On 8.5.2015 17:16, Anton Hughes wrote:

Thanks Stian

On Fri, May 8, 2015 at 7:17 AM, Stian Thorgersen <stian@redhat.com> wrote:

Yes, you've got two options atm:

* Export your users to a json file and import into Keycloak - in the future we want to be able to import users into existing realm, but currently you have to create a new realm

Its no problem creating a realm. Is there an example of importing users from a json file? Or can you point me to documentation for this?

You can see some documentation for export/import here http://docs.jboss.org/keycloak/docs/1.2.0.CR1/userguide/html/export-import.html . You can first try to create some example realm with few users, then export it and then re-import it to see how it works and what is the format of the file.

However the tricky part for migrating users from external system to Keycloak DB are user passwords. You will be able to import user passwords to Keycloak DB just if you know them in plain-text or if you use PBKDF2 for store them in your current DB like we are using in Keycloak. In this case you will need to add hash + salt + number of iterations (you will need to know these from your DB) for each user password similarly like you can see in the file previously exported from Keycloak DB.

That's why using federation and implement your FederationProvider might be better approach.

Marek

* Use the admin rest api (or java admin client) to import users

Thanks again

--