Yes it had them, but it didn't work.

When I tried generating the token with the client_id set to the security-admin-console application it worked fine.

Is that the correct way to do this?


On Tue, Jun 10, 2014 at 4:26 PM, Bill Burke <bburke@redhat.com> wrote:
Does rodrigosasaki have realm admin privileges?  The role is under
applications->myrealm-management->realm-admin

On 6/10/2014 3:02 PM, Rodrigo Sasaki wrote:
> I'd like to manage users and roles, creating and updating them.
>
> I obtained a token like this:
>
> *POST /realms/myrealm/tokens/grants/access*
> *
> *
> *username: rodrigosasaki*
> *password: password*
> *client_id: myclient*
> *client_secret: generated_secret*
>
> and I got a token back, but then I tried accessing the roles of the
> realm on this URL
>
> /admin/realms/myrealm/roles
>
> And it says I'm not authorized to access this, I'd like to know what
> roles or configuration I should create to be able to manipulate this
> information, just as I do on the admin-console
>
>
> On Tue, Jun 10, 2014 at 10:16 AM, Stian Thorgersen <stian@redhat.com
> <mailto:stian@redhat.com>> wrote:
>
>     To access the REST API you need to pass the token in the http
>     headers. How to obtain the token in the first place depends on the
>     type of the application you're trying to invoke the API from. Look
>     at the docs/examples that corresponds to the type of your app
>     (JavaScript, command-line, jax-rs, etc). You also need to make sure
>     the application/client has scope mappings on the required roles.
>
>     ----- Original Message -----
>      > From: "Rodrigo Sasaki" <rodrigopsasaki@gmail.com
>     <mailto:rodrigopsasaki@gmail.com>>
>      > To: keycloak-user@lists.jboss.org
>     <mailto:keycloak-user@lists.jboss.org>
>      > Sent: Monday, 9 June, 2014 12:59:41 PM
>      > Subject: [keycloak-user] REST API - Bearer Exception
>      >
>      > Hi,
>      >
>      > I'm trying to work with the Keycloak REST API, I logged into the
>      > administration console, and then tried accessing
>     /auth/admin/realms and got
>      > this exception:
>      >
>      > Failed executing GET /admin/realms:
>      > org.jboss.resteasy.spi.UnauthorizedException: Bearer
>      >
>      > How should I build my request to be able to get a response? How
>     should I
>      > authenticate myself in this situation?
>      >
>      > --
>      > Rodrigo Sasaki
>      >
>      > _______________________________________________
>      > keycloak-user mailing list
>      > keycloak-user@lists.jboss.org <mailto:keycloak-user@lists.jboss.org>
>      > https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
>
>
> --
> Rodrigo Sasaki
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user@lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>

--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user



--
Rodrigo Sasaki