Re: [keycloak-dev] Batch import/export
Those are nice additional options we could have. Simply have a checkbox to
re-generate realm keys and another checkbox to re-generate client secrets
(if a client is using jwt auth then we shouldn't re-generate the keys for
the client as we don't store the private key).
On 21 October 2015 at 10:06, Thomas Raehalme <
thomas.raehalme(a)aitiofinland.com> wrote:
I think all of these sound useful!
May I suggest another useful option when importing realm or client, which
is to re-generate keys and secrets?
Best regards,
Thomas
On Wed, Oct 21, 2015 at 11:00 AM, Stian Thorgersen <sthorger(a)redhat.com>
wrote:
> After your last email with regards to removing the import button from
> client create page I had an idea.
>
> How about we do the following:
>
>
> Import/export single
> --------------------------
> On realm, client, identity provider and user federation create pages we
> add the import button. This will prefill the form and let the user review
> before importing. This is how realm and client works now. We'd also add a
> link to export a single entity when displaying it in the admin console
> (next to the delete icon).
>
> Batch export
> -----------------
> When exporting a realm you can select what you want to export. The option
> would include realm settings, clients, identity brokers, user federation,
> users, credentials. Further there would be an option if export would be
> done to a file or a json download. If export to file is selected you would
> get the option to export credentials for users, if json download is
> selected that option would be disabled.
>
> Batch import
> -----------------
> We should have options to import a realm as well as import into an
> existing realm. For this we should have an option to select what happens if
> resources exists (for example client with client-id exists, or user with
> username exists). Options could be replace, skip, warn, error, etc..
>
>
> Finally I was also thinking about an option where we'd have a import
> directory on the server. Any files in this would be imported on startup.
> Once imported we'd add a "<filename>.imported" or
"<filename>.failed". Same
> here it would be nice to be able to somehow specify the strategy if the
> resource exists.
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
Attachments:
- attachment.html (text/html — 3.4 KB)