[keycloak-user] clientSecret passing upon Client creation

Adam Lis adam.lis at gmail.com
Tue Jun 20 08:24:38 EDT 2017


Hi!

I've tried to search for this information in documentation, but not
succeeded.

Let's assume I'm using keycloak docker container.

Inside running instance I'm willing to add new Client like this:

/opt/jboss/keycloak/bin/kcadm.sh create clients -r REALM_NAME -f
FILE_CONTAINING_DEFINITION.json -i

So I'm getting actual contents of JSON file for example by exporting
existing Client (since I see no example in documentation as well)

But in the export software is not setting 'secret' value in case
'clientAuthenticatorType' is set to 'client-secret'.

I've anyway tried to add 'secret' field to JSON and it has been accepted by
Keycloak - so Keycloak has created Client with ClientSecret value passed by
JSON file in field named 'secret'.

My question and concern is: does this functionality (setting desired
ClientSecret on Client creation from JSON) work intended way? Can I base my
whole Realm/Client creation solution on that functionality?

A little background: I'm willing to run Keycloak deployment with docker
container as part of configuration management - so I'm storing Realm and
Client data in outside storage and I'm willing to pass these configuration
pieces into newly started Keycloak inside docker container.

Thanks;
AdamLis;


More information about the keycloak-user mailing list