[keycloak-user] How to migrate all users from one realm to another on the same instance of Keycloak

Niko Köbler niko at n-k.de
Wed Oct 16 08:36:39 EDT 2019

I haven't tested it lately, but I think in the JSON export, there are also the hashed passwords.
So this would be an option?
User export/import doesn't work from the admin UI, only from command-line when starting the server.

Going the DB way, I think there are a few more statements to execute than just updating the realm of an user ;)
But I don't know the necessary steps, I also would have to figure it out.

- Niko

> Am 15.10.2019 um 18:06 schrieb Benjamin Huskic <benjamin.huskic at thequalitygate.com>:
> Hi Niko,
> Thank you for you response.
> I have tried the dirty variant with the db operations. Simple change of the realm in the table user_entity did not help, but that would have been to easy.
> I do need all password too.
> Long story short the end user should not realize they have been moved to a new realm in the backend.
> But as I interpret your repose with the "change password" there is no option of migration users to another realm.
> I will try the API part .
> Thanks a lot.
> Cheers,
> Ben
> -----Original Message-----
> From: Niko Köbler <niko at n-k.de>
> Sent: Tuesday, 15 October 2019 19:41
> To: Benjamin Huskic <benjamin.huskic at thequalitygate.com>
> Cc: keycloak-user at lists.jboss.org
> Subject: Re: [keycloak-user] How to migrate all users from one realm to another on the same instance of Keycloak
> Hi Ben,
> have you already tried to use the JSON Export/Import for users?
> Or - a very dirty hack - some direct database operations!?
> Do you need to port all the passwords, too?
> If not, you could write a program using the admin api to read all the users from realm A and create them in realm B (not the fastest approach) and send a "change password" mail to all of them.
> Cheers,
> - Niko
>> Am 14.10.2019 um 10:31 schrieb Benjamin Huskic <benjamin.huskic at thequalitygate.com>:
>> Hello everybody,
>> I have created a couple of realms for development in our environment. Now we need to move/copy all created users from UAT to UAT2.
>> A simple task, as I assumed, but I am now struggling for a couple of hours to find a solution on the web. Can someone give me a hint how this is done?
>> Thank you in advance
>> Kind regards,
>> Benjamin
>> [cid:image001.png at 01D4D841.19FC8380]
>> Benjamin Huskić
>> Founder & Solution Director
>> mobile: +971-5444-9-4664
>> email: benjamin.huskic at thequalitygate.com<mailto:benjamin.huskic at thequalitygate.com>
>> web: http://www.thequalitygate.com<http://www.thequalitygate.com/>
>> <image001.png>_______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
Url : http://lists.jboss.org/pipermail/keycloak-user/attachments/20191016/0ac97be1/attachment.bin 

More information about the keycloak-user mailing list