              </div>
              Thomas<br>
              <div class="gmail_extra"><br>
                <div class="gmail_quote">
                  <div>
                    <div>On Wed, Oct 21, 2015 at 11:00 AM,
                      Stian Thorgersen <span dir="ltr">&lt;<a href="mailto:sthorger@redhat.com" target="_blank">sthorger@redhat.com</a>&gt;</span>
                      wrote:<br>
                    </div>
                  </div>
                  <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
                    <div>
                      <div>
                        <div dir="ltr">After your last email with
                          regards to removing the import button from
                          client create page I had an idea.
                          <div><br>
                          </div>
                          <div>How about we do the following:</div>
                          <div><br>
                          </div>
                          <div><br>
                          </div>
                          <div>Import/export single</div>
                          <div>--------------------------</div>
                          <div>On realm, client, identity provider and
                            user federation create pages we add the
                            import button. This will prefill the form
                            and let the user review before importing.
                            This is how realm and client works now. We&#39;d
                            also add a link to export a single entity
                            when displaying it in the admin console
                            (next to the delete icon).</div>
                          <div><br>
                          </div>
                          <div>Batch export</div>
                          <div>-----------------</div>
                          <div>When exporting a realm you can select
                            what you want to export. The option would
                            include realm settings, clients, identity
                            brokers, user federation, users,
                            credentials. Further there would be an
                            option if export would be done to a file or
                            a json download. If export to file is
                            selected you would get the option to export
                            credentials for users, if json download is
                            selected that option would be disabled.</div>
                          <div><br>
                          </div>
                          <div>Batch import</div>
                          <div>-----------------<br>
                          </div>
                          <div>We should have options to import a realm
                            as well as import into an existing realm.
                            For this we should have an option to select
                            what happens if resources exists (for
                            example client with client-id exists, or
                            user with username exists). Options could be
                            replace, skip, warn, error, etc..</div>
                          <div><br>
                          </div>
                          <div><br>
                          </div>
                          <div>Finally I was also thinking about an
                            option where we&#39;d have a import directory on
                            the server. Any files in this would be
                            imported on startup. Once imported we&#39;d add
                            a &quot;&lt;filename&gt;.imported&quot; or
                            &quot;&lt;filename&gt;.failed&quot;. Same here it
                            would be nice to be able to somehow specify
                            the strategy if the resource exists.</div>
                        </div>
                        <br>
                      </div>
                    </div>
                    _______________________________________________<br>
                    keycloak-dev mailing list<br>
                    <a href="mailto:keycloak-dev@lists.jboss.org" target="_blank">keycloak-dev@lists.jboss.org</a><br>
                    <a href="https://lists.jboss.org/mailman/listinfo/keycloak-dev" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a><br>
                  </blockquote>
                </div>
                <br>
              </div>
            </div>
          </blockquote>
        </div>
        <br>
      </div>
    </blockquote>
    <br>
  </div></div></div>

</blockquote></div><br></div>