<div dir="ltr">+1<div><br></div><div>Regarding PRs, while I'm all in for it [1] the truth is that it seems there's no bandwidth to actually review them.</div><div><br></div><div>Cheers,</div><div>Pires</div><div><br></div><div>1 - <a href="https://github.com/keycloak/keycloak/pull/3056">https://github.com/keycloak/keycloak/pull/3056</a><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Aug 9, 2016 at 4:28 PM, Thomas Darimont <span dir="ltr"><<a href="mailto:thomas.darimont@googlemail.com" target="_blank">thomas.darimont@googlemail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hello Tom,<div><br></div><div>I was also bitten by this a bit... I created [0] and already issued a PR [1] that allows </div><div>creating a user with initial realm / client roles with a single request.</div><div><br></div><div>Cheers,</div><div>Thomas</div><div><br></div><div>[0] <a href="https://issues.jboss.org/browse/KEYCLOAK-3410" target="_blank">https://issues.jboss.org/<wbr>browse/KEYCLOAK-3410</a> </div><div>[1] <a href="https://github.com/keycloak/keycloak/pull/3120" target="_blank">https://github.com/keycloak/<wbr>keycloak/pull/3120</a></div></div><div class="HOEnZb"><div class="h5"><div class="gmail_extra"><br><div class="gmail_quote">2016-08-09 15:20 GMT+02:00 Tom Pearson <span dir="ltr"><<a href="mailto:tpearson@bkool.com" target="_blank">tpearson@bkool.com</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Ok cheers, will do when I get a sec</div><div><div><div class="gmail_extra"><br><div class="gmail_quote">2016-08-09 15:16 GMT+02:00 Bill Burke <span dir="ltr"><<a href="mailto:bburke@redhat.com" target="_blank">bburke@redhat.com</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<p>You can send PRs to admin docs if you want. admin REST API is
here:</p>
<p><a href="https://github.com/keycloak/server_development_guide" target="_blank">https://github.com/keycloak/se<wbr>rver_development_guide</a><br>
</p><div><div>
<p><br>
</p>
<br>
<div>On 8/9/16 9:14 AM, Tom Pearson wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">Okay, understood. Would be great if the admin docs
could be updated to reflect the implementation although I
appreciate you probably have more important matter to attend
to. </div>
<div class="gmail_extra"><br>
<div class="gmail_quote">2016-08-09 14:31 GMT+02:00 Bill Burke <span dir="ltr"><<a href="mailto:bburke@redhat.com" target="_blank">bburke@redhat.com</a>></span>:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000"><span>
<p><br>
</p>
<br>
<div>On 8/9/16 5:56 AM, Tom Pearson wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">Hi,
<div><br>
</div>
<div>I'm creating a new user through the admin API.
In order to do this I have to make 3 separate
calls (<a href="http://www.keycloak.org/docs/rest-api/index.html#_create_a_new_user" target="_blank">createUser</a>, <a href="http://www.keycloak.org/docs/rest-api/index.html#_set_up_a_temporary_password_for_the_user" target="_blank">resetPassword</a> and<wbr> <a href="http://www.keycloak.org/docs/rest-api/index.html#_add_realm_level_role_mappings_to_the_user_2" target="_blank">addRealmLevelRoles</a>) as the
credentials and realm roles in the <a href="http://www.keycloak.org/docs/rest-api/index.html#_userrepresentation" target="_blank">UserRepresentation</a> are
ignored. I then have to make another call to <a href="http://www.keycloak.org/docs/rest-api/index.html#_get_effective_realm_level_role_mappings_2" target="_blank">getEffectiveRealmLevelRoles</a><wbr> as
the <a href="http://www.keycloak.org/docs/rest-api/index.html#_get_represenation_of_the_user" target="_blank">getUser</a> method doesn't
return the roles. If I were to require the client
level roles this would be 6 calls to create and
return the user. </div>
<div><br>
</div>
<div>Is there a reason as to why this is the case? </div>
<div><br>
</div>
</div>
</blockquote>
</span> The reason is simply that the admin API was
written for the admin console. We've never had time to
refactor it. Too many other things on the queue.<br>
<br>
<blockquote type="cite"><span>
<div dir="ltr">
<div>As an aside, in the docs the reset password
method is called "Set up a temporary password for
the user" but in my experience the password is
never temporary regardless of the value of the
temporary flag. </div>
<div><br>
</div>
<div>Kind regards,</div>
<div>Tom</div>
</div>
<br>
<fieldset></fieldset>
<br>
</span>
<pre>______________________________<wbr>_________________
keycloak-user mailing list
<a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" target="_blank">https://lists.jboss.org/mailma<wbr>n/listinfo/keycloak-user</a></pre>
</blockquote>
</div>
______________________________<wbr>_________________
keycloak-user mailing list
<a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailma<wbr>n/listinfo/keycloak-user</a>
</blockquote></div>
</div>
</blockquote>
</div></div></div></blockquote></div><br></div>
</div></div><br>______________________________<wbr>_________________<br>
keycloak-user mailing list<br>
<a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailma<wbr>n/listinfo/keycloak-user</a><br></blockquote></div><br></div>
</div></div><br>______________________________<wbr>_________________<br>
keycloak-user mailing list<br>
<a href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/<wbr>mailman/listinfo/keycloak-user</a><br></blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div class="gmail_signature" data-smartmail="gmail_signature"><p style="font-size:13px;color:rgb(80,0,80);font-family:'Times New Roman',serif;margin:0in 0in 0.0001pt"><b style="line-height:11.25pt;background-color:transparent"><span style="font-family:Helvetica,sans-serif;color:rgb(61,55,50)">Paulo Pires</span></b></p><p style="font-size:13px;font-family:'Times New Roman',serif;color:rgb(80,0,80);margin:0in 0in 0.0001pt;line-height:12pt"><span style="font-family:Helvetica,sans-serif;color:rgb(61,55,50)">senior infrastructure engineer | </span><a href="http://www.google.com/url?q=http%3A%2F%2Flittlebits.cc%2F&sa=D&sntz=1&usg=AFrqEzdmD1TfneYzn_vRGBO0a4wHpG-Ivg" style="color:rgb(120,43,144);font-family:Helvetica" target="_blank">littleBits</a></p><p style="font-size:12.8px;margin:0in 0in 0.0001pt;line-height:12pt"><font face="arial, helvetica, sans-serif" size="1"><b><font color="#212121">T</font></b> (917) 464-4577</font><font face="arial, helvetica, sans-serif" size="1"><br></font><a href="https://youtu.be/fMg5QPQQOOI" style="font-family:Helvetica,sans-serif;font-size:x-small" target="_blank">unleash your inner inventor.</a></p></div></div></div>
</div>