[keycloak-user] How to migrate users and roles from in-house storage

Paulo Pires pires at littlebits.cc
Thu Jul 21 03:47:11 EDT 2016 

Thank you Bruno, I haven't been able to verify your code but I assume
you're sharing it because it works.

It seems pretty trivial, awesome!

Cheers,
Pires

On Wed, Jul 20, 2016 at 9:30 PM Bruno Oliveira <bruno at abstractj.org> wrote:

> Note sure if it helps, but an example about how to do it
> programatically is here[1].
>
> I just adapted from the admin-client[2].
>
>
> [1] - https://gist.github.com/abstractj/78b127e8c9273cdcea6eb82a1cfc153c
> [2] -
> https://github.com/keycloak/keycloak/tree/master/examples/admin-client
>
> On 2016-07-20, Paulo Pires wrote:
> > I did check the admin-cli JAR but it's not clear how to add roles and
> > users, or if it's even implemented (I did check the REST API and there's
> > endpoints for that).
> >
> > Thank you very much for clarifying,
> > Pires
> >
> > On Wed, Jul 20, 2016 at 2:52 PM Stian Thorgersen <sthorger at redhat.com>
> > wrote:
> >
> > > Yep, take a look at
> > >
> https://keycloak.gitbooks.io/server-developer-guide/content/topics/admin-rest-api.html
> > >
> > > On 20 July 2016 at 15:33, Paulo Pires <pires at littlebits.cc> wrote:
> > >
> > >> More than 150k. Is there a Java library for the REST api?
> > >>
> > >> On Jul 20, 2016 13:56, "Stian Thorgersen" <sthorger at redhat.com>
> wrote:
> > >>
> > >>> Depending on the amount of users I'd use either partial import
> through
> > >>> the admin console (if you don't have more than a thousand or so
> users) or
> > >>> use the admin REST endpoints if you have quite a lot of users.
> > >>>
> > >>> On 20 July 2016 at 11:52, Paulo Pires <pires at littlebits.cc> wrote:
> > >>>
> > >>>> Hi all,
> > >>>>
> > >>>> I'm in the process of migrating from an in-house user-role storage
> to
> > >>>> Keycloak and I'm looking for programmatic (Java) ways to migrate all
> > >>>> current users to the new storage. And I need your help to figure
> out the
> > >>>> best approach.
> > >>>>
> > >>>> At first, when reading KC documentation, I believed I could easily
> > >>>> achieve this by implementing a User Federation provider but after
> diving a
> > >>>> little more into it, and looking for examples, I can't see a way to
> migrate
> > >>>> all users on-demand but simply one user at a time, possible during
> log-in.
> > >>>>
> > >>>> Next, I tried and look into ways, such as admin-cli, REST, etc but
> > >>>> nothing strikes me as the solution to use.
> > >>>>
> > >>>> Here's what I was hoping to deliver:
> > >>>> * Get all roles and users from my soon-to-be deprecated storage,
> e.g.
> > >>>> MySQL tables
> > >>>> * Add roles to KC
> > >>>> * Iterate users and add user to KC + map roles + update password
> hashes
> > >>>> (here I know I need to implement a HashProvider)
> > >>>>
> > >>>> Any hints will be appreciated!
> > >>>>
> > >>>> Pires
> > >>>>
> > >>>> _______________________________________________
> > >>>> keycloak-user mailing list
> > >>>> keycloak-user at lists.jboss.org
> > >>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
> > >>>>
> > >>>
> > >>>
> > >
>
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
> --
>
> abstractj
> PGP: 0x84DC9914
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160721/491cfc89/attachment.html

More information about the keycloak-user mailing list