Thx. I was able to zip up my laptop version and ssh over to make it work (i.e. bring up admin console). With RHEL VMs, there is no easy way to bring up a local browser so the old defaults were more convenient for those that do dev/test in the cloud.
My English is not very good, so just apologize. I really liked your project
Keycloak. I've had a number of questions on it, in which I ask your help.
1 How REST interface through JSApp create user with specified password. In
my case I "PUT" reset-password and get a "Access to the specified resource
has been forbidden", but without password is ok.
2 How to check in Stateless EJB which role belongs to a particular user,
get his ID, etc. That access to users IDM from the business code.
Thank you very much.
I am trying to understand this sentence from section 2.2.1 of the User
"The role mappings contained within the token are the union between the set
of user role mappings and the permission scope of the application/oauth
Should this perhaps read the "intersection between" rather than the "union
between"? I guess I am trying to understand if it is the union of the two
sets or the intersection between the two sets. My guess, based on the rest
of the paragraph, is that it is the intersection between the two sets.
I've seen on the Keycloak website that there are plans to support SAML and
there is a JIRA ticket (KEYCLOAK-315
<https://issues.jboss.org/browse/KEYCLOAK-315>) that lists the fix version
of 1.1-beta-1. I was wondering if this is firm deadline or just a rough
Thank you for your time,
Hi, I have my realm enabled for email verification. When I registered a new user using the UI dialog, the user gets an email notification.
However, if I use the REST API to create a new user, even though I set emailVerified to true, the new user that gets added correctly didn’t get an email notification.
Is there an additional REST API I need to call? I can’t find that in the doc. Or is this supposed to be implicit and in that case a bug? Or am I missing some more setup? Thx…
Is there a way to authenticate the user without having to input username
and password on the login page?
Say there's a situation in my application where I request the user for his
username and password, and I wouldn't like to redirect that to the keycloak
login page to authenticate him, would there be a way for me to do that?
I've been looking into Keycloak and have a question in regards to password
hashing. I came across a closed JIRA item that discusses supporting bcrypt,
but the comments just state that improved password hashing has already been
added. I guess my question is what exactly does Keycloak provide/support in
terms of password encryption and is it configurable.
Ok, I figured it out. I just replaced java:jboss/datasources/KeycloakDS
with my own settings rather than create a new jndi datasource with a
different name. In the past I was able to change the jndi name to
java:jboss/datasources/ui_users and make a few updates to persistence.xml.
The new way is arguably easier. Now that I know to just replace
KeycloakDS with my own settings I do not need to change anything else. Am
I correct in assuming this is how things work going forward? It seems I
cannot delete ExampleDS either without causing problems though. The
current documentation is also misleading.