<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<p>You can send PRs to admin docs if you want. admin REST API is
here:</p>
<p><a class="moz-txt-link-freetext" href="https://github.com/keycloak/server_development_guide">https://github.com/keycloak/server_development_guide</a><br>
</p>
<p><br>
</p>
<br>
<div class="moz-cite-prefix">On 8/9/16 9:14 AM, Tom Pearson wrote:<br>
</div>
<blockquote
cite="mid:CALHbiG++vsO2T75wUh8snSyBJ35ifn_N08izN0jCYXwnohOZrQ@mail.gmail.com"
type="cite">
<div dir="ltr">Okay, understood. Would be great if the admin docs
could be updated to reflect the implementation although I
appreciate you probably have more important matter to attend
to. </div>
<div class="gmail_extra"><br>
<div class="gmail_quote">2016-08-09 14:31 GMT+02:00 Bill Burke <span
dir="ltr"><<a moz-do-not-send="true"
href="mailto:bburke@redhat.com" target="_blank">bburke@redhat.com</a>></span>:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000"><span class="">
<p><br>
</p>
<br>
<div>On 8/9/16 5:56 AM, Tom Pearson wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">Hi,
<div><br>
</div>
<div>I'm creating a new user through the admin API.
In order to do this I have to make 3 separate
calls (<a moz-do-not-send="true"
href="http://www.keycloak.org/docs/rest-api/index.html#_create_a_new_user"
target="_blank">createUser</a>, <a
moz-do-not-send="true"
href="http://www.keycloak.org/docs/rest-api/index.html#_set_up_a_temporary_password_for_the_user"
target="_blank">resetPassword</a> <wbr>and <a
moz-do-not-send="true"
href="http://www.keycloak.org/docs/rest-api/index.html#_add_realm_level_role_mappings_to_the_user_2"
target="_blank">addRealmLevelRoles</a>) as the
credentials and realm roles in the <a
moz-do-not-send="true"
href="http://www.keycloak.org/docs/rest-api/index.html#_userrepresentation"
target="_blank">UserRepresentation</a> are
ignored. I then have to make another call to <a
moz-do-not-send="true"
href="http://www.keycloak.org/docs/rest-api/index.html#_get_effective_realm_level_role_mappings_2"
target="_blank">getEffectiveRealmLevelRoles</a><wbr> as
the <a moz-do-not-send="true"
href="http://www.keycloak.org/docs/rest-api/index.html#_get_represenation_of_the_user"
target="_blank">getUser</a> method doesn't
return the roles. If I were to require the client
level roles this would be 6 calls to create and
return the user. </div>
<div><br>
</div>
<div>Is there a reason as to why this is the case? </div>
<div><br>
</div>
</div>
</blockquote>
</span> The reason is simply that the admin API was
written for the admin console. We've never had time to
refactor it. Too many other things on the queue.<br>
<br>
<blockquote type="cite"><span class="">
<div dir="ltr">
<div>As an aside, in the docs the reset password
method is called "Set up a temporary password for
the user" but in my experience the password is
never temporary regardless of the value of the
temporary flag. </div>
<div><br>
</div>
<div>Kind regards,</div>
<div>Tom</div>
</div>
<br>
<fieldset></fieldset>
<br>
</span>
<pre>______________________________<wbr>_________________
keycloak-user mailing list
<a moz-do-not-send="true" href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a>
<a moz-do-not-send="true" href="https://lists.jboss.org/mailman/listinfo/keycloak-user" target="_blank">https://lists.jboss.org/<wbr>mailman/listinfo/keycloak-user</a></pre>
</blockquote>
</div>
______________________________<wbr>_________________
keycloak-user mailing list
<a moz-do-not-send="true" href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a>
<a moz-do-not-send="true" href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/<wbr>mailman/listinfo/keycloak-user</a>
</blockquote></div>
</div>
</blockquote>
</body></html>