[keycloak-dev] Batch import/export
Stan Silvert
ssilvert at redhat.com
Wed Oct 21 08:15:56 EDT 2015
I like those ideas too. Some have already been talked about but
regarded as "nice to have".
The question is do we want me to spend extra weeks on all those features
or do we want to get started on CLI?
Right now, I have batch import implemented for Users, Clients, and
Identity Providers. It's easy to add the replace, skip, error feature,
so I'll probably spend a couple of extra hours today doing that.
Personally, I think the best approach is to implement the simplest
possible version of the feature and then get feedback to see what
enhancements are really needed. If you want to try out the import
feature, It's here:
https://github.com/ssilvert/keycloak/tree/user-import-export
On 10/21/2015 6:00 AM, Stian Thorgersen wrote:
> Those are nice additional options we could have. Simply have a
> checkbox to re-generate realm keys and another checkbox to re-generate
> client secrets (if a client is using jwt auth then we shouldn't
> re-generate the keys for the client as we don't store the private key).
>
> On 21 October 2015 at 10:06, Thomas Raehalme
> <thomas.raehalme at aitiofinland.com
> <mailto:thomas.raehalme at aitiofinland.com>> wrote:
>
> I think all of these sound useful!
>
> May I suggest another useful option when importing realm or
> client, which is to re-generate keys and secrets?
>
> Best regards,
> Thomas
>
> On Wed, Oct 21, 2015 at 11:00 AM, Stian Thorgersen
> <sthorger at redhat.com <mailto:sthorger at redhat.com>> wrote:
>
> After your last email with regards to removing the import
> button from client create page I had an idea.
>
> How about we do the following:
>
>
> Import/export single
> --------------------------
> On realm, client, identity provider and user federation create
> pages we add the import button. This will prefill the form and
> let the user review before importing. This is how realm and
> client works now. We'd also add a link to export a single
> entity when displaying it in the admin console (next to the
> delete icon).
>
> Batch export
> -----------------
> When exporting a realm you can select what you want to export.
> The option would include realm settings, clients, identity
> brokers, user federation, users, credentials. Further there
> would be an option if export would be done to a file or a json
> download. If export to file is selected you would get the
> option to export credentials for users, if json download is
> selected that option would be disabled.
>
> Batch import
> -----------------
> We should have options to import a realm as well as import
> into an existing realm. For this we should have an option to
> select what happens if resources exists (for example client
> with client-id exists, or user with username exists). Options
> could be replace, skip, warn, error, etc..
>
>
> Finally I was also thinking about an option where we'd have a
> import directory on the server. Any files in this would be
> imported on startup. Once imported we'd add a
> "<filename>.imported" or "<filename>.failed". Same here it
> would be nice to be able to somehow specify the strategy if
> the resource exists.
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org <mailto:keycloak-dev at lists.jboss.org>
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20151021/0cae5025/attachment.html
More information about the keycloak-dev
mailing list