[keycloak-dev] Getting client secret in rest

Marko Strukelj mstrukel at redhat.com
Thu Jan 5 11:02:31 EST 2017


Admin REST endpoints purposefully hide any passwords. There is an exception
for client secret - there is an endpoint that will return it to you - the
one used to get a keycloak adapter configuration for a client:

realms/REALM_NAME/clients/ID/installation/providers/keycloak-oidc-keycloak-json

Try:

keyCloakClient.realm(realmName).clients()
.get(ID_OF_CLIENT).getInstallationProvider("keycloak-oidc-keycloak-json");


On Thu, Jan 5, 2017 at 4:06 PM, Dekel Aslan <dekela at perfectomobile.com>
wrote:

> Hello,
> I'm using the Keycloak class and invoking this line:
> String secret = keyCloakClient.realm(realmName).clients().findAll()
> .get(0).getSecret();
> (get(0) gets the client I need)
> but it's always null. For getClientAuthenticatorType() it returns
> "client-secret" as it should, and the UI has the secret in it's credentials
> tab.
>
> Please advise on how to get the client secret via the object.
>
> Thanks,
> Dekel.
>
> The information contained in this message is proprietary to the sender,
> protected from disclosure, and may be privileged. The information is
> intended to be conveyed only to the designated recipient(s) of the message.
> If the reader of this message is not the intended recipient, you are hereby
> notified that any dissemination, use, distribution or copying of this
> communication is strictly prohibited and may be unlawful. If you have
> received this communication in error, please notify us immediately by
> replying to the message and deleting it from your computer. Thank you.
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>


More information about the keycloak-dev mailing list