[keycloak-user] Looking for a non Admin Java client

Chris Savory chris.savory at edlogics.com
Tue Oct 4 00:51:39 EDT 2016 

I can use the Admin endpoints, but I would have thought you had to be at least realm-admin to do that.  Are you saying that a user can use the Admin Endpoints/Clent for urls directly related to themselves?  If so, then we can just use that. 

--
Christopher Savory
Software Engineer | EdLogics


From: Stian Thorgersen <sthorger at redhat.com>
Reply-To: "stian at redhat.com" <stian at redhat.com>
Date: Monday, October 3, 2016 at 10:32 PM
To: Chris Savory <chris.savory at edlogics.com>
Cc: "keycloak-user at lists.jboss.org" <keycloak-user at lists.jboss.org>, David Hartfield <david.hartfield at edlogics.com>, Danilo Bonilla <danilo.bonilla at edlogics.com>, Ali Elhajj <ali.elhajj at edlogics.com>
Subject: Re: [keycloak-user] Looking for a non Admin Java client

Are you saying you want to invoke the Keycloak admin endpoints? You are currently using the Keycloak Java Admin Client, but you want to use something else? Why use something else when you already have something?

On 3 October 2016 at 23:21, Chris Savory <chris.savory at edlogics.com> wrote:
We need to make several types of calls to KeyCloak from the server side of our application.  Some are in the context of a logged in user and others are not.  We have the latter case handled right now by using the KeyCloak Admin Client.   But we are unable to locate another Java client for the purposes of making calls to KC for the currently authenticated user.  I have found the AuthZ Client, but that appears to just be for authenticating.

The particular use case I’m researching now is we have an endpoint like /profile-service/users/current, which will return the currently logged in user profile.  Some of that information comes from KC and some comes from the local app database.  Currently we the app configured to make the server-side call as a KC admin while it is orchestrating this data, but I’d prefer for the user to use the same credentials as it did when it came to the server with a BEARER token.  This will help us when it comes to auditing, especially for updates.

Does such a java client exist? Or do I need to use the KeycloakRestTemplate to make those calls to KC?


--
Christopher Savory
Software Engineer | EdLogics



_______________________________________________
keycloak-user mailing list
keycloak-user at lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user

More information about the keycloak-user mailing list