ok guys, nothing wrong here.
I was using the UserInfo name field to match with the UserRepresentation username field and it wasn’t working.
I am not using ‘preferred_username’ and everything works as expected.

Using UserInfo to retrieve a UserRepresentation containing all the informations.

thank you for your ‘silence’. It made me think I was probably doing something wrong !


REMI CARTIER

B.O.S.S. (Business & Operation Support Systems) P.O (Product Owner)

IMETRIK GLOBAL INC. 
T : +1 514 448-6407 x2009
T : +1 866 276-5382 (toll free) 
F : +1 514 904-0611 

740 Notre Dame St. West, Suite 1575 
Montreal, Quebec, Canada H3C 3X6 
imetrik.com

On Oct 7, 2015, at 3:51 PM, Remi Cartier <remi.cartier@imetrik.com> wrote:

Hey guys,

I created a token with /protocol/openid-connect/token and got a JWT token back.
Now I am trying to get the username of the logged user from the token via /userinfo.
I get the 403 error code.
When I was doing that request with the admin user, it worked.
I am wondering if I have to set some roles to every user that want to be able to get back their info via /userinfo

    public User getUserFromToken(String iToken) {
        HttpClient httpClient = buildHttpClient();
        HttpGet httpGet = new HttpGet(getKeycloakServerURL() + "/realms/" + getKeycloakRealm() + "/protocol/openid-connect/userinfo");
        httpGet.addHeader("Authorization", "Bearer " + iToken);
        try {
            HttpResponse httpResponse = httpClient.execute(httpGet);
            if (httpResponse.getStatusLine().getStatusCode() != HttpStatus.SC_OK) {
                throw new IllegalStateException(httpGet.toString() + " returned " + httpResponse.getStatusLine().toString());
            }
            String json = IOUtils.toString(httpResponse.getEntity().getContent());
            UserInfo userInfo = JsonSerialization.readValue(json, UserInfo.class);
            return getUser(userInfo.getName(), getKeycloakRealm());
        } catch (IOException e) {
            throw new IllegalStateException(e);
        }
    }

java.lang.IllegalStateException: GET http://m4ib-idm:8080/auth/realms/imetrik/protocol/openid-connect/userinfo HTTP/1.1 returned HTTP/1.1 403 Forbidden

anything I am missing ?

cheers !


REMI CARTIER

B.O.S.S. (Business & Operation Support Systems) P.O (Product Owner)

IMETRIK GLOBAL INC. 
T : +1 514 448-6407 x2009
T : +1 866 276-5382 (toll free) 
F : +1 514 904-0611 

740 Notre Dame St. West, Suite 1575 
Montreal, Quebec, Canada H3C 3X6 
imetrik.com

_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user