Re: [keycloak-dev] Changing password of admin user
On 6 September 2016 at 10:06, Thomas Darimont <
thomas.darimont(a)googlemail.com> wrote:
Hello group,
keycloak ships with the add-user-keycloak.sh script to create an initial
realm admin user
with the provided username / password combination.
We're currently running this script every time when our keycloak docker
container
starts which triggers a Unique Constraint Violation if the admin user has
already been created
- which is what I would expect.
07:52:39,103 ERROR [org.keycloak.services] (ServerService Thread Pool --
56) KC-SERVICES0010: Failed to add user 'admin' to realm 'master': user
with username exists
-> Perhaphs an option like "create if not exists" would be nice.
You can obviously just ignore that error message, but adding an option to
suppress doesn't hurt
Since we need to periodically change the password of that admin user
I
wonder how this should be
done. Since the add-user-keycloak.sh doesn't seem to provide a way to
change a password the only way seems to be changing the admin password in
the realm admin-console.
It wasn't intended as a tool to reset the password. It's purely a tool to
add an initial admin user.
However it is easy to get locked out of Keycloak if one changes the
password via the realm admin-console e.g. due to a typo...
Add a new user. You could also do other mistakes like removing roles from
the admin user. That's why adding a new user is a recovery option that
always works.
Cheers,
Thomas
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev
Attachments:
- attachment.html (text/html — 2.8 KB)