[keycloak-user] can not delete user using REST API -401 unauthorized.

Thu Nov 12 10:33:55 EST 2015

urlForDeleteUser must match the same port the access token was issued for.  I’ll just say the token has port 9912 in it. Not sure if your real urlForDeleteUser URL does.

FYI - you tried to obscure your host info but access tokens are not encrypted.

Scott Rossillo
Smartling | Senior Software Engineer
srossillo at smartling.com

 <https://app.sigstr.com/uc/55e5d41c6533390d03580000>
 <http://www.sigstr.com/>
> On Nov 12, 2015, at 9:16 AM, harsh mahey <harshmahey at gmail.com> wrote:
> 
> So this is what i see in my header
> 
> ********
> entity:<{Content-Type=[application/json], Authorization=[Bearer eyJhbGciOiJSUzI1NiJ9.eyJqdGkiOiIzYjk2NTI0ZC0yYzY3LTRlY2YtOWRiYS1kMTNiYWZkZDc3OTIiLCJleHAiOjE0NDczMzgwODQsIm5iZiI6MCwiaWF0IjoxNDQ3MzM3Nzg0LCJpc3MiOiJodHRwOi8vc2Vuc2VucmVzcG9uZC5jb206OTkxMi9hdXRoL3JlYWxtcy9TbnJBcHBzUmVhbG0iLCJhdWQiOiJzbnJhcHBzLXdlYiIsInN1YiI6IjU1ODhmOWViLTg5ZDItNGVmMi04ZTM3LWVkM2RkY2RhMDdhMSIsInR5cCI6IkJlYXJlciIsImF6cCI6InNucmFwcHMtd2ViIiwic2Vzc2lvbl9zdGF0ZSI6ImVmZjFlY2Q0LWZjMTUtNGJjMi05MDgxLWM2YTA5NGMxODFmOCIsImNsaWVudF9zZXNzaW9uIjoiN2ZjZWU5ZDItN2I4Yi00ZmVmLTkzYjEtZjAwNzI3YWNkNzA2IiwiYWxsb3dlZC1vcmlnaW5zIjpbIioiXSwicmVhbG1fYWNjZXNzIjp7InJvbGVzIjpbImFkbWluIiwidXNlciJdfSwicmVzb3VyY2VfYWNjZXNzIjp7InNucmFwcHMtd2ViIjp7InJvbGVzIjpbInVzZXIiXX0sImFjY291bnQiOnsicm9sZXMiOlsidmlldy1wcm9maWxlIiwibWFuYWdlLWFjY291bnQiXX0sInJlYWxtLW1hbmFnZW1lbnQiOnsicm9sZXMiOlsidmlldy1yZWFsbSIsIm1hbmFnZS1jbGllbnRzIiwibWFuYWdlLWV2ZW50cyIsInZpZXctZXZlbnRzIiwidmlldy1pZGVudGl0eS1wcm92aWRlcnMiLCJtYW5hZ2UtaWRlbnRpdHktcHJvdmlkZXJzIiwidmlldy11c2VycyIsInZpZXctY2xpZW50cyIsInJlYWxtLWFkbWluIiwiY3JlYXRlLWNsaWVudCIsImltcGVyc29uYXRpb24iLCJtYW5hZ2UtdXNlcnMiLCJtYW5hZ2UtcmVhbG0iXX19LCJlbWFpbCI6ImhhcnNobWFoZXlAZ21haWwuY29tIiwibmFtZSI6IkNoYXJhbiBTaW5naCIsImZhbWlseV9uYW1lIjoiU2luZ2giLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJzbnJhcHBzLXVzZXIiLCJnaXZlbl9uYW1lIjoiQ2hhcmFuIn0.eyyqyobdaYesLH13zoPSwxd1yj3HE5GsshLXgQIaucJ9uVs7LpoiXedB0NfLf2rMYVHW6Yo0tX9DA2o_tGdlmNnbFnNqh3GDXIIcqQwIrYTGGzTFQo8k-8TzWlg5GXjuc3_b0GRGdbUd_BgbqahcxhHyciXNTzOM9iuzObXwfmKjCTy8FU-QxNntC-yThOidFoUOYxjmUxyfubq13GH0VVm_1obxQcI5_B6WnIubNFBpyjb70SgZZSVjM1-22WDm_TRlqtKomDALqsD6SAep-fV1yAxR9RLXTJzJpMb5a6Zt2PGOiE2G0cBq_KyfEO33v6IsxYTmIke3_2oV939jbA]}>
> 
> 
> *******
> 
> Here is my updated code
> 
> *********
> public boolean deleteUser(String userId) {
> 
> AccessTokenResponse accessTokenResponse = getToken();
> 
> 
> 
> org.springframework.http.HttpEntity<String> entity = new org.springframework.http.HttpEntity<String (getHeaders(accessTokenResponse.getToken()));
> 
> 
> System.out.println("entity:"+entity);
> 
> 
> 
> RestTemplate restTemplate = new RestTemplate();
> 
> String urlForDeleteUser = "http://XXXX.com:XXX/auth/admin/realms/MyAppsRealm/users/" + userId;
> 
