[keycloak-user] direct grant access with Resource Owner Password Credentials

Ken Kong Ken.Kong at invenco.com
Tue Nov 17 21:38:16 EST 2015


Thanks! The required "update password" was the reason causing the
"account is not fully setup" error.	 
Problem solved after the password has changed.


Regards,
kk

-----Original Message-----
From: keycloak-user-bounces at lists.jboss.org
[mailto:keycloak-user-bounces at lists.jboss.org] On Behalf Of Bill Burke
Sent: Wednesday, 18 November 2015 2:54 p.m.
To: keycloak-user at lists.jboss.org
Subject: Re: [keycloak-user] direct grant access with Resource Owner
Password Credentials

  error=resolve_required_actions

You can't invoke direct grant if there are unresovled required actions
(reset password, verify email, etc.)

On 11/17/2015 7:33 PM, Ken Kong wrote:
> I have setup the realms, the client and the users.
>
> When I posted the request to
> /auth/realms/{clientid}/protocol/openid-connect/token with client Id, 
> username, password and grant_type by SoapUI, I received error
>
> {
>
>     "error_description": "Account is not fully set up",
>
>     "error": "invalid_grant"
>
> }
>
> The keycloak server is running on EAP-6.4.0
>
> Below is the server stack trace
>
> 12:54:47,234 WARN  [org.keycloak.events] (http-/127.0.0.1:8180-6) 
> type=LOGIN_ERROR, realmId=master, clientId=security-admin-console, 
> userId=null, ipAddress=127.0.0.1, error=resolve_required_actions, 
> auth_method=openid-connect, response_type=token, 
> client_auth_method=client-secret, username=kenk
>
> 12:54:47,235 ERROR [org.jboss.resteasy.resteasy_jaxrs.i18n]
> (http-/127.0.0.1:8180-6) RESTEASY000105: Failed to execute:
> org.keycloak.services.ErrorResponseException
>
>          at
> org.keycloak.protocol.oidc.endpoints.TokenEndpoint.buildResourceOwnerP
> asswordCredentialsGrant(TokenEndpoint.java:363)
> [keycloak-services-1.6.1.Final.jar:1.6.1.Final]
>
>          at
> org.keycloak.protocol.oidc.endpoints.TokenEndpoint.build(TokenEndpoint
> .java:110) [keycloak-services-1.6.1.Final.jar:1.6.1.Final]
>
>          at sun.reflect.GeneratedMethodAccessor221.invoke(Unknown
> Source) [:1.8.0_45]
>
>          at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccess
> orImpl.java:43)
> [rt.jar:1.8.0_45]
>
>          at java.lang.reflect.Method.invoke(Method.java:497)
> [rt.jar:1.8.0_45]
>
>         at
> org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.j
> ava:168) [resteasy-jaxrs-2.3.10.Final-redhat-1.jar:]
>
>          at
> org.jboss.resteasy.core.ResourceMethod.invokeOnTarget(ResourceMethod.j
> ava:269) [resteasy-jaxrs-2.3.10.Final-redhat-1.jar:]
>
>          at
> org.jboss.resteasy.core.ResourceMethod.invoke(ResourceMethod.java:227)
> [resteasy-jaxrs-2.3.10.Final-redhat-1.jar:]
>
>          at
> org.jboss.resteasy.core.ResourceLocator.invokeOnTargetObject(ResourceL
> ocator.java:158) [resteasy-jaxrs-2.3.10.Final-redhat-1.jar:]
>
>          at
> org.jboss.resteasy.core.ResourceLocator.invoke(ResourceLocator.java:10
> 6) [resteasy-jaxrs-2.3.10.Final-redhat-1.jar:]
>
>          at
> org.jboss.resteasy.core.ResourceLocator.invokeOnTargetObject(ResourceL
> ocator.java:153) [resteasy-jaxrs-2.3.10.Final-redhat-1.jar:]
>
>          at
> org.jboss.resteasy.core.ResourceLocator.invoke(ResourceLocator.java:91
> ) [resteasy-jaxrs-2.3.10.Final-redhat-1.jar:]
>
>          at
> org.jboss.resteasy.core.SynchronousDispatcher.getResponse(SynchronousD
> ispatcher.java:541) [resteasy-jaxrs-2.3.10.Final-redhat-1.jar:]
>
>          at
> org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispat
> cher.java:523) [resteasy-jaxrs-2.3.10.Final-redhat-1.jar:]
>
>          at
> org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispat
> cher.java:125) [resteasy-jaxrs-2.3.10.Final-redhat-1.jar:]
>
>          at
> org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.s
> ervice(ServletContainerDispatcher.java:208)
> [resteasy-jaxrs-2.3.10.Final-redhat-1.jar:]
>
>          at
> org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.servic
> e(HttpServletDispatcher.java:55) 
> [resteasy-jaxrs-2.3.10.Final-redhat-1.jar:]
>
>          at
> org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.servic
> e(HttpServletDispatcher.java:50) 
> [resteasy-jaxrs-2.3.10.Final-redhat-1.jar:]
>
>          at 
> javax.servlet.http.HttpServlet.service(HttpServlet.java:847)
> [jboss-servlet-api_3.0_spec-1.0.2.Final-redhat-2.jar:1.0.2.Final-redha
> t-2]
>
>          at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appli
> cationFilterChain.java:295) 
> [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
>
>          at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFi
> lterChain.java:214) 
> [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
>
>          at
> org.keycloak.services.filters.KeycloakSessionServletFilter.doFilter(Ke
> ycloakSessionServletFilter.java:61)
> [keycloak-services-1.6.1.Final.jar:1.6.1.Final]
>
>          at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appli
> cationFilterChain.java:246) 
> [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
>
>          at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFi
> lterChain.java:214) 
> [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
>
>          at
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperVa
> lve.java:231) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
>
>          at
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextVa
> lve.java:149) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
>
>          at
> org.jboss.as.web.security.SecurityContextAssociationValve.invoke(Secur
> ityContextAssociationValve.java:169)
> [jboss-as-web-7.5.0.Final-redhat-21.jar:7.5.0.Final-redhat-21]
>
>         at
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.ja
> va:150) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
>
>          at
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.ja
> va:97) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
>
>          at
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValv
> e.java:102) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
>
>          at
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java
> :344) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
>
>          at
> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:
> 854) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
>
>          at
> org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.proces
> s(Http11Protocol.java:653) 
> [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
>
>          at
> org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:926
> ) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
>
>          at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_45]
>
> Regards,
>
> KK
>
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>

--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
_______________________________________________
keycloak-user mailing list
keycloak-user at lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user



More information about the keycloak-user mailing list