<div dir="ltr">You should use the master realm as it permits access to all realms as well as creating realms.<div><br></div><div>Create a client ;)</div></div><div class="gmail_extra"><br><div class="gmail_quote">On 28 October 2015 at 06:17, Giulio Vito de Musso <span dir="ltr"><<a href="mailto:giulio.vito.demusso@gmail.com" target="_blank">giulio.vito.demusso@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hi Stian, all,<div><br></div><div>Reading your first link I can see that the URL to call to get a token is </div><div><span style="color:rgb(0,134,179);font-family:Consolas,'Liberation Mono',Menlo,Courier,monospace;font-size:12px;line-height:16.8px;white-space:pre-wrap"><br></span></div><div><span style="color:rgb(24,54,145);font-family:Consolas,'Liberation Mono',Menlo,Courier,monospace;font-size:12px;line-height:16.8px;white-space:pre-wrap"><span>http:<KeycloakHost>/auth/</span>realms/{realm-name}/protocol/openid-connect/token<span>"</span></span></div><div><span style="color:rgb(24,54,145);font-family:Consolas,'Liberation Mono',Menlo,Courier,monospace;font-size:12px;line-height:16.8px;white-space:pre-wrap"><span><br></span></span></div><div><span style="color:rgb(24,54,145);font-family:Consolas,'Liberation Mono',Menlo,Courier,monospace;font-size:12px;line-height:16.8px;white-space:pre-wrap"><span>But what is the realm-name to use? I'm trying to execute an operation which is above all realms (which is create a new realm posting the JSON)</span></span></div><div><font color="#333333" face="Consolas, Liberation Mono, Menlo, Courier, monospace"><span style="font-size:12px;line-height:16.8px;white-space:pre-wrap"><br></span></font></div><div><font color="#333333" face="Consolas, Liberation Mono, Menlo, Courier, monospace"><span style="font-size:12px;line-height:16.8px;white-space:pre-wrap">Moreover I should provide a client_id in the request body, but I don't know which client ID to use.</span></font></div><div><font color="#333333" face="Consolas, Liberation Mono, Menlo, Courier, monospace"><span style="font-size:12px;line-height:16.8px;white-space:pre-wrap"><br></span></font></div><div><font color="#333333" face="Consolas, Liberation Mono, Menlo, Courier, monospace"><span style="font-size:12px;line-height:16.8px;white-space:pre-wrap">Thanks </span></font></div><span class="HOEnZb"><font color="#888888"><div><font color="#333333" face="Consolas, Liberation Mono, Menlo, Courier, monospace"><span style="font-size:12px;line-height:16.8px;white-space:pre-wrap">Giulio</span></font></div><div><font color="#333333" face="Consolas, Liberation Mono, Menlo, Courier, monospace"><span style="font-size:12px;line-height:16.8px;white-space:pre-wrap"><br></span></font></div></font></span></div><div class="HOEnZb"><div class="h5"><div class="gmail_extra"><br><div class="gmail_quote">2015-10-28 3:49 GMT+01:00 Stian Thorgersen <span dir="ltr"><<a href="mailto:sthorger@redhat.com" target="_blank">sthorger@redhat.com</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">You'll need a bearer token to invoke the services. A token can be obtained either using the direct grant (or resource owner password grant as oauth calls it) or using the standard web flow.<div><br></div><div>Take a look at:<div><a href="https://github.com/keycloak/keycloak/blob/master/examples/demo-template/admin-access-app/src/main/java/org/keycloak/example/AdminClient.java" target="_blank">https://github.com/keycloak/keycloak/blob/master/examples/demo-template/admin-access-app/src/main/java/org/keycloak/example/AdminClient.java</a><br></div></div><div><br></div><div>Or if you are invoking from Java, simply use our Java admin client lib:</div><div><a href="https://github.com/keycloak/keycloak/blob/master/examples/admin-client/src/main/webapp/index.jsp" target="_blank">https://github.com/keycloak/keycloak/blob/master/examples/admin-client/src/main/webapp/index.jsp</a><br></div></div><div class="gmail_extra"><br><div class="gmail_quote"><div><div>On 27 October 2015 at 07:09, Giulio Vito de Musso <span dir="ltr"><<a href="mailto:giulio.vito.demusso@gmail.com" target="_blank">giulio.vito.demusso@gmail.com</a>></span> wrote:<br></div></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div><div dir="ltr"><div><br></div><div><p style="margin:0px 0px 