<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">Hi Rodrigo,<br>
<br>
it's not supported to setup password of user through this
endpoint. It just supports setup stuff like firstName, lastName,
email, requiredActions etc. To setup password of user, you may
need to:<br>
<br>
- Use the endpoint to setup temporary password of user (It will
automatically add requiredAction for UPDATE_PASSWORD <br>
- Then use the endpoint for update user and send the empty array
of requiredActions in it. This will ensure that UPDATE_PASSWORD
required action will be deleted and user won't need to update
password again.<br>
<br>
<br>
btv. The easy approach to figure out the endpoints and how they
work might be to use admin console and do some actions in UI
(reset password of user, then remove requiredAction etc) and then
check (for example with some tool like FireBug for Firefox) what
are the underlying REST endpoint requests sent from admin console
UI.<br>
<br>
Marek<br>
<br>
On 2.7.2014 21:24, Rodrigo Sasaki wrote:<br>
</div>
<blockquote
cite="mid:CANLOgwBaK_1TGku9WGHKCR0C1V5ptKWjSaJR5w1HxvC9vO6Prg@mail.gmail.com"
type="cite">
<div dir="ltr">I am trying to create a new user via the REST API,
and I'm sending this POST
<div><br>
</div>
<div><b>POST /admin/realms/myrealm/users</b></div>
<div><br>
</div>
<div><b>Headers:</b></div>
<div>Authorization: Bearer (generated token, this part is OK)</div>
<div>Content-Type: application/json</div>
<div><br>
</div>
<div><b>Body:</b></div>
<div>
<div><font face="courier new, monospace">{</font></div>
<div><font face="courier new, monospace"> "username":
"rodrigo.sasaki",</font></div>
<div><font face="courier new, monospace"> "enabled": true,</font></div>
<div><font face="courier new, monospace"> "totp": false,</font></div>
<div><font face="courier new, monospace"> "emailVerified":
false,</font></div>
<div><font face="courier new, monospace"> "firstName":
"Rodrigo",</font></div>
<div><font face="courier new, monospace"> "lastName":
"Sasaki",</font></div>
<div><font face="courier new, monospace"> "email": "<a
moz-do-not-send="true"
href="mailto:rodrigo.sasaki@email.com.br">rodrigo.sasaki@email.com.br</a>",</font></div>
<div><font face="courier new, monospace"> "credentials": [</font></div>
<div><font face="courier new, monospace"> {</font></div>
<div><font face="courier new, monospace"> "type":
"password",</font></div>
<div><font face="courier new, monospace"> "value":
"myPassword"</font></div>
<div><font face="courier new, monospace"> }</font></div>
<div><font face="courier new, monospace"> ]</font></div>
<div><font face="courier new, monospace">}</font></div>
</div>
<div><font face="courier new, monospace"><br>
</font></div>
<div>The user is created normally, but the password doesn't
work, when I try to login it claims I have invalid
credentials.<font face="courier new, monospace"><br>
</font></div>
<div><br>
</div>
<div>I noticed there is a <b>device</b> attribute in <i>CredentialRepresentation</i>,
should I have filled that with some specific value? Could this
be the source of the problem?</div>
</div>
<div class="gmail_extra">
<br>
<br>
<div class="gmail_quote">On Wed, Jul 2, 2014 at 10:00 AM, Marek
Posolda <span dir="ltr"><<a moz-do-not-send="true"
href="mailto:mposolda@redhat.com" target="_blank">mposolda@redhat.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<div>Hi,<br>
<br>
actually you can do it with this endpoint: <a
moz-do-not-send="true"
href="http://docs.jboss.org/keycloak/docs/1.0-beta-3/rest-api/admin/realms/%7Brealm%7D/users/%7Busername%7D/#PUT"
target="_blank">http://docs.jboss.org/keycloak/docs/1.0-beta-3/rest-api/admin/realms/%7Brealm%7D/users/%7Busername%7D/#PUT</a>
. You need to pass whole user representation of
particular user in the request body of this PUT request.
