[keycloak-user] admin cli - add composite roles to client role
Marko Strukelj
mstrukel at redhat.com
Wed May 17 09:41:37 EDT 2017
You should be able to add client role to another composite client role with
current kcadm:
$ kcadm.sh add-roles --cclientid test-client --rid
fc400897-ef6a-4e8c-872b-1581b7fa8a71 --rolename support
You first need to discover an id of the composite client role.
For example, in this case there is a client with "clientId": 'test-client',
a client role with "name": "support", and another client role - that will
become composite role - with "id": "fc400897-ef6a-4e8c-872b-1581b7fa8a71",
"name":"operations".
I can get id of the client role by doing:
$ kcadm.sh get-roles --cclientid test-client --rolename operations
After adding the role I can list all roles of a composite role by running:
$ kcadm.sh get-roles --rid fc400897-ef6a-4e8c-872b-1581b7fa8a71 --all
On Mon, May 15, 2017 at 5:10 PM, Marko Strukelj <mstrukel at redhat.com> wrote:
> This may be an omission in add-roles command. Can you open a JIRA please,
> and describe steps to reproduce?
>
> On Wed, May 10, 2017 at 2:46 PM, Kevin Hirschmann <khirschmann at huebinet.de
> > wrote:
>
>> Hello,
>>
>>
>>
>> can someone please tell me how to use admin cli to add a client role to
>> another client role - composite? In the docs I could find a way to add
>> client roles to realm roles but this isn’t what I need.
>>
>>
>>
>> call kcadm.bat add-roles -r demo --rname TTest --cclientid myapp
>> --rolename
>> change-color (works if TTest is a realm role)
>>
>>
>>
>> Thanks for your help.
>>
>>
>>
>> Kevin Hirschmann
>>
>>
>>
>> HUEBINET Informationsmanagement GmbH & Co. KG
>>
>>
>>
>>
>>
>> Telefon: +49 (0) 261 / 5 00 86 - 17
>>
>> Telefax: +49 (0) 261 / 5 00 86 - 29
>>
>> E-Mail: <mailto:kevin.hirschmann at huebinet.de>
>> kevin.hirschmann at huebinet.de
>>
>> Internet: <http://www.huebinet.de/> www.huebinet.de
>>
>>
>>
>> HUEBINET Informationsmanagement GmbH & Co. KG
>>
>> An der Königsbach 8
>>
>> 56075 Koblenz
>>
>> Sitz und Registergericht: Koblenz HRA 5329
>>
>> Persönlich haftender Gesellschafter der KG:
>>
>> HUEBINET GmbH;
>>
>> Sitz und Registergericht: Koblenz HRB 6857
>>
>> Geschäftsführung:
>>
>> Dr. Carsten Schöpp; Michael Biemer; Michael Ewertz
>>
>> ------------------------------------------------------------
>> ----------------
>> ------------------------------------------------------------
>> ----------------
>> ----------------
>>
>>
>>
>> Der Nachrichtenaustausch mit HUEBINET Informationsmanagement GmbH & Co.
>> KG,
>> Koblenz via E-Mail dient lediglich zu Informationszwecken.
>> Rechtsgeschäftliche Erklärungen mit verbindlichem Inhalt können über
>> dieses
>> Medium nicht ausgetauscht werden, da die Manipulation von E-Mails durch
>> Dritte nicht ausgeschlossen werden kann.
>>
>>
>>
>> Email communication with HUEBINET Informationsmanagement GmbH & Co. KG is
>> only intended to provide information of a general kind, and shall not be
>> used for any statement with binding contents in respect to legal
>> relations.
>> It is not totally possible to prevent a third party from manipulating
>> emails
>> and email contents.
>>
>>
>>
>>
>>
>>
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>
>
More information about the keycloak-user
mailing list