[keycloak-user] assign client roles to a user using keycloak rest API

Dimitris Charlaftis dharlaftis at ekt.gr
Tue Feb 5 03:46:41 EST 2019 

Ηello,

thank you for the reply.

In [2], in the call

POST /{realm}/groups/{id}/role-mappings/clients/{client}
there is no reference to the username, so The API cannot understand which user we are referring to.

I want to assign a client role to a specific user, but it seems that this call you sent me refers to adding roles per client application.

Please, can you help?
Regards,
Dimitris

On 2/5/2019 1:27 AM, Dmitry Telegin wrote:
> Hello Dimitris,
>
> You should use another call to a role-mappers endpoint, see [1] and [2].
>
> [1] https://www.keycloak.org/docs-api/4.8/rest-api/index.html#_role_mapper_resource
> [2] https://www.keycloak.org/docs-api/4.8/rest-api/index.html#_client_role_mappings_resource
>
> Cheers,
> Dmitry Telegin
> CTO, Acutus s.r.o.
> Keycloak Consulting and Training
>
> Pod lipami street 339/52, 130 00 Prague 3, Czech Republic
> +42 (022) 888-30-71
> E-mail: info at acutus.pro
>
> On Mon, 2019-02-04 at 11:39 +0200, Dimitris Charlaftis wrote:
>> Hello,
>>
>> I want to assign a client role to a specfic user using keycloak rest API.
>>
>>   From the documentaion, i tried this:
>>
>> I have a realm called internal_applications and a client under this
>> realm called test_app. In this client (test_app), I have manually
>> created some client roles, i.e. administrator.
>>
>>
>> Then, I hit the server with postman
>>
>> HTTP POST http://<keycloak-server-url>/auth/admin/realms/<realm-name>/users
>>
>> BODY:
>>
>> {
>>> "username": "jim at ka.gr <http://ka.gr/>",
>> "firstName": "Jim",
>> "lastName": "Sanders",
>>> "email": "jim at ka.gr <http://ka.gr/>",
>> "clientRoles": {
>> "test_app": ["administrator"]
>> }
>>
>> }
>>
>>> This http call adds the user jim at ka.gr to keycloak, but DOES NOT ASSIGN
>> the already existing client role administrator to him.
>>
>> How can I do this?
>>
>> Please, help...
>>
>> Dimitris
>>
>>
-- 
_____________________________

Dimitris Charlaftis
Software Engineer

National Documentation Center
email: dharlaftis at ekt.gr
_____________________________



---
This email has been checked for viruses by AVG.
https://www.avg.com

More information about the keycloak-user mailing list