[keycloak-user] How to migrate users and roles from in-house storage

Stan Silvert ssilvert at redhat.com
Wed Jul 20 07:17:07 EDT 2016

If I understand, you want to do a mass migration all at once?  You could 
export to json in the format that Keycloak expects, then do an import.

On 7/20/2016 5:52 AM, Paulo Pires wrote:
> Hi all,
> I'm in the process of migrating from an in-house user-role storage to 
> Keycloak and I'm looking for programmatic (Java) ways to migrate all 
> current users to the new storage. And I need your help to figure out 
> the best approach.
> At first, when reading KC documentation, I believed I could easily 
> achieve this by implementing a User Federation provider but after 
> diving a little more into it, and looking for examples, I can't see a 
> way to migrate all users on-demand but simply one user at a time, 
> possible during log-in.
> Next, I tried and look into ways, such as admin-cli, REST, etc but 
> nothing strikes me as the solution to use.
> Here's what I was hoping to deliver:
> * Get all roles and users from my soon-to-be deprecated storage, e.g. 
> MySQL tables
> * Add roles to KC
> * Iterate users and add user to KC + map roles + update password 
> hashes (here I know I need to implement a HashProvider)
> Any hints will be appreciated!
> Pires
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160720/1ff79ac2/attachment.html 

More information about the keycloak-user mailing list