[keycloak-user] REST API: Create User With Roles

Edem Morny emorny at gmail.com
Mon Aug 3 09:07:23 EDT 2015 

Hi Bill,

The adminClient.createUser is my modification of the code situated in
the AdminClient implementation of the "admin-access-app" in the
examples.

Could you point me in the direction of the API calls to do the addition
of the roles? I had a feeling it might be a subsequent step (like for
setting the password, which I actually implemented), but I'm struggling
to find any pointers as to how to do this particular one.


On Mon, 2015-08-03 at 08:36 -0400, Bill Burke wrote:

> Is adminClient.createUser(...) your own method?  There is a different 
> REST API for adding roles.
> 
> create the user
> then add the roles
> 
> On 8/3/2015 8:23 AM, Edem Morny wrote:
> > Hi,
> >
> > We're currently using Keycloak 1.2.0.Final.
> >
> > We are migrating users from an existing application with it's own user
> > management implementation to Keycloak, and have been making extensive
> > use of the Via the REST api to achieve this. I'm able to create a new
> > user, set their temporary password and so on. However, I'm finding that
> > all our attempts to add the roles to the created user seem not to be
> > taking effect when we observe the newly created user on the keycloak
> > side. Here's the code we are trying to use to do this
> >
> > 	    UserRepresentation user = new UserRepresentation();
> >              user.setUsername(username);
> >              user.setFirstName(employee.getFirstName());
> >              user.setLastName(employee.getLastName());
> >              user.setEmail(employee.getEmail());
> >              user.setEnabled(true);
> >              user.setEmailVerified(false);
> >              List<String> requiredActions = new ArrayList<>();
> >              requiredActions.add(UserModel.RequiredAction.UPDATE_PASSWORD.name());
> >              *List<String> userRoles = getMigrateRoles(employee);*
> > *             user.setRealmRoles(userRoles);*
> >              user.setRequiredActions(requiredActions);
> > 	    adminClient.createUser(settings.getKeycloackUrl(), settings.getRealm(), access, user);
> >
> > It seams setting the list of roles to the Realm Roles isn't enough to
> > the user with these roles. The user gets created alright, but doesn't
> > come with any roles. Is there any other means by which we can specify
> > the user roles during the process of account creation?
> >
> > The migration will be very tedious if we ask the administrators to
> > manually do the assignment of the user to their roles after our current
> > implementation of being able to automatically migrate the user accounts
> > themselves to keycloak.
> >
> >
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
> >
> 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20150803/aa15c801/attachment.html

More information about the keycloak-user mailing list