[keycloak-user] role-mappings.
Vaclav Havlik
Johny.Dee at seznam.cz
Fri Mar 1 06:47:34 EST 2019
Sorry, my fault.
The JSON must be
[
{
"id : "<ID of the role view-realm>",
"name" : "view-realm"
}
]
V.
---------- Původní e-mail ----------
Od: Vaclav Havlik <Johny.Dee at seznam.cz>
Komu: Martin Kanis <mkanis at redhat.com>
Datum: 27. 2. 2019 15:06:32
Předmět: Re: [keycloak-user] role-mappings.
"Thank you. It helped to put clientID instead of clientName . So this helped
for HTTP GET.
But when I do HTTP POST to assign roles to a user on the client realm-
management (id = 6c168708-18bd-4453-8b1e-8dc36223d5bd), then
I get HTTP 404.
I am attaching Wireshark communication with first GET (200) and then POST
(404).
Could you pls tell me again? Venca.
---------- Původní e-mail ----------
Od: Martin Kanis <mkanis at redhat.com>
Komu: Vaclav Havlik <Johny.Dee at seznam.cz>
Datum: 26. 2. 2019 15:31:45
Předmět: Re: [keycloak-user] role-mappings.
"Hi,
first of all the last part of your path should be client's id not name.
This might be sometimes confusing. Here is the example of valid path:
http://localhost:8080/auth/admin/realms/master/users/be1b9781-336a-4e60-9694
-c5be74eac7b3/role-mappings/clients/c9cb881f-4e21-4e4b-8de1-f39897088b61
"
Second you have to provide a valid authorization to your request. For
example using a bearer token.
curl -X GET -H "Content-Type:application/json" -H "Authorization: Bearer
<here_provide_valid_access_token>" "correct/path/from/above".
To obtain an access token using the grant_type password (there are other
alternatives as well) you can use:
curl -X POST --data
"grant_type=password&client_id=admin-cli&username=admin&password=admin" -H
"Content-Type: application/x-www-form-urlencoded" "
http://localhost:8080/auth/realms/master/protocol/openid-connect/token"
Hope this helps,
Martin
On Tue, Feb 26, 2019 at 11:15 AM Vaclav Havlik <Johny.Dee at seznam.cz> wrote:
> Hello,
> can I ask you again?
>
> I would like do assign some specific roles (view-realm, manage-users) on
> the
> client realm-management to a user .
>
> Via REST API, I cannot, however, even display the role-mappings by doing
> HTTP GET on
> /auth/admin/realms/xxx/users/4c0f445a-53e9-45c2-a9c9-a8ac69bb5b48/role-
> mappings/clients/realm-management
>
> (Gives HTTP 404, xxx is my realm).
>
> But, if I take my own client, whose name is web_app, then the request
> /auth/admin/realms/xxx/users/4c0f445a-53e9-45c2-a9c9-a8ac69bb5b48/role-
> mappings/clients/web_app
>
> works (HTTP 200), giving empty array.
>
> When doing this, I follow instructions on
> https://www.keycloak.org/docs-api/4.0/rest-api/index.html#_client_role_
> mappings_resource
>
> Can you tell me, what the problem is?
> Thank you, Venca.
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
_______________________________________________
keycloak-user mailing list
keycloak-user at lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
""
More information about the keycloak-user
mailing list