Re: [keycloak-user] Multiple calls required to create a user

On 8/9/16 5:56 AM, Tom Pearson wrote: Hi, I'm creating a new user through the admin API. In order to do this I have to make 3 separate calls (createUser <http://www.keycloak.org/docs/rest-api/index.html#_create_a_new_user>;, resetPassword <http://www.keycloak.org/docs/rest-api/index.html#_set_up_a_temporary_pass... and addRealmLevelRoles <http://www.keycloak.org/docs/rest-api/index.html#_add_realm_level_role_ma...>) as the credentials and realm roles in the UserRepresentation <http://www.keycloak.org/docs/rest-api/index.html#_userrepresentation> are ignored. I then have to make another call to getEffectiveRealmLevelRoles <http://www.keycloak.org/docs/rest-api/index.html#_get_effective_realm_lev... as the getUser <http://www.keycloak.org/docs/rest-api/index.html#_get_represenation_of_th... method doesn't return the roles. If I were to require the client level roles this would be 6 calls to create and return the user. Is there a reason as to why this is the case? The reason is simply that the admin API was written for the admin console. We've never had time to refactor it. Too many other things on the queue. As an aside, in the docs the reset password method is called "Set up a temporary password for the user" but in my experience the password is never temporary regardless of the value of the temporary flag. Kind regards, Tom _______________________________________________ keycloak-user mailing listkeycloak-user@lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user