[keycloak-user] (UMA) How is it possible to approve pending request via REST API calls

Rivat Olivier orivat at janua.fr
Thu Jul 4 14:18:25 EDT 2019 

Hi,

Just found the answer:

To approve a pending request

  curl -v -X PUT 
http://localhost:8180/auth/realms/photoz/authz/protection/permission/ticket 
-H 'Authorization: Bearer '$access_token_alice -H 'Content-Type: 
application/json' -d '{
     "id": "5c067c34-129a-4d1e-8911-4591ed29962c",
     "owner": "11f3314e-f1c6-40a9-912b-d6f9d0c5a177",
     "resource": "dee953ef-1df8-4787-9d32-ce4e407da010",
     "scope": "0dc735d5-1ecc-466d-ba9e-e59f8ad563e4",
     "granted": true,
     "requester": "dceb398e-9f68-4077-8073-ca53137cccb3"
   }'


TO revoke an approval

  curl -v -X PUT 
http://localhost:8180/auth/realms/photoz/authz/protection/permission/ticket 
-H 'Authorization: Bearer '$access_token_alice -H 'Content-Type: 
application/json' -d '{
     "id": "5c067c34-129a-4d1e-8911-4591ed29962c",
     "owner": "11f3314e-f1c6-40a9-912b-d6f9d0c5a177",
     "resource": "dee953ef-1df8-4787-9d32-ce4e407da010",
     "scope": "0dc735d5-1ecc-466d-ba9e-e59f8ad563e4",
     "granted": false,
     "requester": "dceb398e-9f68-4077-8073-ca53137cccb3"
   }' -v


It works great now !!!

Regards,

Olivier





Le 04/07/2019 à 19:46, Rivat Olivier a écrit :
> Hi,
>
> I am playing with auth_uma_photoz example.
>
> 1. I have created some album resources for alice (album a5).
> 2. Jdoe has made a request to access to alice album
>
> 3. Through Rest API calls, I can see that there is a pending request 
> on a5 resource owned by alice
>
>
>
> access_token_alice=$(curl -d "client_id=photoz-restful-api" -d 
> "client_secret=secret"  -d "username=alice" -d "password=alice" -d 
> "grant_type=password" 
> http://localhost:8180/auth/realms/photoz/protocol/openid-connect/token 
> | jq -r .access_token)
>
>
>  curl 
> http://localhost:8180/auth/realms/photoz/authz/protection/permission/ticket?owner=alice 
> -H 'Authorization: Bearer '$access_token_alice | jq
>   % Total    % Received % Xferd  Average Speed   Time    Time Time  
> Current
>                                  Dload  Upload   Total   Spent Left  
> Speed
> 100   258  100   258    0     0  86000      0 --:--:-- --:--:-- 
> --:--:-- 86000
> [
>   {
>     "id": "29505d42-da8d-46f5-afe2-f90e35845192",
>     "owner": "11f3314e-f1c6-40a9-912b-d6f9d0c5a177",
>     "resource": "dee953ef-1df8-4787-9d32-ce4e407da010",
>     "scope": "0dc735d5-1ecc-466d-ba9e-e59f8ad563e4",
>     "granted": false,
>     "requester": "dceb398e-9f68-4077-8073-ca53137cccb3"
>   }
> ]
>
>
> So my question:
> What should be the command syntax to approve this request from Jdoe 
> (I.e set "granted":true) using teh REST API.
> I have made several trials, quite unsuccessful, and haven't found any 
> hint in the keycloak doc.
>
> Regards,
> Olivier
>

More information about the keycloak-user mailing list