[keycloak-user] REST API - Bearer Exception

Rodrigo Sasaki rodrigopsasaki at gmail.com
Tue Jun 10 16:14:14 EDT 2014


Yes it had them, but it didn't work.

When I tried generating the token with the client_id set to the
security-admin-console application it worked fine.

Is that the correct way to do this?


On Tue, Jun 10, 2014 at 4:26 PM, Bill Burke <bburke at redhat.com> wrote:

> Does rodrigosasaki have realm admin privileges?  The role is under
> applications->myrealm-management->realm-admin
>
> On 6/10/2014 3:02 PM, Rodrigo Sasaki wrote:
> > I'd like to manage users and roles, creating and updating them.
> >
> > I obtained a token like this:
> >
> > *POST /realms/myrealm/tokens/grants/access*
> > *
> > *
> > *username: rodrigosasaki*
> > *password: password*
> > *client_id: myclient*
> > *client_secret: generated_secret*
> >
> > and I got a token back, but then I tried accessing the roles of the
> > realm on this URL
> >
> > /admin/realms/myrealm/roles
> >
> > And it says I'm not authorized to access this, I'd like to know what
> > roles or configuration I should create to be able to manipulate this
> > information, just as I do on the admin-console
> >
> >
> > On Tue, Jun 10, 2014 at 10:16 AM, Stian Thorgersen <stian at redhat.com
> > <mailto:stian at redhat.com>> wrote:
> >
> >     To access the REST API you need to pass the token in the http
> >     headers. How to obtain the token in the first place depends on the
> >     type of the application you're trying to invoke the API from. Look
> >     at the docs/examples that corresponds to the type of your app
> >     (JavaScript, command-line, jax-rs, etc). You also need to make sure
> >     the application/client has scope mappings on the required roles.
> >
> >     ----- Original Message -----
> >      > From: "Rodrigo Sasaki" <rodrigopsasaki at gmail.com
> >     <mailto:rodrigopsasaki at gmail.com>>
> >      > To: keycloak-user at lists.jboss.org
> >     <mailto:keycloak-user at lists.jboss.org>
> >      > Sent: Monday, 9 June, 2014 12:59:41 PM
> >      > Subject: [keycloak-user] REST API - Bearer Exception
> >      >
> >      > Hi,
> >      >
> >      > I'm trying to work with the Keycloak REST API, I logged into the
> >      > administration console, and then tried accessing
> >     /auth/admin/realms and got
> >      > this exception:
> >      >
> >      > Failed executing GET /admin/realms:
> >      > org.jboss.resteasy.spi.UnauthorizedException: Bearer
> >      >
> >      > How should I build my request to be able to get a response? How
> >     should I
> >      > authenticate myself in this situation?
> >      >
> >      > --
> >      > Rodrigo Sasaki
> >      >
> >      > _______________________________________________
> >      > keycloak-user mailing list
> >      > keycloak-user at lists.jboss.org <mailto:
> keycloak-user at lists.jboss.org>
> >      > https://lists.jboss.org/mailman/listinfo/keycloak-user
> >
> >
> >
> >
> > --
> > Rodrigo Sasaki
> >
> >
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
> >
>
> --
> Bill Burke
> JBoss, a division of Red Hat
> http://bill.burkecentral.com
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>



-- 
Rodrigo Sasaki
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20140610/b517c6f8/attachment.html 


More information about the keycloak-user mailing list