[keycloak-user] Can't set password when registering a user

Alex Berg chexxor at gmail.com
Fri May 12 12:09:59 EDT 2017


I do something like that, and it works for me.

The content of my XHR is JSON of this:

              { credentials : [
                { type: "password"
                , temporary: false
                , value: regBody.password
                }
              ]
              , email: regBody.email
              , username: regBody.email
              , emailVerified: false
              , enabled: true
              , requiredActions: [ "VERIFY_EMAIL" ]
              }

The created user's ID is available on the "location" response header.

On Fri, May 12, 2017 at 2:27 AM, Scott Finlay <scott.finlay at sixt.com> wrote:

> Hi,
>
> According to the Keycloak admin API documentation:
> http://www.keycloak.org/docs-api/2.5/rest-api/index.html#_
> create_a_new_user
> -> http://www.keycloak.org/docs-api/2.5/rest-api/index.html#_
> userrepresentation
> -> http://www.keycloak.org/docs-api/2.5/rest-api/index.html#_
> credentialrepresentation
>
> We should be able to provide credentials when creating a new user, but
> when I provide credentials it doesn't seem to set the password for the new
> user. Here is what my request looks like:
>
> POST /auth/admin/realms/myrealm/users/
> {"enabled":true,"username":"blah at blop.com","email":"blah at blop.com
> ","firstName":"Blah","lastName":"Blop","attributes":{"userId":["1234"]},"
> credentials":[{"type":"password","temporary":false,"
> value":"secr$tP4ssword"}]}
>
> Just as an experiment, I tried passing a single "credential" instead of an
> array of credentials and I got this error back:
>
> internal server error;KeyCloak HTTP Error Response [400]:
> com.fasterxml.jackson.databind.JsonMappingException: Can not deserialize
> instance of java.util.ArrayList out of START_OBJECT token at [Source:
> io.undertow.servlet.spec.ServletInputStreamImpl at 264472bc; line: 1,
> column: 156] (through reference chain: org.keycloak.representations.
> idm.UserRepresentation["credentials"])
>
> So clearly Keycloak is actually parsing this field. Am I doing something
> wrong with this request or is the documentation wrong?
>
> Right now what we've been doing to get around this is registering the user
> and then doing a reset password request after, but this makes the request
> to our service take twice as long. It would be great if we could reduce
> this to a single request.
>
> Regards,
> Scott
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>


More information about the keycloak-user mailing list