1em;padding:0px;border:0px;font-size:15px;clear:both;font-family:'Helvetica Neue',Helvetica,Arial,sans-serif;line-height:17.7273px">Hello you all,</p><p style="margin:0px 0px 1em;padding:0px;border:0px;font-size:15px;clear:both;font-family:'Helvetica Neue',Helvetica,Arial,sans-serif;line-height:17.7273px"><span style="line-height:17.7273px">I need to configure realms in Keycloak through the Admin WS accessible at the path</span><br></p><pre style="margin-top:0px;padding:5px;border:0px;font-size:13px;overflow:auto;width:auto;max-height:600px;font-family:Consolas,Menlo,Monaco,'Lucida Console','Liberation Mono','DejaVu Sans Mono','Bitstream Vera Sans Mono','Courier New',monospace,sans-serif;word-wrap:normal;background-color:rgb(238,238,238)"><code style="margin:0px;padding:0px;border:0px;font-family:Consolas,Menlo,Monaco,'Lucida Console','Liberation Mono','DejaVu Sans Mono','Bitstream Vera Sans Mono','Courier New',monospace,sans-serif;white-space:inherit"><a href="http://KeycloakServer:8081/auth/admin/realms" target="_blank">http://KeycloakServer:8081/auth/admin/realms</a>
</code></pre><p style="margin:0px 0px 1em;padding:0px;border:0px;font-size:15px;clear:both;font-family:'Helvetica Neue',Helvetica,Arial,sans-serif;line-height:17.7273px">So in Postman I run the following request</p><p style="margin:0px 0px 1em;padding:0px;border:0px;font-size:15px;clear:both;font-family:'Helvetica Neue',Helvetica,Arial,sans-serif;line-height:17.7273px">URL: <code style="margin:0px;padding:1px 5px;border:0px;font-size:13px;font-family:Consolas,Menlo,Monaco,'Lucida Console','Liberation Mono','DejaVu Sans Mono','Bitstream Vera Sans Mono','Courier New',monospace,sans-serif;white-space:pre-wrap;background-color:rgb(238,238,238)"><a href="http://KeycloakServer:8081/auth/admin/realms" target="_blank">http://KeycloakServer:8081/auth/admin/realms</a></code></p><p style="margin:0px 0px 1em;padding:0px;border:0px;font-size:15px;clear:both;font-family:'Helvetica Neue',Helvetica,Arial,sans-serif;line-height:17.7273px">Method: <code style="margin:0px;padding:1px 5px;border:0px;font-size:13px;font-family:Consolas,Menlo,Monaco,'Lucida Console','Liberation Mono','DejaVu Sans Mono','Bitstream Vera Sans Mono','Courier New',monospace,sans-serif;white-space:pre-wrap;background-color:rgb(238,238,238)">POST</code></p><p style="margin:0px 0px 1em;padding:0px;border:0px;font-size:15px;clear:both;font-family:'Helvetica Neue',Helvetica,Arial,sans-serif;line-height:17.7273px">Body:</p><pre style="margin-top:0px;padding:5px;border:0px;font-size:13px;overflow:auto;width:auto;max-height:600px;font-family:Consolas,Menlo,Monaco,'Lucida Console','Liberation Mono','DejaVu Sans Mono','Bitstream Vera Sans Mono','Courier New',monospace,sans-serif;word-wrap:normal;background-color:rgb(238,238,238)"><code style="margin:0px;padding:0px;border:0px;font-family:Consolas,Menlo,Monaco,'Lucida Console','Liberation Mono','DejaVu Sans Mono','Bitstream Vera Sans Mono','Courier New',monospace,sans-serif;white-space:inherit">{
"enabled": true,
"id": "TestRealm",
}
</code></pre><p style="margin:0px 0px 1em;padding:0px;border:0px;font-size:15px;clear:both;font-family:'Helvetica Neue',Helvetica,Arial,sans-serif;line-height:17.7273px">I get a <code style="margin:0px;padding:1px 5px;border:0px;font-size:13px;font-family:Consolas,Menlo,Monaco,'Lucida Console','Liberation Mono','DejaVu Sans Mono','Bitstream Vera Sans Mono','Courier New',monospace,sans-serif;white-space:pre-wrap;background-color:rgb(238,238,238)">401 Unauthorized</code> response, so I think it is necessary to authenticate to the Admin WS. But in the docs I cannot find any information about the type of authentication required and the syntax. Do you know how to authenticate to the Keycloak WSs?</p><p style="margin:0px 0px 1em;padding:0px;border:0px;font-size:15px;clear:both;font-family:'Helvetica Neue',Helvetica,Arial,sans-serif;line-height:17.7273px">Thank you</p></div></div>
<br></div></div>_______________________________________________<br>
keycloak-dev mailing list<br>
<a href="mailto:keycloak-dev@lists.jboss.org" target="_blank">keycloak-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-dev" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a><br></blockquote></div><br></div>
</blockquote></div><br></div>
</div></div></blockquote></div><br></div>