[keycloak-dev] Client Registration CLI is awesome!!

Thomas Darimont thomas.darimont at googlemail.com
Wed Oct 19 03:16:34 EDT 2016 

Hello,

ah great - I guess one could take the json from a fully configured client
as an example.

I used the following curl sequence get the client representation of an
existing client:


KC_REALM=dev
KC_USERNAME=realm-admin
KC_PASSWORD=test
KC_CLIENT=admin-client
KC_CLIENT_SECRET=1f3d9b89-de75-4356-abe8-fab815cf9ce4
KC_SERVER=https://test-sso
KC_CONTEXT=auth
CURL_OPTS="-k -v --noproxy 192.168.99.1"

# Request Tokens for credentials
KC_RESPONSE=$( \
   curl $CURL_OPTS -X POST \
        -H "Content-Type: application/x-www-form-urlencoded" \
        -d "username=$KC_USERNAME" \
        -d "password=$KC_PASSWORD" \
        -d 'grant_type=password' \
        -d "client_id=$KC_CLIENT" \
        -d "client_secret=$KC_CLIENT_SECRET" \

"$KC_SERVER/$KC_CONTEXT/realms/$KC_REALM/protocol/openid-connect/token" \
    | jq .
)

KC_ACCESS_TOKEN=$(echo $KC_RESPONSE| jq -r .access_token)

CLIENT_CLIENTID=myapp

curl -v \
       -k \
       -H "Authorization: Bearer $KC_ACCESS_TOKEN" \

$KC_SERVER/$KC_CONTEXT/realms/eurodata-dev/clients-registrations/default/$CLIENT_CLIENTID
\
      | jq .

Cheers,
Thomas

2016-10-19 7:14 GMT+02:00 Stian Thorgersen <sthorger at redhat.com>:

> It actually supports Keycloak client rep (same as used by admin console),
> OIDC client representations (https://openid.net/specs/
> openid-connect-registration-1_0.html#ClientMetadata) as well as SAML
> entity descriptors.
>
> For Keycloak client rep you can use "kcreg.sh attrs" to see the supported
> options.
>
> You can even do:
>
> kcreg.sh create -s clientId=test -s redirectUris='["http://localhost","
> http://localhost:8080"]'
>
> On 19 October 2016 at 07:11, Thomas Darimont <thomas.darimont at googlemail.
> com> wrote:
>
>> Cool stuff!
>>
>> Is there a template for client.json?
>>
>> Cheers,
>> Thomas
>>
>> Am 19.10.2016 7:09 vorm. schrieb "Stian Thorgersen" <sthorger at redhat.com
>> >:
>>
>>> Marko,
>>>
>>> I've just been playing with the client registration cli and it's just
>>> plain
>>> awesome.
>>>
>>> This:
>>> # kcreg.sh create myclient.json
>>>
>>> Is so much better than:
>>> # Open admin console
>>> # Login
>>> # Click clients
>>> # Click create
>>> # Click import file
>>> # Click save
>>>
>>> Nice work :)
>>> _______________________________________________
>>> keycloak-dev mailing list
>>> keycloak-dev at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>>
>>
>

More information about the keycloak-dev mailing list