[keycloak-user] role-mappings.

[Martin Kanis]

Hi,

first of all the last part of your path should be client's id not name.
This might be sometimes confusing. Here is the example of valid path:

http://localhost:8080/auth/admin/realms/master/users/be1b9781-336a-4e60-9694-c5be74eac7b3/role-mappings/clients/c9cb881f-4e21-4e4b-8de1-f39897088b61
"

Second you have to provide a valid authorization to your request. For
example using a bearer token.

curl -X GET -H "Content-Type:application/json" -H "Authorization: Bearer
<here_provide_valid_access_token>" "correct/path/from/above".

To obtain an access token using the grant_type password (there are other
alternatives as well) you can use:

curl -X POST --data
"grant_type=password&client_id=admin-cli&username=admin&password=admin" -H
"Content-Type: application/x-www-form-urlencoded" "
http://localhost:8080/auth/realms/master/protocol/openid-connect/token"

Hope this helps,

Martin



On Tue, Feb 26, 2019 at 11:15 AM Vaclav Havlik <Johny.Dee at seznam.cz> wrote:

> Hello,
> can I ask you again?
>
> I would like do assign some specific roles (view-realm, manage-users) on
> the
> client realm-management to a user .
>
> Via REST API, I cannot, however, even display the role-mappings by doing
> HTTP GET on
> /auth/admin/realms/xxx/users/4c0f445a-53e9-45c2-a9c9-a8ac69bb5b48/role-
> mappings/clients/realm-management
>
> (Gives HTTP 404, xxx is my realm).
>
> But, if I take my own client, whose name is web_app, then the request
> /auth/admin/realms/xxx/users/4c0f445a-53e9-45c2-a9c9-a8ac69bb5b48/role-
> mappings/clients/web_app
>
> works (HTTP 200), giving empty array.
>
> When doing this, I follow instructions on
> https://www.keycloak.org/docs-api/4.0/rest-api/index.html#_client_role_
> mappings_resource
>
> Can you tell me, what the problem is?
> Thank you, Venca.
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>