[keycloak-user] HTTP 403 Forbidden on Keycloak.getInstance
Alexander Chriztopher
alexander.chriztopher at gmail.com
Tue Dec 30 12:30:04 EST 2014
ok, i had to go to : User1 | ROLE MAPPING | APPLICATION ROLES | select the
application : realm-management | add the role : realm-admin to my user and
now it is working !
Questions :
# 1 / Why is the application : realm-management involved in this ? In the
example am using the application : examples-admin-client which is
completely different !
# 2 / When someone needs to administer a realm via the admin client which
client id do you recommend using ? do we have to create a new client id (i
mean application) or should we use some application created by default
within the realm such as : realm-management on or : security-admin-console ?
On Tue, Dec 30, 2014 at 6:08 PM, Alexander Chriztopher <
alexander.chriztopher at gmail.com> wrote:
> Yes that option was activated for the realm !!
>
> On Tue, Dec 30, 2014 at 1:31 PM, Stian Thorgersen <stian at redhat.com>
> wrote:
>
>> Did you enable 'Direct Grant API' for your realm? If not open the admin
>> console click on the realm -> settings -> login and toggle 'Direct Grant
>> API' to ON
>>
>> ----- Original Message -----
>> > From: "Alexander Chriztopher" <alexander.chriztopher at gmail.com>
>> > To: keycloak-user at lists.jboss.org
>> > Sent: Friday, 19 December, 2014 4:06:56 PM
>> > Subject: [keycloak-user] HTTP 403 Forbidden on Keycloak.getInstance
>> >
>> > Hi,
>> >
>> > I have a realm with an application called : examples-admin-client and
>> would
>> > like to use it to manage my realm but i get an error :
>> > javax.ws.rs.ClientErrorException: HTTP 403 Forbidden every time i make
>> the
>> > following call :
>> >
>> > Keycloak keycloak = Keycloak.getInstance(authServer, "realm-name",
>> "User1",
>> > "password", "examples-admin-client",
>> > "a5890cdf-e1df-40c0-9d50-26ad2f7badde");
>> >
>> > When i try to do the same thing with the example realm (i use the json
>> > example-realm.json provided by the keycloak project) this works nicely
>> > actually !
>> >
>> > Btw, i can successfully login with the user : User1 with that password.
>> >
>> > This is the json for my realm :
>> >
>> > {
>> > "realm": "realm-name",
>> > "realm-public-key":
>> >
>> "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCxwUIE6W3BZYlSxDPpwkknb2ObnrEsGMUJGy3HfNEfkfu9rcY5bxkllLsW32KlR78++xtuI11IE2nuh6nJmUsIKMb55Ez9n7/E9kPmSF6lxavZlQY0HfBnR3ZWgzsoUUz4n7pOhmqHIAGXeuxnMDQ5/upwcolFIZRor1v7oT/H8QIDAQAB",
>> > "auth-server-url": " http://localhost:8080/auth ",
>> > "ssl-required": "none",
>> > "resource": "examples-admin-client",
>> > "credentials": {
>> > "secret": "a5890cdf-e1df-40c0-9d50-26ad2f7badde"
>> > }
>> > }
>> >
>> > Thanks for any help on this one !
>> >
>> > _______________________________________________
>> > keycloak-user mailing list
>> > keycloak-user at lists.jboss.org
>> > https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20141230/f7e80070/attachment.html
More information about the keycloak-user
mailing list