<p dir="ltr">Rather than continue adding to the current rest endpoints I'd rather add a v2 of the endpoints so we are more free to refactor and improve the endpoints. The current endpoints was created for admin console so usability wasn't ever a focus.</p>
<div class="gmail_quote">On 18 Mar 2016 09:57, "Marek Posolda" <<a href="mailto:mposolda@redhat.com">mposolda@redhat.com</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<div>Hello,<br>
<br>
JIRA for searching by custom attributes already exists [1].
Hopefully we will add to 2.X, but we can't add to 1.9.X as it's
new feature. <br>
<br>
The custom REST endpoints are planned for Keycloak 2.X for sure.<br>
<br>
[1] <a href="https://issues.jboss.org/browse/KEYCLOAK-1902" target="_blank">https://issues.jboss.org/browse/KEYCLOAK-1902</a><br>
<br>
Marek<br>
<br>
On 17/03/16 12:32, Thomas Darimont wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">Hello Edgar,
<div><br>
</div>
<div>I'd be also interesed in a way to do this.</div>
<div><br>
</div>
<div>Currently keycloak doesn't provide a mechanism to register
additional rest endpoints, however one could probably
introduce a way to do so.</div>
<div>`org.keycloak.services.resources.KeycloakApplication.KeycloakApplication(ServletContext,
Dispatcher) ` seems to be the place where the major JAX-RS
Resources are registered.</div>
<div><br>
</div>
<div>I think this could be extended with an SPI to easily add
custom Resources. This resources could then use DI or manual
Lookups to access the Keycloak infrastructure.</div>
<div><br>
</div>
<div>Cheers,</div>
<div>Thomas</div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">2016-03-17 11:54 GMT+01:00 Edgar Vonk -
Info.nl <span dir="ltr"><<a href="mailto:Edgar@info.nl" target="_blank">Edgar@info.nl</a>></span>:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi,<br>
<br>
Since we use MSAD/LDAP as user store the user’s LDAP_ID in
Keycloak is for us the unique ID of a user and not
Keycloak’s internal user ID.<br>
<br>
However it seems that it is not possible to retrieve users
based on the LDAP_ID attribute using the Keycloak admin API?<br>
<br>
There is:<br>
<br>
GET /admin/realms/{realm}/users/{id}<br>
<br>
but this uses the internal Keycloak user ID which we cannot
use (if only because sometimes we wipe out the Keycloak
database and re-import all users from MSAD/LDAP)<br>
<br>
and:<br>
<br>
GET /admin/realms/{realm}/users<br>
<br>
only allows searching on a very limited number of standard
user attributes<br>
<br>
<br>
How should we go about solving this? Does it make sense to
create a feature request in JIRA to extend the /users API
endpoint to allow searching on arbitrary user attributes for
example? Or is it feasible to add our own endpoint to
Keycloak’s REST API perhaps?<br>
<br>
cheers<br>
<br>
<br>
_______________________________________________<br>
keycloak-user mailing list<br>
<a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a></blockquote>
</div>
<br>
</div>
<br>
<fieldset></fieldset>
<br>
<pre>_______________________________________________
keycloak-user mailing list
<a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a></pre>
</blockquote>
<br>
</div>
<br>_______________________________________________<br>
keycloak-user mailing list<br>
<a href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br></blockquote></div>