<div dir="ltr">One more:<div><br></div><div>* How should we distribute it? I propose we just add <a href="http://kcreg.sh/kcreg.bat">kcreg.sh/kcreg.bat</a> + the JAR to the bin directory of the server</div></div><div class="gmail_extra"><br><div class="gmail_quote">On 22 July 2016 at 09:33, Stian Thorgersen <span dir="ltr"><<a href="mailto:sthorger@redhat.com" target="_blank">sthorger@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">A few questions from me:<div><br></div><div>* Is it possible to view the returned JSON when creating and updating a client? This contains values filled in by the server, including the registration access token.</div><div>* Should we not enable pretty print by default?</div><div>* --cache isn't the most intuitive name, I don't have a better suggestion though</div><div>* Docs should be moved to Gitbook "Securing Clients and Applications guide"</div><div>* When creating clients and later updating them I assume it uses the registration access token from the cache?</div><div>* A nice addition would be the ability to list attributes from ClientRepresentation so it's easy to discover what attributes can be set</div><div>* What about setting/changing complex attributes, how does that look like? Can we add/remove to an array? Add/remove elements to a complex object? Something like JSON patch could be niceĀ <a href="https://tools.ietf.org/html/rfc6902" target="_blank">https://tools.ietf.org/html/rfc6902</a></div></div><div class="HOEnZb"><div class="h5"><div class="gmail_extra"><br><div class="gmail_quote">On 22 July 2016 at 09:26, Stian Thorgersen <span dir="ltr"><<a href="mailto:sthorger@redhat.com" target="_blank">sthorger@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">It should be fairly easy to add support for OTP as well as the direct grant supports that. The user would have to specify to use OTP though.</div><div><div><div class="gmail_extra"><br><div class="gmail_quote">On 21 July 2016 at 19:15, Bruno Oliveira <span dir="ltr"><<a href="mailto:bruno@abstractj.org" target="_blank">bruno@abstractj.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Nice work Marko! I had two (not big deal) questions. First, when you<br>
specify the --cache parameters as you did for SAML, could the cache file be omitted?<br>
<br>
For example: kcreg --cache -r saml-realm ...<br>
<br>
I was thinking that once you specified the realm name, the API will just<br>
look for ~/.keycloak/saml-realm.cache. It's just an idea.<br>
<br>
Second question, is more like something to think if worth to take<br>
into consideration. Most of the examples that I saw, make use of<br>
username/password. But if the admin enables two factor authentication,<br>
she might be unable to use our client-reg CLI, or enforce weaken security only<br>
to make use of the CLI.<br>
<br>
Is OTP support planned for further iterations?<br>
<div><div><br>
<br>
On 2016-07-21, Marko Strukelj wrote:<br>
> And if anyone wants to get their feet wet already:<br>
><br>
> <a href="https://github.com/mstruk/keycloak/tree/cli-reg/integration/client-registration-cli-tool" rel="noreferrer" target="_blank">https://github.com/mstruk/keycloak/tree/cli-reg/integration/client-registration-cli-tool</a><br>
><br>
><br>
> On Thu, Jul 21, 2016 at 4:06 PM, Stian Thorgersen <<a href="mailto:sthorger@redhat.com" target="_blank">sthorger@redhat.com</a>><br>
> wrote:<br>
><br>
> > Great work Marko!<br>
> ><br>
> > As we didn't have time to go through feedback let's use this thread for<br>
> > it. Add your questions and comments here please.<br>
> ><br>
> > _______________________________________________<br>
> > keycloak-dev mailing list<br>
> > <a href="mailto:keycloak-dev@lists.jboss.org" target="_blank">keycloak-dev@lists.jboss.org</a><br>
> > <a href="https://lists.jboss.org/mailman/listinfo/keycloak-dev" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a><br>
> ><br>
<br>
> _______________________________________________<br>
> keycloak-dev mailing list<br>
> <a href="mailto:keycloak-dev@lists.jboss.org" target="_blank">keycloak-dev@lists.jboss.org</a><br>
> <a href="https://lists.jboss.org/mailman/listinfo/keycloak-dev" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a><br>
<br>
<br>
</div></div>--<br>
<br>
abstractj<br>
PGP: 0x84DC9914<br>
</blockquote></div><br></div>
</div></div></blockquote></div><br></div>
</div></div></blockquote></div><br></div>