<div dir="ltr">Ah fantastic, thanks Thomas!</div><div class="gmail_extra"><br><div class="gmail_quote">2016-08-09 17:28 GMT+02:00 Thomas Darimont <span dir="ltr"><<a href="mailto:thomas.darimont@googlemail.com" target="_blank">thomas.darimont@googlemail.com</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hello Tom,<div><br></div><div>I was also bitten by this a bit... I created [0] and already issued a PR [1] that allows </div><div>creating a user with initial realm / client roles with a single request.</div><div><br></div><div>Cheers,</div><div>Thomas</div><div><br></div><div>[0] <a href="https://issues.jboss.org/browse/KEYCLOAK-3410" target="_blank">https://issues.jboss.org/<wbr>browse/KEYCLOAK-3410</a> </div><div>[1] <a href="https://github.com/keycloak/keycloak/pull/3120" target="_blank">https://github.com/keycloak/<wbr>keycloak/pull/3120</a></div></div><div class="HOEnZb"><div class="h5"><div class="gmail_extra"><br><div class="gmail_quote">2016-08-09 15:20 GMT+02:00 Tom Pearson <span dir="ltr"><<a href="mailto:tpearson@bkool.com" target="_blank">tpearson@bkool.com</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Ok cheers, will do when I get a sec</div><div><div><div class="gmail_extra"><br><div class="gmail_quote">2016-08-09 15:16 GMT+02:00 Bill Burke <span dir="ltr"><<a href="mailto:bburke@redhat.com" target="_blank">bburke@redhat.com</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<p>You can send PRs to admin docs if you want. admin REST API is
here:</p>
<p><a href="https://github.com/keycloak/server_development_guide" target="_blank">https://github.com/keycloak/se<wbr>rver_development_guide</a><br>
</p><div><div>
<p><br>
</p>
<br>
<div>On 8/9/16 9:14 AM, Tom Pearson wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">Okay, understood. Would be great if the admin docs
could be updated to reflect the implementation although I
appreciate you probably have more important matter to attend
to. </div>
<div class="gmail_extra"><br>
<div class="gmail_quote">2016-08-09 14:31 GMT+02:00 Bill Burke <span dir="ltr"><<a href="mailto:bburke@redhat.com" target="_blank">bburke@redhat.com</a>></span>:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000"><span>
<p><br>
</p>
<br>
<div>On 8/9/16 5:56 AM, Tom Pearson wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">Hi,
<div><br>
</div>
<div>I'm creating a new user through the admin API.
In order to do this I have to make 3 separate
calls (<a href="http://www.keycloak.org/docs/rest-api/index.html#_create_a_new_user" target="_blank">createUser</a>, <a href="http://www.keycloak.org/docs/rest-api/index.html#_set_up_a_temporary_password_for_the_user" target="_blank">resetPassword</a> and<wbr> <a href="http://www.keycloak.org/docs/rest-api/index.html#_add_realm_level_role_mappings_to_the_user_2" target="_blank">addRealmLevelRoles</a>) as the
credentials and realm roles in the <a href="http://www.keycloak.org/docs/rest-api/index.html#_userrepresentation" target="_blank">UserRepresentation</a> are
ignored. I then have to make another call to <a href="http://www.keycloak.org/docs/rest-api/index.html#_get_effective_realm_level_role_mappings_2" target="_blank">getEffectiveRealmLevelRoles</a><wbr> as
the <a href="http://www.keycloak.org/docs/rest-api/index.html#_get_represenation_of_the_user" target="_blank">getUser</a> method doesn't
return the roles. If I were to require the client
level roles this would be 6 calls to create and
return the user. </div>
<div><br>
</div>
<div>Is there a reason as to why this is the case? </div>
<div><br>
</div>
</div>
</blockquote>
</span> The reason is simply that the admin API was
written for the admin console. We've never had time to
refactor it. Too many other things on the queue.<br>
<br>
<blockquote type="cite"><span>
<div dir="ltr">
<div>As an aside, in the docs the reset password
method is called "Set up a temporary password for
the user" but in my experience the password is
never temporary regardless of the value of the
temporary flag. </div>
<div><br>
</div>
<div>Kind regards,</div>
<div>Tom</div>
</div>
<br>
<fieldset></fieldset>
<br>
</span>
<pre>______________________________<wbr>_________________
keycloak-user mailing list
<a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" target="_blank">https://lists.jboss.org/mailma<wbr>n/listinfo/keycloak-user</a></pre>
</blockquote>
</div>
______________________________<wbr>_________________
keycloak-user mailing list
<a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailma<wbr>n/listinfo/keycloak-user</a>
</blockquote></div>
</div>
</blockquote>
</div></div></div></blockquote></div><br></div>
</div></div><br>______________________________<wbr>_________________<br>
keycloak-user mailing list<br>
<a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailma<wbr>n/listinfo/keycloak-user</a><br></blockquote></div><br></div>
</div></div></blockquote></div><br></div>