[keycloak-user] [Api][Configuration]Create user from API rest : 401 Unauthorized

Mon Jan 7 09:37:24 EST 2019

Hi,

I try the basics tutorial and multiple configuration from :
https://github.com/v-ladynev/keycloak-nodejs-example.

I can login into my clients with client_credentials without problems or
login into the admin account with admin-cli client but after i always have
a 401 Unauthorized.
I tried to list  (realms / users) , to create users , etc .....

It's how i intented to do it :

#!/bin/bash

## there are these needed properties:
export KEYCLOAK_ADMIN_USERNAME=admin
export KEYCLOAK_PASSWORD=password

## get admin TKN
echo "* Request for Admin authorization"
export TKN=$(curl -k -X POST
'https://my.keycloak.io/auth/realms/master/protocol/openid-connect/token'
\
-H "Content-Type: application/x-www-form-urlencoded"  \
-d "username=$KEYCLOAK_ADMIN_USERNAME"  \
-d "password=$KEYCLOAK_PASSWORD" \
-d 'grant_type=password'  -d 'client_id=admin-cli' | jq -r '.access_token')
echo $TKN;

realms=`curl -v https://my.keycloak.io/auth/admin/realms/ -H
"Content-Type: application/json" -H "Authorization: Bearer $TKN" | jq
-r ".[].realm"`
echo "* List Realms"
echo $realms

## create user - it won't take the password and IDP's into account
#curl -v -k -X POST 'https://my.keycloak.io/auth/admin/realms/master/users' \
#-H "Accept: application/json" \
#-H "Content-Type:application/json" \
#-H "Authorization: Bearer $TKN_CLIENT" -d '{"username" : "test",
"enabled": true, "email" : "test at test.com", "firstName": "John",
"lastName": "Doe", "realmRoles": [ "offline_access"  ] }' | jq .

## get user ID by username
#userId=$(curl -k -H "Authorization: Bearer $TKN"
'https://my.keycloak.io/auth/admin/realms/master/users' | jq -r '.[] |
select(.username=="admin") | .id')

thanks in advance for your advice.

On Mon, 7 Jan 2019 at 09:12, Gwenael Perier <gperier at gmail.com> wrote:

> Hi everybody,
>
> I tried to create a user from the rest API :
> I've got my token from my client :
>
> curl -X POST "
> https://mykeycloak.io/auth/realms/myrealkm/protocol/openid-connect/token"
> \
>  -H "Content-Type: application/x-www-form-urlencoded" \
>  -d "client_secret=xxxxxxxxxxxxxx" \
>  -d 'grant_type=client_credentials' \
>  -d 'client_id=myclient-openid'
>
> and i tried to create an user :
>
> curl -X POST
> 'https://mykeycloak.io/auth/admin/realms/site5.bayardev.com/users' -H
> 'Authorization: Bearer MYACCESSTOKEN" -H 'Content-Type: application/json'
> -d
> '{"username":"cjbarker5","enabled":true,"emailVerified":false,"firstName":"CJ","lastName":"Barker","credentials":{"type":"password","value":"newPas1*","temporary":false}}'
> -v
>
> And i get only :  HTTP/1.1 401 Unauthorized
>
> I tried to configure my client with roles (manage-users) Full Scope is
> Allowed.
>
> I don't know what to do for add the possibility to my client to add user
> in keycloak.
>
> Thanks for any advice.
>
>