[keycloak-user] How to migrate users and roles from in-house storage

[Paulo Pires]

Hi all,

I'm in the process of migrating from an in-house user-role storage to
Keycloak and I'm looking for programmatic (Java) ways to migrate all
current users to the new storage. And I need your help to figure out the
best approach.

At first, when reading KC documentation, I believed I could easily achieve
this by implementing a User Federation provider but after diving a little
more into it, and looking for examples, I can't see a way to migrate all
users on-demand but simply one user at a time, possible during log-in.

Next, I tried and look into ways, such as admin-cli, REST, etc but nothing
strikes me as the solution to use.

Here's what I was hoping to deliver:
* Get all roles and users from my soon-to-be deprecated storage, e.g. MySQL
tables
* Add roles to KC
* Iterate users and add user to KC + map roles + update password hashes
(here I know I need to implement a HashProvider)

Any hints will be appreciated!

Pires
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160720/30b26e04/attachment.html