How to add Admin User
by Andrej Prievalsky
Hi,
I would like to summary information about How to add Admin User - chapter
3.2.1.
My questions are:
1.) From which version (including) is new concept, that there is no built
in user?
2a.) What is exact command via add-user script (add-user.sh) for create
admin user ?
2b.) Same question like in 2a, but in keycloak-overlay (add-user-keycloak.sh
)?
Thanks and Best Regards,
Andrej.
8 years, 8 months
Keycloak with rest service suugestion request
by Rajkiran K
Hi,
I have 2 Spring boot Applications (Application A, B). Both applications
are running with Keycloak (configured clients A, B in same realm), also
has one rest service in application A which will be accessed by same
application A (one client "C" in same realm of keycloak with Direct
Access Grants Enabled ON is created for access). This works fine.
Now moving that rest service from Application A to application B (Which
is running on different server) and when i try to access with rest
service from Application A throwing error as below (Configurered client
"C" to accept urls from Applications A, B)
{"timestamp":"2016-04-22T07:23:37.303+0000","status":401,"error":"Unauthorized","message":"Unable
to authenticate bearer token","path":"/sample-service/sample"}
org.springframework.web.client.HttpClientErrorException: 401 Unauthorized
Please help me to resolve this issue. Thanks in advance.
Thanks,
Raj Kiran K
8 years, 8 months
Admin REST API to get users who has a particular client role
by Subhrajyoti Moitra
Hello,
Is there any Admin REST API to get all the users who posses a particular
client role?
I have some 10K users being managed by my Keycloak instance. Getting the
users and checking their client roles is a long process, so I am looking
for some shortcut to this.
Any pointers or workaround to - avoid reading all the users?
Please guide.
Thanks,
Subhro.
8 years, 8 months
Very slow admin console within keycloak cluster
by Sascha SKORUPA
Hi,
we are currently setting up our keycloak cluster (version 1.9.1) for the production environment. The cluster consists of two keycloak nodes running in standalone-ha mode whereby jgroups is configured to use tcping instead of multicast and loadbalancing is done via modcluster. So far so good, the responses of the KC rest services are fast enough and everthing works as expected.
The only problem what we still have is that the admin console is very slow if it is invoked on the cluster ip. For example the request to render the realm overview page takes more than 5 seconds (https://${CLUSTER}/auth/admin/realms<https://$%7bCLUSTER%7d/auth/admin/realms>). The problem is additionally increased because the GET realms request is sent up to four times.
If we take out one keycloak node in the loadbalancer the admin console is essentially faster. Can anyone help or does anybody have an idea what can be the misconfiguration here? Or is this a known issue that the admin console is slow in cluster mode?
Thanks in advance!
Cheers,
sascha
8 years, 8 months
Setup support needed
by Thomas Hartmann
Hi all,
I am on the search for somebody experienced in configuration Keycloak, to
help me out in setting up the right structure.
We are currently developing a SaaS business with multiple applications and
I would like to use Keycloak for the user management. Since the structure
is quite complex with customers having hierarchies and different
applications in the product, I would love to have somebody experienced to
advise us in setting up the thing and challenge our thoughts.
If somebody is interssted, in helping out, please shoot me an email
thomas(a)str84wd.com and we have a conversation over Skype about what is
needed, how long it will take, financials etc.
Thanks,
Thomas
--
Thomas Hartmann
Tel: +49 176 102 00 921 <%2B49%20%280%29%20176%20%2F%20102%2000%20921>
Mail: thomas.hartmann(a)str84wd.com
Unser nächster Trainingstermin "Lean Startup Anwenden" am 19.05.2016
<http://str84wd.com/trainings-und-workshops/training-lean-startup-anwenden...>
str84wd Products UG (haftungsbeschränkt)
Mallnitzer Straße 5
80687 München
Amtsgericht München, HRB 188 901, Geschäftsführer: Thomas Hartmann, Ralf
Westbrock
http://www.str84wd.com
8 years, 8 months
Re: [keycloak-user] Membership
by Richard Lavallee
Am worried this could be too granular. There may be thousands of Organizations and Facilities, each of which has its own demographic infoeach of which may come and go with frequency.
For example, user DoctorSmith may be a member of Facility BestEyeCare within Organization BestMedicalPractice.
Is modelling the above in Keycloak as Roles reasonable?
Can Keycloak easily support creating/deleting Organization and Facility roles with demographic info?
Also: is there a way for an App to solicit all the Orgs and Facilities available in the realm, exhaustively? (Maybe with a dummy user "AllOrgs"?
-Richard
From: bruno.palermo(a)outlook.com
To: rllavallee(a)hotmail.com
CC: keycloak-user(a)lists.jboss.org
Subject: RE: [keycloak-user] Membership
Date: Mon, 25 Apr 2016 18:40:32 -0300
What about add Fac11, Fac12, Fac21, etc.. as roles?
Date: Mon, 25 Apr 2016 13:25:00 -0700
From: rllavallee(a)hotmail.com
To: keycloak-user(a)lists.jboss.org
Subject: [keycloak-user] Membership
As a keycloak user I wish to create a user with a username and password and one or more roles. Including demographic info about the user: name, address, zip, phones, etc. I think Keycloak supports all this.
But in addition to the above I want also to persist a user's membership in an "Organization", e.g. Org1, and maybe Org2. And for each organization of which he is a member, a Facility within that organization. E.g. For Org1 he would also be a member of Fac11 and Fac12. For Org2 he would also be a member of Fac21 and Fac22.
All the above info would be communicatable from Keycloak to each realm app as the user logs in.
Is the above feasible, please, without customization of Keycloak?
Thank you.
-Richard
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
8 years, 8 months
