9:17 a.m.
Hi, i want to register a user via keycloak admin client.
This is the source, it works except for the role, what i wrong?
CredentialRepresentation credential = new CredentialRepresentation();
credential.setType(CredentialRepresentation.PASSWORD);
credential.setValue(model.getPassword());
credential.setTemporary(false);
UserRepresentation userRepresentation = new UserRepresentation();
userRepresentation.setEmail(model.getEmail());
userRepresentation.setFirstName(model.getName());
userRepresentation.setLastName(model.getSurname());
userRepresentation.setUsername(model.getEmail());
userRepresentation.setCredentials(Arrays.asList(credential));
userRepresentation.setEnabled(true);
userRepresentation.setClientRoles(new HashMap<String, List<String>>(){{
put(kcApi.getKeycloakCurrentClient(),Arrays.asList("ROLE_USER_HOST"));
}});
Response resp = kcApi.createUser(userRepresentation);
thank you
1:22 p.m.
As far as I know, you have to trigger the Assign Client Role (
http://keycloak.github.io/docs/rest-api/index.html#_add_client_level_role...)
endpoint to achieve that. Although the payload allows you to supply roles
to the Create User endpoint, it doesn't assign any roles underneath. This
has been the behavior for a long time.
Regards,
Lohitha.
On Thu, Mar 17, 2016 at 7:47 PM, <daniele.capasso(a)dnshosting.it> wrote:
Hi, i want to register a user via keycloak admin client.
This is the source, it works except for the role, what i wrong?
CredentialRepresentation credential = new CredentialRepresentation();
credential.setType(CredentialRepresentation.PASSWORD);
credential.setValue(model.getPassword());
credential.setTemporary(false);
UserRepresentation userRepresentation = new UserRepresentation();
userRepresentation.setEmail(model.getEmail());
userRepresentation.setFirstName(model.getName());
userRepresentation.setLastName(model.getSurname());
userRepresentation.setUsername(model.getEmail());
userRepresentation.setCredentials(Arrays.asList(credential));
userRepresentation.setEnabled(true);
userRepresentation.setClientRoles(new HashMap<String, List<String>>(){{
put(kcApi.getKeycloakCurrentClient(),Arrays.asList("ROLE_USER_HOST"));
}});
Response resp = kcApi.createUser(userRepresentation);
thank you
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
6:58 a.m.
Creating a user through admin rest is 3 requests. Create user, update
credentials, assign roles. Not very elegant that's true and we will improve
it eventually.
On 17 Mar 2016 19:24, "Lohitha Chiranjeewa" <kalc04(a)gmail.com> wrote:
As far as I know, you have to trigger the Assign Client Role (
http://keycloak.github.io/docs/rest-api/index.html#_add_client_level_role...)
endpoint to achieve that. Although the payload allows you to supply roles
to the Create User endpoint, it doesn't assign any roles underneath. This
has been the behavior for a long time.
Regards,
Lohitha.
On Thu, Mar 17, 2016 at 7:47 PM, <daniele.capasso(a)dnshosting.it> wrote:
> Hi, i want to register a user via keycloak admin client.
>
> This is the source, it works except for the role, what i wrong?
>
> CredentialRepresentation credential = new CredentialRepresentation();
> credential.setType(CredentialRepresentation.PASSWORD);
> credential.setValue(model.getPassword());
> credential.setTemporary(false);
>
> UserRepresentation userRepresentation = new UserRepresentation();
> userRepresentation.setEmail(model.getEmail());
> userRepresentation.setFirstName(model.getName());
> userRepresentation.setLastName(model.getSurname());
> userRepresentation.setUsername(model.getEmail());
> userRepresentation.setCredentials(Arrays.asList(credential));
> userRepresentation.setEnabled(true);
> userRepresentation.setClientRoles(new HashMap<String, List<String>>(){{
>
> put(kcApi.getKeycloakCurrentClient(),Arrays.asList("ROLE_USER_HOST"));
> }});
>
> Response resp = kcApi.createUser(userRepresentation);
>
>
> thank you
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
8:41 a.m.
I do not understand how to set up a role , I insert a new user , I call
this function without errors , but does not assign the role keycloak
public void addRoleToUser(String idKeycloak, String clientRole){
UserRepresentation user= getUserRepresentation(idKeycloak);
Map<String, List<String>> roles =user.getClientRoles();
List<String> rolesInClient=new ArrayList<String>();
if (roles!=null)
rolesInClient = roles.get(getKeycloakCurrentClient());
else
roles = new HashMap<String, List<String>>();
rolesInClient.add(clientRole);
roles.put(getKeycloakCurrentClient(), rolesInClient);
user.setClientRoles(roles);
UserResource userResource = getUserResource(idKeycloak);
userResource.update(user);
}
Il 2016-03-18 12:58 Stian Thorgersen ha scritto:
Creating a user through admin rest is 3 requests. Create user,
update
credentials, assign roles. Not very elegant that's true and we will
improve it eventually.
On 17 Mar 2016 19:24, "Lohitha Chiranjeewa" <kalc04(a)gmail.com> wrote:
> As far as I know, you have to trigger the Assign Client Role
>
(http://keycloak.github.io/docs/rest-api/index.html#_add_client_level_role...
