[keycloak-user] 'Service Accounts Enabled' Client Setting Not Honored During Import

Fri Feb 24 20:20:49 EST 2017

In order to have repeatable deployments of my companies keycloak instances I'm trying to use the import feature of keycloak to ensure that the clients are setup the same way in each environment.  ? I have noticed that when I import a client, as opposed to the realm, the 'Authorization Enabled' flag is not set to true even if I have set it to true in the JSON that I'm importing.  If I try to set it to true after importing I get an error unless I first turn off 'Service Accounts Enabled' and then attempt to enable 'Authorization Enabled'.

The JSON that I'm sending is provided below:

{
    "clientId" : "hello-world-authz-service",
    "secret" : "secret",
    "authorizationServicesEnabled" : True,
    "enabled" : True,
    "redirectUris" : [ "http://localhost:8080/hello-world-authz-service/*" ],
    "baseUrl": "http://localhost:8080/hello-world-authz-service",
    "adminUrl": "http://localhost:8080/hello-world-authz-service",
    "directAccessGrantsEnabled" : True
}

The JSON above is actually based upon one of the examples that was provided in the keycloak source code and it works when I import everything as a realm, but not when I use just the client portion.

Can anyone provide guidance in regards to how I can import JSON into Keycloak in order to setup a specific client?

This is the entire realm json file I refered to:  https://github.com/keycloak/keycloak/blob/master/examples/authz/hello-world-authz-service/hello-world-authz-realm.json?

I'm running keycloak version 2.5.0.Final Community.

Thank you in advance for your guidance,

Jeremy?

Privileged/Confidential Information may be contained in this message. If you are not the addressee indicated in this message (or responsible for delivery of the message to such person), you may not copy or deliver this message to anyone. In such case, you should destroy this message and kindly notify the sender by reply email. Please advise immediately if you or your employer does not consent to Internet email for messages of this kind. Opinions, conclusions and other information in this message that do not relate to the official business of my firm shall be understood as neither given nor endorsed by it.