> System.out.println(urlForDeleteUser);
> 
> restTemplate.delete(urlForDeleteUser, entity,String.class);
> 
> 
> System.out.println("done");
> 
> 
> 
> return true;
> 
> }
> 
> 
> ********
> 
> On Thu, Nov 12, 2015 at 1:50 AM, Marek Posolda <mposolda at redhat.com <mailto:mposolda at redhat.com>> wrote:
> What's the output of the "System.out.println(httpHeaders);" command?
> 
> Basically you need to include Authorization header with the content like: 
> 
> Authorization: Bearer your-access-token-here
> 
> TBH I am not familiar with spring http client library you're using, so not sure if you're sending headers correctly.
> 
> Marek
> 
> On 12/11/15 01:08, harsh mahey wrote:
>> I am getting 401 unAuthorized when im trying to delete a user.I was able to create the user with this id.And i am able to delete the user using Advanced REST Chrome client using same DELETE URL.
>> 
>> Can you guide what am i doing wrong here.
>> 
>> 
>> Thanks
>> 
>> 
>> *****************ERROR***********************************************************
>> 
>> org.springframework.web.client.HttpClientErrorException: 401 Unauthorized
>> 
>> at org.springframework.web.client.DefaultResponseErrorHandler.handleError(DefaultResponseErrorHandler.java:91)
>> 
>> at org.springframework.web.client.RestTemplate.handleResponse(RestTemplate.java:641)
>> 
>> at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:597)
>> 
>> at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:557)
>> 
>> at org.springframework.web.client.RestTemplate.delete(RestTemplate.java:429)
>> 
>> at com.snrapps.mwp.domain.security.KeyCloakAdminAdapter.deleteUser(KeyCloakAdminAdapter.java:256)
>> 
>> 
>> at com.snrapps.mwp.domain.security.KeyCloakAdminAdapter.main(KeyCloakAdminAdapter.java:55)
>> 
>> *****************CODE**************************************************************
>> 
>> public boolean deleteUser(String userId) {
>> 
>> AccessTokenResponse accessTokenResponse = getToken();
>> 
>> org.springframework.http.HttpEntity<String> entity = new org.springframework.http.HttpEntity<String>(getHeaders(accessTokenResponse.getToken()));
>> 
>> HttpHeaders httpHeaders=entity.getHeaders();
>> 
>> System.out.println(httpHeaders);
>> 
>> RestTemplate restTemplate = new RestTemplate();
>> 
>> String urlForDeleteUser = "http://XXXXX.com:XXXX/auth/admin/realmsMyAppsRealm/users/" + userId;
>> 
>> System.out.println(urlForDeleteUser);
>> 
>> restTemplate.delete(urlForDeleteUser, entity);
>> 
>> 
>> 
>> 
>> 
>> System.out.println("done");
>> 
>> 
>> return true;
>> 
>> }
>> 
>> 
>> 
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org <mailto:keycloak-user at lists.jboss.org>
>> https://lists.jboss.org/mailman/listinfo/keycloak-user <https://lists.jboss.org/mailman/listinfo/keycloak-user>
> 
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20151112/a853a9ba/attachment-0001.html 