Re: [keycloak-user] Set client roles to registered users automatically once synced from source LDAP/DB

Got this sample: https://gist.github.com/thomasdarimont/c4e739c5a319cf78a4cff3b87173a84b On Fri, May 18, 2018 at 10:39 AM, Subodh Joshi <subodhcjoshi82(a)gmail.com&gt; wrote: > You have to write script to run admin-cli commands > https://www.keycloak.org/docs/3.3/server_admin/topics/admin-cli.html > > On Fri, May 18, 2018 at 8:50 AM valsaraj pv <valsarajpv(a)gmail.com&gt; wrote: > >> Do you have any links that will be helpful? >> >> On Fri 18 May, 2018, 7:17 AM Subodh Joshi, <subodhcjoshi82(a)gmail.com&gt; >> wrote: >> >>> I think admin-cli will help you regarding this but issue is documetation >>> is not that good. >>> >>> On Thu, 17 May 2018, 22:43 valsaraj pv, <valsarajpv(a)gmail.com&gt; wrote: >>> >>>> Hi, >>>> >>>> Here is the scenario: >>>> Java web application client registers users to local LDAP/DB and sets >>>> roles. >>>> These users are periodically synced to Keycloak. Roles are also synced >>>> once >>>> as it not changed more often. >>>> So when a user registered in local LDAP via application, they are also >>>> reflected in Keycloak but they can't access web application after login >>>> via >>>> Keycloak. >>>> The new users can access only after setting client roles manually. >>>> What is the best option to automate this. Is there is any API to set >>>> client >>>> roles? >>>> If available, we can't write code to set role in registration method >>>> since >>>> the users will be synced to Keycloak only on next sync. Then option is a >>>> delayed call which first ensures that the user reached Keycloak DB and >>>> then >>>> set role. >>>> Please share your thoughts! >>>> >>>> Thanks! >>>> _______________________________________________ >>>> keycloak-user mailing list >>>> keycloak-user(a)lists.jboss.org >>>> https://lists.jboss.org/mailman/listinfo/keycloak-user >>>> > -- > Subodh Chandra Joshi > subodh1_joshi82(a)yahoo.co.in > http://www.trendsinnews.com >