> [2]) endpoint to achieve that. Although the payload allows you to
> supply roles to the Create User endpoint, it doesn't assign any
> roles underneath. This has been the behavior for a long time.
>
> Regards,
> Lohitha.
>
> On Thu, Mar 17, 2016 at 7:47 PM, <daniele.capasso(a)dnshosting.it>
> wrote:
>
>> Hi, i want to register a user via keycloak admin client.
>>
>> This is the source, it works except for the role, what i wrong?
>>
>> CredentialRepresentation credential = new
>> CredentialRepresentation();
>> credential.setType(CredentialRepresentation.PASSWORD);
>> credential.setValue(model.getPassword());
>> credential.setTemporary(false);
>>
>> UserRepresentation userRepresentation = new UserRepresentation();
>> userRepresentation.setEmail(model.getEmail());
>> userRepresentation.setFirstName(model.getName());
>> userRepresentation.setLastName(model.getSurname());
>> userRepresentation.setUsername(model.getEmail());
>> userRepresentation.setCredentials(Arrays.asList(credential));
>> userRepresentation.setEnabled(true);
>> userRepresentation.setClientRoles(new HashMap<String,
>> List<String>>(){{
>>
>>
>
put(kcApi.getKeycloakCurrentClient(),Arrays.asList("ROLE_USER_HOST"));
>> }});
>>
>> Response resp = kcApi.createUser(userRepresentation);
>>
>> thank you
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user(a)lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user [1]
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user [1]
Links:
------
[1] https://lists.jboss.org/mailman/listinfo/keycloak-user
[2]
http://keycloak.github.io/docs/rest-api/index.html#_add_client_level_role...
9:02 a.m.
I usually use the admin console and look at the request it sends to figure
out how to use the rest endpoints. It's usually simpler than reading the
not so great docs.
On 21 March 2016 at 14:41, <daniele.capasso(a)dnshosting.it> wrote:
I do not understand how to set up a role , I insert a new user , I call
this function without errors , but does not assign the role keycloak
public void addRoleToUser(String idKeycloak, String clientRole){
UserRepresentation user= getUserRepresentation(idKeycloak);
Map<String, List<String>> roles =user.getClientRoles();
List<String> rolesInClient=new ArrayList<String>();
if (roles!=null)
rolesInClient =
roles.get(getKeycloakCurrentClient());
else
roles = new HashMap<String, List<String>>();
rolesInClient.add(clientRole);
roles.put(getKeycloakCurrentClient(), rolesInClient);
user.setClientRoles(roles);
UserResource userResource = getUserResource(idKeycloak);
userResource.update(user);
}
Il 2016-03-18 12:58 Stian Thorgersen ha scritto:
> Creating a user through admin rest is 3 requests. Create user, update
> credentials, assign roles. Not very elegant that's true and we will
> improve it eventually.
> On 17 Mar 2016 19:24, "Lohitha Chiranjeewa" <kalc04(a)gmail.com>
wrote:
>
> As far as I know, you have to trigger the Assign Client Role
>>
>> (
>
http://keycloak.github.io/docs/rest-api/index.html#_add_client_level_role...
>
>> [2]) endpoint to achieve that. Although the payload allows you to
>>
>> supply roles to the Create User endpoint, it doesn't assign any
>> roles underneath. This has been the behavior for a long time.
>>
>> Regards,
>> Lohitha.
>>
>> On Thu, Mar 17, 2016 at 7:47 PM, <daniele.capasso(a)dnshosting.it>
>> wrote:
>>
>> Hi, i want to register a user via keycloak admin client.
>>>
>>> This is the source, it works except for the role, what i wrong?
>>>
>>> CredentialRepresentation credential = new
>>> CredentialRepresentation();
>>> credential.setType(CredentialRepresentation.PASSWORD);
>>> credential.setValue(model.getPassword());
>>> credential.setTemporary(false);
>>>
>>> UserRepresentation userRepresentation = new UserRepresentation();
>>> userRepresentation.setEmail(model.getEmail());
>>> userRepresentation.setFirstName(model.getName());
>>> userRepresentation.setLastName(model.getSurname());
>>> userRepresentation.setUsername(model.getEmail());
>>> userRepresentation.setCredentials(Arrays.asList(credential));
>>> userRepresentation.setEnabled(true);
>>> userRepresentation.setClientRoles(new HashMap<String,
>>> List<String>>(){{
>>>
>>>
>>>
>> put(kcApi.getKeycloakCurrentClient(),Arrays.asList("ROLE_USER_HOST"));
>
>> }});
>>>
>>> Response resp = kcApi.createUser(userRepresentation);
>>>
>>> thank you
>>> _______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user(a)lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-user [1]
>>>
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user(a)lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user [1]
>>
>
>
> Links:
> ------
> [1] https://lists.jboss.org/mailman/listinfo/keycloak-user
> [2]
>
>
http://keycloak.github.io/docs/rest-api/index.html#_add_client_level_role...
>
3188
days inactive
3192
days old
4 comments
3 participants
participants (3)
-
daniele.capasso@dnshosting.it -
Lohitha Chiranjeewa -
Stian Thorgersen