[keycloak-user] Defining a new user password through REST API

Rodrigo Sasaki rodrigopsasaki at gmail.com
Wed Jul 2 15:24:05 EDT 2014 

I am trying to create a new user via the REST API, and I'm sending this POST

*POST /admin/realms/myrealm/users*

*Headers:*
Authorization: Bearer (generated token, this part is OK)
Content-Type: application/json

*Body:*
{
    "username": "rodrigo.sasaki",
    "enabled": true,
    "totp": false,
    "emailVerified": false,
    "firstName": "Rodrigo",
    "lastName": "Sasaki",
    "email": "rodrigo.sasaki at email.com.br",
    "credentials": [
        {
            "type": "password",
            "value": "myPassword"
        }
    ]
}

The user is created normally, but the password doesn't work, when I try to
login it claims I have invalid credentials.

I noticed there is a *device* attribute in *CredentialRepresentation*,
should I have filled that with some specific value? Could this be the
source of the problem?


On Wed, Jul 2, 2014 at 10:00 AM, Marek Posolda <mposolda at redhat.com> wrote:

>  Hi,
>
> actually you can do it with this endpoint:
> http://docs.jboss.org/keycloak/docs/1.0-beta-3/rest-api/admin/realms/%7Brealm%7D/users/%7Busername%7D/#PUT
> . You need to pass whole user representation of particular user in the
> request body of this PUT request. See admin console (page for updating
> users) for more details.
>
> Marek
>
>
>
> On 1.7.2014 16:27, Rodrigo Sasaki wrote:
>
> How would I remove the update password required action via the REST API?
>
>
> On Tue, Jul 1, 2014 at 5:20 AM, Stian Thorgersen <stian at redhat.com> wrote:
>
>> You can actually already do this if you want, both through endpoints and
>> the admin console. You just need to set a temporary password and afterwards
>> remove the update password required action. As Marek says though it doesn't
>> really make sense to do so.
>>
>> ----- Original Message -----
>> > From: "Marek Posolda" <mposolda at redhat.com>
>> > To: "Rodrigo Sasaki" <rodrigopsasaki at gmail.com>,
>> keycloak-user at lists.jboss.org
>> > Sent: Tuesday, 1 July, 2014 8:07:36 AM
>> > Subject: Re: [keycloak-user] Defining a new user password through REST
>> API
>> >
>> > Hi,
>> >
>> > Is it good practice to define password for users this way? I assume that
>> > usually just user himself should have access to his plain-text password
>> and
>> > be able to login with it?
>> >
>> > If you really need this, there is just endpoint
>> >
>> http://docs.jboss.org/keycloak/docs/1.0-beta-3/rest-api/admin/realms/%7Brealm%7D/users/%7Busername%7D/reset-password/index.html
>> > for reset password, which is also used by admin console, but user needs
>> to
>> > choose new password when login for the first time after reset. So I
>> assume
>> > that this is the possibility you are already aware of.
>> >
>> > But note that after this reset, you know user's temporary password, so
>> you
>> > can login with this temporary password and update password as user
>> himself.
>> > Then user doesn't need to do anything, you just need to say him his
>> > password.
>> >
>> > Another possibility is to create new REST endpoint by yourself, which
>> will
>> > use model API to do exactly what you want. For example see this
>> > https://github.com/keycloak/keycloak/tree/master/testsuite/tools which
>> is
>> > REST application for adding big number of new users. You can maybe use
>> > something similar.
>> >
>> > Marek
>> >
>> >
>> > On 1.7.2014 00:01, Rodrigo Sasaki wrote:
>> >
>> >
>> >
>> > Hello again!
>> >
>> > Is there a way for me to define a password for a user through the REST
>> API
>> > without him having to define a new one on the next login?
>> >
>> > The only method I found to be close to what I want was the one that
>> resets
>> > the password, but I would like to redefine it without the user having
>> > anything to do with it.
>> >
>> > Is it possible?
>> >
>> > --
>> > Rodrigo Sasaki
>> >
>> >
>> > _______________________________________________
>> > keycloak-user mailing list keycloak-user at lists.jboss.org
>> > https://lists.jboss.org/mailman/listinfo/keycloak-user
>> >
>> >
>> > _______________________________________________
>> > keycloak-user mailing list
>> > keycloak-user at lists.jboss.org
>> > https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>
>
>
>  --
> Rodrigo Sasaki
>
>
>


-- 
Rodrigo Sasaki
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20140702/46b886ae/attachment.html

More information about the keycloak-user mailing list