See admin console (page for updating users) for more
details.<span class="HOEnZb"><font color="#888888"><br>
<br>
Marek</font></span>
<div>
<div class="h5"><br>
<br>
<br>
On 1.7.2014 16:27, Rodrigo Sasaki wrote:<br>
</div>
</div>
</div>
<div>
<div class="h5">
<blockquote type="cite">
<div dir="ltr">How would I remove the update
password required action via the REST API?</div>
<div class="gmail_extra"><br>
<br>
<div class="gmail_quote">On Tue, Jul 1, 2014 at
5:20 AM, Stian Thorgersen <span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:stian@redhat.com"
target="_blank">stian@redhat.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0
0 0 .8ex;border-left:1px #ccc
solid;padding-left:1ex">You can actually
already do this if you want, both through
endpoints and the admin console. You just need
to set a temporary password and afterwards
remove the update password required action. As
Marek says though it doesn't really make sense
to do so.<br>
<div>
<div><br>
----- Original Message -----<br>
> From: "Marek Posolda" <<a
moz-do-not-send="true"
href="mailto:mposolda@redhat.com"
target="_blank">mposolda@redhat.com</a>><br>
> To: "Rodrigo Sasaki" <<a
moz-do-not-send="true"
href="mailto:rodrigopsasaki@gmail.com"
target="_blank">rodrigopsasaki@gmail.com</a>>,
<a moz-do-not-send="true"
href="mailto:keycloak-user@lists.jboss.org"
target="_blank">keycloak-user@lists.jboss.org</a><br>
> Sent: Tuesday, 1 July, 2014 8:07:36
AM<br>
> Subject: Re: [keycloak-user] Defining
a new user password through REST API<br>
><br>
> Hi,<br>
><br>
> Is it good practice to define
password for users this way? I assume that<br>
> usually just user himself should have
access to his plain-text password and<br>
> be able to login with it?<br>
><br>
> If you really need this, there is
just endpoint<br>
> <a moz-do-not-send="true"
href="http://docs.jboss.org/keycloak/docs/1.0-beta-3/rest-api/admin/realms/%7Brealm%7D/users/%7Busername%7D/reset-password/index.html"
target="_blank">http://docs.jboss.org/keycloak/docs/1.0-beta-3/rest-api/admin/realms/%7Brealm%7D/users/%7Busername%7D/reset-password/index.html</a><br>
> for reset password, which is also
used by admin console, but user needs to<br>
> choose new password when login for
the first time after reset. So I assume<br>
> that this is the possibility you are
already aware of.<br>
><br>
> But note that after this reset, you
know user's temporary password, so you<br>
> can login with this temporary
password and update password as user
himself.<br>
> Then user doesn't need to do
anything, you just need to say him his<br>
> password.<br>
><br>
> Another possibility is to create new
REST endpoint by yourself, which will<br>
> use model API to do exactly what you
want. For example see this<br>
> <a moz-do-not-send="true"
href="https://github.com/keycloak/keycloak/tree/master/testsuite/tools"
target="_blank">https://github.com/keycloak/keycloak/tree/master/testsuite/tools</a>
which is<br>
> REST application for adding big
number of new users. You can maybe use<br>
> something similar.<br>
><br>
> Marek<br>
><br>
><br>
> On 1.7.2014 00:01, Rodrigo Sasaki
wrote:<br>
><br>
><br>
><br>
> Hello again!<br>
><br>
> Is there a way for me to define a
password for a user through the REST API<br>
> without him having to define a new
one on the next login?<br>
><br>
> The only method I found to be close
to what I want was the one that resets<br>
> the password, but I would like to
redefine it without the user having<br>
> anything to do with it.<br>
><br>
> Is it possible?<br>
><br>
> --<br>
> Rodrigo Sasaki<br>
><br>
><br>
>
_______________________________________________<br>
> keycloak-user mailing list <a
moz-do-not-send="true"
href="mailto:keycloak-user@lists.jboss.org"
target="_blank">keycloak-user@lists.jboss.org</a><br>
> <a moz-do-not-send="true"
href="https://lists.jboss.org/mailman/listinfo/keycloak-user"
target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br>
><br>
><br>
>
_______________________________________________<br>
> keycloak-user mailing list<br>
> <a moz-do-not-send="true"
href="mailto:keycloak-user@lists.jboss.org"
target="_blank">keycloak-user@lists.jboss.org</a><br>
> <a moz-do-not-send="true"
href="https://lists.jboss.org/mailman/listinfo/keycloak-user"
target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br>
</div>
</div>
</blockquote>
</div>
<br>
<br clear="all">
<div><br>
</div>
-- <br>
<div dir="ltr"><font face="Times New Roman">Rodrigo
Sasaki</font></div>
</div>
</blockquote>
<br>
</div>
</div>
</div>
</blockquote>
</div>
<br>
<br clear="all">
<div><br>
</div>
-- <br>
<div dir="ltr"><font face="Times New Roman">Rodrigo Sasaki</font></div>
</div>
</blockquote>
<br>
</body>
</html>