[keycloak-dev] Admin REST - User Roles

Stian Thorgersen sthorger at redhat.com
Thu Oct 1 02:49:04 EDT 2015


Sorry, I meant does it include the "roles" field?

On 30 September 2015 at 16:24, Remi Cartier <remi.cartier at imetrik.com>
wrote:

> The JSON response (string) does NOT contain any roles.
>
> ------------------------------
> *From:* Stian Thorgersen [sthorger at redhat.com]
> *Sent:* Wednesday, September 30, 2015 7:39 AM
> *To:* Remi Cartier
> *Cc:* Marek Posolda; keycloak-dev at lists.jboss.org
>
> *Subject:* Re: [keycloak-dev] Admin REST - User Roles
>
> Does the response actually contain the roles though? You're parsing to UserRepresentation
> then printing it out afterwards.
>
> On 30 September 2015 at 13:24, Remi Cartier <remi.cartier at imetrik.com>
> wrote:
>
>> Marek,
>>
>> I see, thank you for your reply.
>>
>> Wouldn't it be less error/question prone if the endpoint returning all
>> the users wouldn't show the *roles attributes ?
>> Because they will always be null if I understood correctly.
>>
>> Regards.
>>
>> Rémi.
>>
>> ------------------------------
>> *From:* Marek Posolda [mposolda at redhat.com]
>> *Sent:* Wednesday, September 30, 2015 6:21 AM
>> *To:* Remi Cartier; keycloak-dev at lists.jboss.org
>> *Subject:* Re: [keycloak-dev] Admin REST - User Roles
>>
>> Hi,
>>
>> to retrieve realm role mappings of user, you need to use the endpoint
>> like http://localhost:8080/auth/admin/realms/demo/users/{userid}/role-mappings/realm
>> . See the docs for details:
>> http://keycloak.github.io/docs/rest-api/overview-index.html
>>
>> Marek
>>
>> On 29/09/15 19:06, Remi Cartier wrote:
>>
>> Hi guys,
>>
>> first of all, thank you for that great piece of software, it’s amazing !
>>
>> Now, down to business.
>>
>> When I do :
>>
>>         keycloak = Keycloak.getInstance(getKeycloakServerURL(),
>> getKeycloakRealm(), getKeycloakRealmAdminUsername(),
>> getKeycloakRealmAdminPassword(), getKeycloakClientId());
>>         for (UserRepresentation userRepresentation :
>> keycloak.realm(getKeycloakRealm()).users().search(null, 0,
>> Integer.MAX_VALUE)) {
>>             log.info(ToStringBuilder.reflectionToString(userRepresentation,
>> ToStringStyle.JSON_STYLE));
>>         }
>>
>> The information I get does not contain any roles, all the roles related
>> fields are ‘null’. -
>>
>> {"self":null,"id":"0556717e-ffb9-4c2d-b85b-533d9396f243","createdTimestamp":1443542144845,"username":"admin","enabled":true,"totp":false,"emailVerified":true,"firstName":"first
>> name","lastName":"last
>> name","email":null,"federationLink":null,"serviceAccountClientId":null,"attributes":{key1=[value1]},"credentials":null,"requiredActions":[],"federatedIdentities":null,"realmRoles":null,"clientRoles":null,"clientConsents":null,"applicationRoles":null,"socialLinks":null}
>> However in the admin interface I have setup roles at each layer : realm,
>> client
>>
>> The user I am using to do the queries has all the *realm* roles
>> associated.
>>
>> is there anything else I need to do ?
>>
>> thank you for your help !
>>
>> ------------------------------
>>
>>
>> REMI CARTIER
>> B.O.S.S. (Business & Operation Support Systems) P.O (Product Owner)
>>
>> *IMETRIK GLOBAL INC.*
>> *T :* +1 514 448-6407 x2009
>> *T :* +1 866 276-5382 (toll free)
>> *F :* +1 514 904-0611
>>
>> 740 Notre Dame St. West, Suite 1575
>> Montreal, Quebec, Canada H3C 3X6
>> imetrik.com <http://www.imetrik.com/>
>>
>>
>>
>> _______________________________________________
>> keycloak-dev mailing listkeycloak-dev at lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-dev
>>
>>
>>
>> _______________________________________________
>> keycloak-dev mailing list
>> keycloak-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20151001/804ccc96/attachment.html 


More information about the keycloak-dev mailing list