[keycloak-dev] Changes in reps
Bill Burke
bburke at redhat.com
Mon Jul 7 10:47:41 EDT 2014
I don't remember why I did it that way to begin with. Maybe it was a
dumb reason. :)
Sounds like a good plan. Make sure though you update all the .json
files that use the old format.
On 7/7/2014 10:22 AM, Marek Posolda wrote:
> Hi,
>
> When working on export/import, I did some changes to reps. Specifically:
>
> - Remove "roleMappings", "applicationRoleMappings" and "socialMappings"
> from RealmRepresentation and instead adding it directly under
> UserRepresentation. So for user, we will have something like:
>
> {
> "username": "admin",
> ...
> "realmRoles": [ "admin" ],
> "applicationRoles": [
> "Application": [ "app-admin" ],
> "OtherApp": [ "otherapp-admin" ]
> ]
> }
>
> The main reason is that for big number of users, we may need to paginate
> them (For example add first 10k users of realm into one file and then
> another 10k users into another file etc), so it will be nice to have all
> info related to user in one place.
>
> - Added optional fields "hashedValue" and "salt" to
> CredentialRepresentation. The thing is that if we want to do export, we
> can't use plain-text "value", but we need to export it into
> "hashedValue" . I am still keeping the "value", so it will be still
> possible to import users with plain-text password as it is now. The main
> usecase for "hashedValue"+"salt" is really just export/import (Import
> passwords, which were previously exported)
>
> Let me know if you see some issues with it.
>
> Thanks,
> Marek
>
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the keycloak-dev
mailing list