10:47 a.m.
Hello,
I've been looking to get a user's CredentialRepresentation(s) via the REST API but
it doesn't seem possible. Getting the UserRepresentation doesn't get the
user's credentials and I haven't found another function (this is with Keycloak
4.8.3.Final).
Am I missing something? Or if not is this a bug (credentials should be sent with the
UserRepresentation) or a design decision (sending credentials over the REST API would be a
security flaw).
Best regards,
Alistair Doswald
6:48 p.m.
New subject: Getting a user's CredentialRepresentation via the REST API
Hi,
I believe the credentials are stored one way hashed in the keycloak DB and cannot be
decrypted.
Are you trying to get the hashed credential ? I believe the user representation does not
return this in the GET calls.
Regards,
Firoz
Sent from Mail<https://go.microsoft.com/fwlink/?LinkId=550986> for Windows 10
________________________________
From: keycloak-user-bounces(a)lists.jboss.org <keycloak-user-bounces(a)lists.jboss.org>
on behalf of Doswald Alistair <alistair.doswald(a)elca.ch>
Sent: Thursday, February 21, 2019 3:17:30 PM
To: keycloak-user
Subject: [keycloak-user] Getting a user's CredentialRepresentation via the REST API
Hello,
I've been looking to get a user's CredentialRepresentation(s) via the REST API but
it doesn't seem possible. Getting the UserRepresentation doesn't get the
user's credentials and I haven't found another function (this is with Keycloak
4.8.3.Final).
Am I missing something? Or if not is this a bug (credentials should be sent with the
UserRepresentation) or a design decision (sending credentials over the REST API would be a
security flaw).
Best regards,
Alistair Doswald
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
7:38 a.m.
Yes, no credentials are ever returned over the rest api
On Thu, 21 Feb 2019, 19:12 Firoz Ahamed, <firozpalapra(a)outlook.com> wrote:
Hi,
I believe the credentials are stored one way hashed in the keycloak DB and
cannot be decrypted.
Are you trying to get the hashed credential ? I believe the user
representation does not return this in the GET calls.
Regards,
Firoz
Sent from Mail<https://go.microsoft.com/fwlink/?LinkId=550986> for
Windows 10
________________________________
From: keycloak-user-bounces(a)lists.jboss.org <
keycloak-user-bounces(a)lists.jboss.org> on behalf of Doswald Alistair <
alistair.doswald(a)elca.ch>
Sent: Thursday, February 21, 2019 3:17:30 PM
To: keycloak-user
Subject: [keycloak-user] Getting a user's CredentialRepresentation via the
REST API
Hello,
I've been looking to get a user's CredentialRepresentation(s) via the REST
API but it doesn't seem possible. Getting the UserRepresentation doesn't
get the user's credentials and I haven't found another function (this is
with Keycloak 4.8.3.Final).
Am I missing something? Or if not is this a bug (credentials should be
sent with the UserRepresentation) or a design decision (sending credentials
over the REST API would be a security flaw).
Best regards,
Alistair Doswald
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
1896
days inactive
1897
days old
2 comments
3 participants
participants (3)
-
Doswald Alistair -
Firoz Ahamed -
Stian Thorgersen