We use "admin-cli" as the clientId, not "admin-security-console".
-----Original Message-----
From: "Sven Kilchenmann" <schween(a)gmail.com>
Sent: Thursday, December 15, 2016 10:55am
To: keith.hudson(a)hudzinga.com
Cc: keycloak-user(a)lists.jboss.org
Subject: Re: [keycloak-user] Create user by api
Ouch yes you are right.
Now having this log entry:
2016-12-15 16:45:52,510 WARN [org.keycloak.events] (default task-3) type=LOGIN_ERROR,
realmId=master, clientId=security-admin-console, userId=null, ipAddress=192.168.1.2,
error=not_allowed, auth_method=oauth_credentials, grant_type=password,
client_auth_method=client-secret
but I have no idea how to solve..
Am 15.12.2016 um 15:05 schrieb keith.hudson(a)hudzinga.com:
Pretty sure you need to set an email address with the user you are creating via
setEmail.
Also, we set enabled and realmRoles on our users and they create without issue.
-----Original Message-----
From: "Sven Kilchenmann" <schween(a)gmail.com>
Sent: Thursday, December 15, 2016 8:57am
To: keycloak-user(a)lists.jboss.org
Subject: [keycloak-user] Create user by api
try to create a new user:
Keycloak kc = Keycloak.getInstance(
"http://192.168.11.55:8080/auth",
"master", // the realm to log in to
"admin", "pass", // the user
"security-admin-console");
CredentialRepresentation credential = new CredentialRepresentation();
credential.setType(CredentialRepresentation.PASSWORD);
credential.setValue("test123");
UserRepresentation user = new UserRepresentation();
user.setUsername("testuser");
user.setFirstName("Test");
user.setLastName("User");
user.setCredentials(Arrays.asList(credential));
kc.realm("master").users().create(user);
It returns a HTTP 400 Bad Request. Keycloak log says:
Caused by: com.fasterxml.jackson.databind.exc.UnrecognizedPropertyException:
Unrecognized field "origin" (class
org.keycloak.representations.idm.UserRepresentation), not marked as
ignorable (22 known properties: "federatedIdentities", "enabled",
"lastName", "emailVerified", "clientConsents",
"self", "socialLinks",
"applicationRoles", "createdTimestamp", "groups",
"username",
"attributes", "id", "firstName", "email",
"federationLink",
"serviceAccountClientId", "requiredActions", "realmRoles",
"clientRoles", "totp", "credentials"])
at [Source: io.undertow.servlet.spec.ServletInputStreamImpl@250fdbe0;
line: 1, column: 37] (through reference chain:
org.keycloak.representations.idm.UserRepresentation["origin"])
I'm using Keycloak 2.3.0.Final and Keycloak Admin REST Client 2.4.0.Final API.
Thanks for your support.
Cheers
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user