You need to give the user the "realm-admin" role. Read the admin api docs a
little closer - it's mentioned in there. I use "client_credentials" method,
so I give that role to the client itself.
On May 30, 2017 20:40, "Celso Agra" <celso.agra(a)gmail.com> wrote:
Hi all,
I'm trying to configure keycloak to manage users in a specific realm. Here
is my code:
*Keycloak kc = KeycloakBuilder.builder()*
* .serverUrl("http://localhost:8080/auth
<
http://localhost:8080/auth>")
*
* .realm("realm1").username("user")*
* .password("secret")*
* .clientId("admin-cli")*
* .resteasyClient(new
ResteasyClientBuilder().connectionPoolSize(10).build()*
* ).build();*
*RealmResource realmResource = kc.realm("realm1");*
*UsersResource userRessource = realmResource.users();*
*System.out.println("Count: " + userRessource.count());*
When I run this code, I'm getting this error:
*javax.ws.rs.BadRequestException: HTTP 400 Bad Request*
* at
org.jboss.resteasy.client.jaxrs.internal.ClientInvocation.
handleErrorStatus(ClientInvocation.java:212)*
* at
org.jboss.resteasy.client.jaxrs.internal.ClientInvocation.extractResult(
ClientInvocation.java:189)*
* at
org.jboss.resteasy.client.jaxrs.internal.proxy.extractors.
BodyEntityExtractor.extractEntity(BodyEntityExtractor.java:60)*
* at
org.jboss.resteasy.client.jaxrs.internal.proxy.ClientInvoker.invoke(
ClientInvoker.java:107)*
* at
org.jboss.resteasy.client.jaxrs.internal.proxy.ClientProxy.invoke(
ClientProxy.java:76)*
* at com.sun.proxy.$Proxy32.grantToken(Unknown Source)*
* at
org.keycloak.admin.client.token.TokenManager.grantToken(
TokenManager.java:89)*
* at
org.keycloak.admin.client.token.TokenManager.getAccessToken(TokenManager.
java:69)*
* at
org.keycloak.admin.client.token.TokenManager.getAccessTokenString(
TokenManager.java:64)*
* at
org.keycloak.admin.client.resource.BearerAuthFilter.
filter(BearerAuthFilter.java:52)*
* at
org.jboss.resteasy.client.jaxrs.internal.ClientInvocation.invoke(
ClientInvocation.java:431)*
* at
org.jboss.resteasy.client.jaxrs.internal.proxy.ClientInvoker.invoke(
ClientInvoker.java:105)*
* at
org.jboss.resteasy.client.jaxrs.internal.proxy.ClientProxy.invoke(
ClientProxy.java:76)*
* at com.sun.proxy.$Proxy40.count(Unknown Source)*
* at
pe.gov.br.ati.service.KeycloakClientService.validateAndInsertUser(
KeycloakClientService.java:72)*
* at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)*
* at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)*
* at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)*
* at java.lang.reflect.Method.invoke(Unknown Source)*
* at org.apache.camel.component.bean.MethodInfo.invoke(
MethodInfo.java:408)*
* at
org.apache.camel.component.bean.MethodInfo$1.doProceed(
MethodInfo.java:279)*
* at
org.apache.camel.component.bean.MethodInfo$1.proceed(MethodInfo.java:252)*
* at
org.apache.camel.component.bean.BeanProcessor.process(
BeanProcessor.java:177)*
* at
org.apache.camel.management.InstrumentationProcessor.process(
InstrumentationProcessor.java:77)*
* at
org.apache.camel.processor.RedeliveryErrorHandler.process(
RedeliveryErrorHandler.java:468)*
* at
org.apache.camel.processor.CamelInternalProcessor.process(
CamelInternalProcessor.java:196)*
* at org.apache.camel.processor.Pipeline.process(Pipeline.java:121)*
* at org.apache.camel.processor.Pipeline.process(Pipeline.java:83)*
* at
org.apache.camel.processor.CamelInternalProcessor.process(
CamelInternalProcessor.java:196)*
* at
org.apache.camel.component.direct.DirectProducer.process(
DirectProducer.java:62)*
* at
org.apache.camel.processor.SendProcessor.process(SendProcessor.java:145)*
* at
org.apache.camel.management.InstrumentationProcessor.process(
InstrumentationProcessor.java:77)*
* at
org.apache.camel.processor.RedeliveryErrorHandler.process(
RedeliveryErrorHandler.java:468)*
* at
org.apache.camel.processor.CamelInternalProcessor.process(
CamelInternalProcessor.java:196)*
* at org.apache.camel.processor.Pipeline.process(Pipeline.java:121)*
* at org.apache.camel.processor.Pipeline.process(Pipeline.java:83)*
* at
org.apache.camel.processor.CamelInternalProcessor.process(
CamelInternalProcessor.java:196)*
* at
org.apache.camel.util.AsyncProcessorHelper.process(
AsyncProcessorHelper.java:109)*
* at *
* ...*
But when I change the realm to "master", such as:
*Keycloak kc = KeycloakBuilder.builder()*
* .serverUrl("http://localhost:8080/auth
<
http://localhost:8080/auth>")
*
* .realm("master").username("admin")*
* .password("admin123!")*
* .clientId("admin-cli")*
* .resteasyClient(new
ResteasyClientBuilder().connectionPoolSize(10).build()*
* ).build();*
*RealmResource realmResource = kc.realm("realm1");*
*UsersResource userRessource = realmResource.users();*
*System.out.println("Count: " + userRessource.count());*
The code works fine.
I'd like to know if the admin user in the master realm is the only way to
add users using the keycloak Admin Client.
Is anybody get this same issue?
Best Regards
--
---
*Celso Agra*
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user