As far as I know, you have to trigger the Assign Client Role (http://keycloak.github.io/docs/rest-api/index.html#_add_client_level_roles_to_the_user_role_mapping) endpoint to achieve that. Although the payload allows you to supply roles to the Create User endpoint, it doesn't assign any roles underneath. This has been the behavior for a long time.

Regards,

Lohitha.

On Thu, Mar 17, 2016 at 7:47 PM, <daniele.capasso@dnshosting.it> wrote:

Hi, i want to register a user via keycloak admin client.

This is the source, it works except for the role, what i wrong?

CredentialRepresentation credential = new CredentialRepresentation();
credential.setType(CredentialRepresentation.PASSWORD);
credential.setValue(model.getPassword());
credential.setTemporary(false);

UserRepresentation userRepresentation = new UserRepresentation();
userRepresentation.setEmail(model.getEmail());
userRepresentation.setFirstName(model.getName());
userRepresentation.setLastName(model.getSurname());
userRepresentation.setUsername(model.getEmail());
userRepresentation.setCredentials(Arrays.asList(credential));
userRepresentation.setEnabled(true);
userRepresentation.setClientRoles(new HashMap<String, List<String>>(){{
put(kcApi.getKeycloakCurrentClient(),Arrays.asList("ROLE_USER_HOST"));
}});

Response resp = kcApi.createUser(userRepresentation);

thank you
_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user