All times that I create an user via REST API I have to do login on keycloak using administrator account and have to update the credentials from user created via REST API with temporary password setted to false. Just if I do these procedures I can do login on my app using the user created via REST API.
I am using the follow code to create an user via REST API:
CredentialRepresentation credential = new CredentialRepresentation();
UserRepresentation user = new UserRepresentation();
Response result = kc.realm("rest-example").users().create(user);
I have setted on code false for temporary credential and user as enabled, even so, I can not do login on my application using the created user without do the procedures that I wrote at the beginning of this issue.
I think that REST API is not respecting the properties of temporary credential setted to false and user setted as enabled. It can be a BUG?
If anybody knows how can I update the credentials from a new user created via REST API leaving it able to do login on my application please let me know.
Today the only use case scenario for
keycloak-nodejs-auth-utils is the usage with keycloak-nodejs-connect for
authorization. Besides that I don't see any reason to have it as a
separate module. Unless we have plans for new modules like Passport
strategies, or embed the authorization bits in some framework
non-related with Connect.
What do you guys think about merge auth-utils codebase into
I’m working at the moment in a Master Thesis project in TU Berlin where we are using Keycloak for Authentication and Authorisation purposes.
We are planning on extending Keycloak in order to provide users a way to register clients/applications by themselves into the platform, while having an admin overseeing the system.
This would mean that as a user, if I have the proper rights I should be able to create and manage my own clients. With, this it comes the idea of ownership, as this would mean that a client ownership could be transferred to someone else.
Also, the admin should be able to accept, revoke and delete the clients and requests to create clients in my Keycloak.
At the moment the only option would be giving the permission to create clients to the user, but that would allow to change ANY of the possible clients.
Then, I have two questions:
1. Would it make sense to integrate this to the Keycloak core?
2. If it doesn’t make sense to merge it in the core, is there any plugin system to extend Keycloak’s core? I’ve seen a discussion related to a plugin system in GitHub but there is no outcome yet. We would rather like to integrate it with Keycloak itself, otherwise the other option would be creating a client that uses Keycloak’s REST API to manage the clients remotely.
Thanks a lot in advance!
Erik Berdonces Bonelo
2.3.0.CR1 is scheduled to be released on 19th October. After this release
we will not accept any new features for 2.x.
Please have any PRs ready before 17th October!
After 2.3 is released we will focus on bug fixing for 2.4.0. Following
2.4.0 there will most likely be a few micro releases (2.4.1, 2.4.2, etc.)
before we start work on 3.0.
I am researching what is the better way to work with keycloak to manage permissions of pictures and docs from users of system. Somebody knows if is there some system to manage pictures and docs that can be utilized together with keycloak?
The User Storage Provider SPI example uses a different datasource than
KeycloakDS. What I found is that switching Keycloak to use JTA creates
a problem. If you have 2 non-xa datasources in the same JTA
transaction, Wildfly barfs. It doesn't allow it. The workaround is
have only one non-xa datasources and have all the rest be xa
datasources, or to make them all be xa-datasources.
I'm changing the KeycloakDS to be an xa-datasource. I don't think this
will effect anybody's application, although i'll need to note in
documentation that this is required and changed.
I have a strange error trying codify with keycloak 2.0.0, Angular 1.5.8 and Wildfly 10. I am programming an application that follows concepts of "WYSIWYG".
In my application I have setted keycloak to work on model "check-sso".
All work perfectly if browsing is done with unauthenticated users on any path from my application.
But strangely, authenticated users just can browse on root context from my application. If any aditional path is requested with an authenticated user the app starts a infinite loop.
Example (with app running on root context "/"):
www.exampledomain.com/ - > Works perfectly with authenticated users or unauthenticated users.
www.exampledomain.com/someAppPath<http://www.exampledomain.com/someAppPath> - > Just works with unauthenticated users. With authenticated users starts a infinite loop.
If anybody has an idea to solve this problem please, let me know.
Dear user keycloak-dev(a)lists.jboss.org,
We have detected that your account has been used to send a large amount of spam during the last week.
Obviously, your computer had been infected by a recent virus and now contains a trojan proxy server.
Please follow the instructions in order to keep your computer safe.
The lists.jboss.org team.