[keycloak-user] issue on user registration

daniele.capasso at dnshosting.it daniele.capasso at dnshosting.it
Mon Mar 21 09:41:07 EDT 2016


I do not understand how to set up a role , I insert a new user , I call 
this function without errors , but does not assign the role keycloak

public void addRoleToUser(String idKeycloak, String clientRole){
		UserRepresentation user= getUserRepresentation(idKeycloak);
		Map<String, List<String>> roles =user.getClientRoles();
		List<String> rolesInClient=new ArrayList<String>();
		if (roles!=null)
			rolesInClient = roles.get(getKeycloakCurrentClient());
		else
			roles = new HashMap<String, List<String>>();
		rolesInClient.add(clientRole);
		roles.put(getKeycloakCurrentClient(), rolesInClient);
		user.setClientRoles(roles);
		UserResource userResource = getUserResource(idKeycloak);
		userResource.update(user);
	}

Il 2016-03-18 12:58 Stian Thorgersen ha scritto:
> Creating a user through admin rest is 3 requests. Create user, update
> credentials, assign roles. Not very elegant that's true and we will
> improve it eventually.
> On 17 Mar 2016 19:24, "Lohitha Chiranjeewa" <kalc04 at gmail.com> wrote:
> 
>> As far as I know, you have to trigger the Assign Client Role
>> 
> (http://keycloak.github.io/docs/rest-api/index.html#_add_client_level_roles_to_the_user_role_mapping
>> [2]) endpoint to achieve that. Although the payload allows you to
>> supply roles to the Create User endpoint, it doesn't assign any
>> roles underneath. This has been the behavior for a long time.
>> 
>> Regards,
>> Lohitha.
>> 
>> On Thu, Mar 17, 2016 at 7:47 PM, <daniele.capasso at dnshosting.it>
>> wrote:
>> 
>>> Hi, i want to register a user via keycloak admin client.
>>> 
>>> This is the source, it works except for the role, what i wrong?
>>> 
>>> CredentialRepresentation credential = new
>>> CredentialRepresentation();
>>> credential.setType(CredentialRepresentation.PASSWORD);
>>> credential.setValue(model.getPassword());
>>> credential.setTemporary(false);
>>> 
>>> UserRepresentation userRepresentation = new UserRepresentation();
>>> userRepresentation.setEmail(model.getEmail());
>>> userRepresentation.setFirstName(model.getName());
>>> userRepresentation.setLastName(model.getSurname());
>>> userRepresentation.setUsername(model.getEmail());
>>> userRepresentation.setCredentials(Arrays.asList(credential));
>>> userRepresentation.setEnabled(true);
>>> userRepresentation.setClientRoles(new HashMap<String,
>>> List<String>>(){{
>>> 
>>> 
>> 
> put(kcApi.getKeycloakCurrentClient(),Arrays.asList("ROLE_USER_HOST"));
>>> }});
>>> 
>>> Response resp = kcApi.createUser(userRepresentation);
>>> 
>>> thank you
>>> _______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-user [1]
>> 
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user [1]
> 
> 
> Links:
> ------
> [1] https://lists.jboss.org/mailman/listinfo/keycloak-user
> [2]
> http://keycloak.github.io/docs/rest-api/index.html#_add_client_level_roles_to_the_user_role_mapping



More information about the keycloak-user mailing list