Hi,
According to the Keycloak admin API documentation:
http://www.keycloak.org/docs-api/2.5/rest-api/index.html#_create_a_new_user
->
http://www.keycloak.org/docs-api/2.5/rest-api/index.html#_userrepresentation
->
http://www.keycloak.org/docs-api/2.5/rest-api/index.html#_credentialrepre...
We should be able to provide credentials when creating a new user, but when I provide
credentials it doesn't seem to set the password for the new user. Here is what my
request looks like:
POST /auth/admin/realms/myrealm/users/
{"enabled":true,"username":"blah@blop.com","email":"blah@blop.com","firstName":"Blah","lastName":"Blop","attributes":{"userId":["1234"]},"credentials":[{"type":"password","temporary":false,"value":"secr$tP4ssword"}]}
Just as an experiment, I tried passing a single "credential" instead of an array
of credentials and I got this error back:
internal server error;KeyCloak HTTP Error Response [400]:
com.fasterxml.jackson.databind.JsonMappingException: Can not deserialize instance of
java.util.ArrayList out of START_OBJECT token at [Source:
io.undertow.servlet.spec.ServletInputStreamImpl@264472bc; line: 1, column: 156] (through
reference chain:
org.keycloak.representations.idm.UserRepresentation["credentials"])
So clearly Keycloak is actually parsing this field. Am I doing something wrong with this
request or is the documentation wrong?
Right now what we've been doing to get around this is registering the user and then
doing a reset password request after, but this makes the request to our service take twice
as long. It would be great if we could reduce this to a single request.
Regards,
Scott