[keycloak-dev] Admin REST - User Roles
Remi Cartier
remi.cartier at imetrik.com
Wed Sep 30 10:24:15 EDT 2015
The JSON response (string) does NOT contain any roles.
________________________________
From: Stian Thorgersen [sthorger at redhat.com]
Sent: Wednesday, September 30, 2015 7:39 AM
To: Remi Cartier
Cc: Marek Posolda; keycloak-dev at lists.jboss.org
Subject: Re: [keycloak-dev] Admin REST - User Roles
Does the response actually contain the roles though? You're parsing to UserRepresentation then printing it out afterwards.
On 30 September 2015 at 13:24, Remi Cartier <remi.cartier at imetrik.com<mailto:remi.cartier at imetrik.com>> wrote:
Marek,
I see, thank you for your reply.
Wouldn't it be less error/question prone if the endpoint returning all the users wouldn't show the *roles attributes ?
Because they will always be null if I understood correctly.
Regards.
Rémi.
________________________________
From: Marek Posolda [mposolda at redhat.com<mailto:mposolda at redhat.com>]
Sent: Wednesday, September 30, 2015 6:21 AM
To: Remi Cartier; keycloak-dev at lists.jboss.org<mailto:keycloak-dev at lists.jboss.org>
Subject: Re: [keycloak-dev] Admin REST - User Roles
Hi,
to retrieve realm role mappings of user, you need to use the endpoint like http://localhost:8080/auth/admin/realms/demo/users/{userid}/role-mappings/realm . See the docs for details: http://keycloak.github.io/docs/rest-api/overview-index.html
Marek
On 29/09/15 19:06, Remi Cartier wrote:
Hi guys,
first of all, thank you for that great piece of software, it’s amazing !
Now, down to business.
When I do :
keycloak = Keycloak.getInstance(getKeycloakServerURL(), getKeycloakRealm(), getKeycloakRealmAdminUsername(), getKeycloakRealmAdminPassword(), getKeycloakClientId());
for (UserRepresentation userRepresentation : keycloak.realm(getKeycloakRealm()).users().search(null, 0, Integer.MAX_VALUE)) {
log.info<http://log.info>(ToStringBuilder.reflectionToString(userRepresentation, ToStringStyle.JSON_STYLE));
}
The information I get does not contain any roles, all the roles related fields are ‘null’. -
{"self":null,"id":"0556717e-ffb9-4c2d-b85b-533d9396f243","createdTimestamp":1443542144845,"username":"admin","enabled":true,"totp":false,"emailVerified":true,"firstName":"first name","lastName":"last name","email":null,"federationLink":null,"serviceAccountClientId":null,"attributes":{key1=[value1]},"credentials":null,"requiredActions":[],"federatedIdentities":null,"realmRoles":null,"clientRoles":null,"clientConsents":null,"applicationRoles":null,"socialLinks":null}
However in the admin interface I have setup roles at each layer : realm, client
The user I am using to do the queries has all the *realm* roles associated.
is there anything else I need to do ?
thank you for your help !
________________________________
REMI CARTIER
B.O.S.S. (Business & Operation Support Systems) P.O (Product Owner)
IMETRIK GLOBAL INC.
T : +1 514 448-6407 x2009<tel:514%20448-6407%20x2009>
T : +1 866 276-5382<tel:866%20276-5382> (toll free)
F : +1 514 904-0611<tel:514%20904-0611>
740 Notre Dame St. West, Suite 1575
Montreal, Quebec, Canada H3C 3X6
imetrik.com<http://www.imetrik.com/>
_______________________________________________
keycloak-dev mailing list
keycloak-dev at lists.jboss.org<mailto:keycloak-dev at lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-dev
_______________________________________________
keycloak-dev mailing list
keycloak-dev at lists.jboss.org<mailto:keycloak-dev at lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20150930/8ee92ee1/attachment.html
More information about the keycloak-dev
mailing list