Re: [keycloak-user] How to migrate users and roles from in-house storage

It's working like a charm :) Some things I learned: * Need to import resteasy deps for keycloak-admin-cli explicitly * Methods won't return errors but will throw InvocationTargetException (must be checked) Question: is there a way to set default roles? I can't seem to find it in the Java code but it is available through REST. Thanks, Pires On Thu, Jul 21, 2016 at 8:47 AM Paulo Pires <pires(a)littlebits.cc&gt; wrote: > Thank you Bruno, I haven't been able to verify your code but I assume > you're sharing it because it works. > > It seems pretty trivial, awesome! > > Cheers, > Pires > > On Wed, Jul 20, 2016 at 9:30 PM Bruno Oliveira <bruno(a)abstractj.org&gt; > wrote: > >> Note sure if it helps, but an example about how to do it >> programatically is here[1]. >> >> I just adapted from the admin-client[2]. >> >> >> [1] - https://gist.github.com/abstractj/78b127e8c9273cdcea6eb82a1cfc153c >> [2] - >> https://github.com/keycloak/keycloak/tree/master/examples/admin-client >> >> On 2016-07-20, Paulo Pires wrote: >> > I did check the admin-cli JAR but it's not clear how to add roles and >> > users, or if it's even implemented (I did check the REST API and >> there's >> > endpoints for that). >> > >> > Thank you very much for clarifying, >> > Pires >> > >> > On Wed, Jul 20, 2016 at 2:52 PM Stian Thorgersen <sthorger(a)redhat.com&gt; >> > wrote: >> > >> > > Yep, take a look at >> > > >> https://keycloak.gitbooks.io/server-developer-guide/content/topics/admin-... >> > > >> > > On 20 July 2016 at 15:33, Paulo Pires <pires(a)littlebits.cc&gt; wrote: >> > > >> > >> More than 150k. Is there a Java library for the REST api? >> > >> >> > >> On Jul 20, 2016 13:56, "Stian Thorgersen" <sthorger(a)redhat.com&gt; >> wrote: >> > >> >> > >>> Depending on the amount of users I'd use either partial import >> through >> > >>> the admin console (if you don't have more than a thousand or so >> users) or >> > >>> use the admin REST endpoints if you have quite a lot of users. >> > >>> >> > >>> On 20 July 2016 at 11:52, Paulo Pires <pires(a)littlebits.cc&gt; wrote: >> > >>> >> > >>>> Hi all, >> > >>>> >> > >>>> I'm in the process of migrating from an in-house user-role >> storage to >> > >>>> Keycloak and I'm looking for programmatic (Java) ways to migrate >> all >> > >>>> current users to the new storage. And I need your help to figure >> out the >> > >>>> best approach. >> > >>>> >> > >>>> At first, when reading KC documentation, I believed I could easily >> > >>>> achieve this by implementing a User Federation provider but after >> diving a >> > >>>> little more into it, and looking for examples, I can't see a way >> to migrate >> > >>>> all users on-demand but simply one user at a time, possible >> during log-in. >> > >>>> >> > >>>> Next, I tried and look into ways, such as admin-cli, REST, etc but >> > >>>> nothing strikes me as the solution to use. >> > >>>> >> > >>>> Here's what I was hoping to deliver: >> > >>>> * Get all roles and users from my soon-to-be deprecated storage, >> e.g. >> > >>>> MySQL tables >> > >>>> * Add roles to KC >> > >>>> * Iterate users and add user to KC + map roles + update password >> hashes >> > >>>> (here I know I need to implement a HashProvider) >> > >>>> >> > >>>> Any hints will be appreciated! >> > >>>> >> > >>>> Pires >> > >>>> >> > >>>> _______________________________________________ >> > >>>> keycloak-user mailing list >> > >>>> keycloak-user(a)lists.jboss.org >> > >>>> https://lists.jboss.org/mailman/listinfo/keycloak-user >> > >>>> >> > >>> >> > >>> >> > > >> >> > _______________________________________________ >> > keycloak-user mailing list >> > keycloak-user(a)lists.jboss.org >> > https://lists.jboss.org/mailman/listinfo/keycloak-user >> >> >> -- >> >> abstractj >> PGP: 0x84DC9914 >> >