<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=UTF-8">
<META NAME="GENERATOR" CONTENT="GtkHTML/4.6.6">
</HEAD>
<BODY>
Hi Bill,<BR>
<BR>
The adminClient.createUser is my modification of the code situated in the AdminClient implementation of the "admin-access-app" in the examples.<BR>
<BR>
Could you point me in the direction of the API calls to do the addition of the roles? I had a feeling it might be a subsequent step (like for setting the password, which I actually implemented), but I'm struggling to find any pointers as to how to do this particular one.<BR>
<BR>
<BR>
On Mon, 2015-08-03 at 08:36 -0400, Bill Burke wrote:
<BLOCKQUOTE TYPE=CITE>
<PRE>
Is adminClient.createUser(...) your own method? There is a different
REST API for adding roles.
create the user
then add the roles
On 8/3/2015 8:23 AM, Edem Morny wrote:
<FONT COLOR="#737373">> Hi,</FONT>
<FONT COLOR="#737373">></FONT>
<FONT COLOR="#737373">> We're currently using Keycloak 1.2.0.Final.</FONT>
<FONT COLOR="#737373">></FONT>
<FONT COLOR="#737373">> We are migrating users from an existing application with it's own user</FONT>
<FONT COLOR="#737373">> management implementation to Keycloak, and have been making extensive</FONT>
<FONT COLOR="#737373">> use of the Via the REST api to achieve this. I'm able to create a new</FONT>
<FONT COLOR="#737373">> user, set their temporary password and so on. However, I'm finding that</FONT>
<FONT COLOR="#737373">> all our attempts to add the roles to the created user seem not to be</FONT>
<FONT COLOR="#737373">> taking effect when we observe the newly created user on the keycloak</FONT>
<FONT COLOR="#737373">> side. Here's the code we are trying to use to do this</FONT>
<FONT COLOR="#737373">></FONT>
<FONT COLOR="#737373">> UserRepresentation user = new UserRepresentation();</FONT>
<FONT COLOR="#737373">> user.setUsername(username);</FONT>
<FONT COLOR="#737373">> user.setFirstName(employee.getFirstName());</FONT>
<FONT COLOR="#737373">> user.setLastName(employee.getLastName());</FONT>
<FONT COLOR="#737373">> user.setEmail(employee.getEmail());</FONT>
<FONT COLOR="#737373">> user.setEnabled(true);</FONT>
<FONT COLOR="#737373">> user.setEmailVerified(false);</FONT>
<FONT COLOR="#737373">> List<String> requiredActions = new ArrayList<>();</FONT>
<FONT COLOR="#737373">> requiredActions.add(UserModel.RequiredAction.UPDATE_PASSWORD.name());</FONT>
<FONT COLOR="#737373">> *List<String> userRoles = getMigrateRoles(employee);*</FONT>
<FONT COLOR="#737373">> * user.setRealmRoles(userRoles);*</FONT>
<FONT COLOR="#737373">> user.setRequiredActions(requiredActions);</FONT>
<FONT COLOR="#737373">> adminClient.createUser(settings.getKeycloackUrl(), settings.getRealm(), access, user);</FONT>
<FONT COLOR="#737373">></FONT>
<FONT COLOR="#737373">> It seams setting the list of roles to the Realm Roles isn't enough to</FONT>
<FONT COLOR="#737373">> the user with these roles. The user gets created alright, but doesn't</FONT>
<FONT COLOR="#737373">> come with any roles. Is there any other means by which we can specify</FONT>
<FONT COLOR="#737373">> the user roles during the process of account creation?</FONT>
<FONT COLOR="#737373">></FONT>
<FONT COLOR="#737373">> The migration will be very tedious if we ask the administrators to</FONT>
<FONT COLOR="#737373">> manually do the assignment of the user to their roles after our current</FONT>
<FONT COLOR="#737373">> implementation of being able to automatically migrate the user accounts</FONT>
<FONT COLOR="#737373">> themselves to keycloak.</FONT>
<FONT COLOR="#737373">></FONT>
<FONT COLOR="#737373">></FONT>
<FONT COLOR="#737373">> _______________________________________________</FONT>
<FONT COLOR="#737373">> keycloak-user mailing list</FONT>
<FONT COLOR="#737373">> <A HREF="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</A></FONT>
<FONT COLOR="#737373">> <A HREF="https://lists.jboss.org/mailman/listinfo/keycloak-user">https://lists.jboss.org/mailman/listinfo/keycloak-user</A></FONT>
<FONT COLOR="#737373">></FONT>
</PRE>
</BLOCKQUOTE>
</BODY>
</HTML>