[keycloak-user] REST APIs: Get a list of users by custom attribute value
Marko Strukelj
mstrukel at redhat.com
Wed Feb 15 09:57:22 EST 2017
There is no support for this in Admin REST API.
You could in principle create a custom endpoint where you can implement
such a functionality.
See
https://github.com/keycloak/keycloak/tree/2.5.3.Final/examples/providers/rest
for example.
You'd have to make sure to protect your endpoint so its only accessible to
admin client. See how /users endpoint does this:
https://github.com/keycloak/keycloak/blob/2.5.3.Final/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java#L674
Since actual querying for users is performed based on a storage mechanism -
there are multiple different implementations of UserQueryProvider
(JpaUserProvider, LDAPStorageProvider) you'd have to extends those using
Keycloak SPIs and tweak server configuration so that your implementations
are used.
On Wed, Feb 15, 2017 at 2:09 PM, Ori Doolman <Ori.Doolman at amdocs.com> wrote:
> Hello,
> I configured the users to contain a custom attribute, X.
> Now, I need to query KC for all the users that has attribute X with the
> value Y.
>
> The REST APIs allows to query for a list of users by:
>
> GET /admin/realms/{realm}/users
>
> Which returns a UserRepresentation<http://www.keycloak.org/docs-api/2.5/
> rest-api/index.html#_userrepresentation> array.
>
> However, it only allows to search/filter by a String contained in
> username, first or last name, or email.
>
> Is there any way to select users by their attribute values?
>
>
> Thanks,
> Ori.
>
> This message and the information contained herein is proprietary and
> confidential and subject to the Amdocs policy statement,
>
> you may review at http://www.amdocs.com/email_disclaimer.asp
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
More information about the keycloak-user
mailing list