[keycloak-user] Multiple calls required to create a user

Tom Pearson tpearson at bkool.com
Tue Aug 9 05:56:12 EDT 2016


Hi,

I'm creating a new user through the admin API. In order to do this I have
to make 3 separate calls (createUser
<http://www.keycloak.org/docs/rest-api/index.html#_create_a_new_user>,
resetPassword
<http://www.keycloak.org/docs/rest-api/index.html#_set_up_a_temporary_password_for_the_user>
 and addRealmLevelRoles
<http://www.keycloak.org/docs/rest-api/index.html#_add_realm_level_role_mappings_to_the_user_2>)
as the credentials and realm roles in the UserRepresentation
<http://www.keycloak.org/docs/rest-api/index.html#_userrepresentation> are
ignored. I then have to make another call to getEffectiveRealmLevelRoles
<http://www.keycloak.org/docs/rest-api/index.html#_get_effective_realm_level_role_mappings_2>
as
the getUser
<http://www.keycloak.org/docs/rest-api/index.html#_get_represenation_of_the_user>
method
doesn't return the roles. If I were to require the client level roles this
would be 6 calls to create and return the user.

Is there a reason as to why this is the case?

As an aside, in the docs the reset password method is called "Set up a
temporary password for the user" but in my experience the password is never
temporary regardless of the value of the temporary flag.

Kind regards,
Tom
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160809/c3bd1d89/attachment.html 


More information about the keycloak-user mailing list