7:15 a.m.
I like those ideas too. Some have already been talked about but
regarded as "nice to have".
The question is do we want me to spend extra weeks on all those features
or do we want to get started on CLI?
Right now, I have batch import implemented for Users, Clients, and
Identity Providers. It's easy to add the replace, skip, error feature,
so I'll probably spend a couple of extra hours today doing that.
Personally, I think the best approach is to implement the simplest
possible version of the feature and then get feedback to see what
enhancements are really needed. If you want to try out the import
feature, It's here:
https://github.com/ssilvert/keycloak/tree/user-import-export
On 10/21/2015 6:00 AM, Stian Thorgersen wrote:
Those are nice additional options we could have. Simply have a
checkbox to re-generate realm keys and another checkbox to re-generate
client secrets (if a client is using jwt auth then we shouldn't
re-generate the keys for the client as we don't store the private key).
On 21 October 2015 at 10:06, Thomas Raehalme
<thomas.raehalme(a)aitiofinland.com
<mailto:thomas.raehalme@aitiofinland.com>> wrote:
I think all of these sound useful!
May I suggest another useful option when importing realm or
client, which is to re-generate keys and secrets?
Best regards,
Thomas
On Wed, Oct 21, 2015 at 11:00 AM, Stian Thorgersen
<sthorger(a)redhat.com <mailto:sthorger@redhat.com>> wrote:
After your last email with regards to removing the import
button from client create page I had an idea.
How about we do the following:
Import/export single
--------------------------
On realm, client, identity provider and user federation create
pages we add the import button. This will prefill the form and
let the user review before importing. This is how realm and
client works now. We'd also add a link to export a single
entity when displaying it in the admin console (next to the
delete icon).
Batch export
-----------------
When exporting a realm you can select what you want to export.
The option would include realm settings, clients, identity
brokers, user federation, users, credentials. Further there
would be an option if export would be done to a file or a json
download. If export to file is selected you would get the
option to export credentials for users, if json download is
selected that option would be disabled.
Batch import
-----------------
We should have options to import a realm as well as import
into an existing realm. For this we should have an option to
select what happens if resources exists (for example client
with client-id exists, or user with username exists). Options
could be replace, skip, warn, error, etc..
Finally I was also thinking about an option where we'd have a
import directory on the server. Any files in this would be
imported on startup. Once imported we'd add a
"<filename>.imported" or "<filename>.failed".
Same here it
would be nice to be able to somehow specify the strategy if
the resource exists.
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org <mailto:keycloak-dev@lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-dev