[keycloak-user] Change resource Ids
Pete Chown
pete_keycloak at chown.org.uk
Mon Oct 28 13:22:40 EDT 2019
Hi Corentin,
> Hi guys,
> I would like to change the IDs of all my Authorization resources (in order
> to match the Ids in my main database).
> What is the recommended way?
> I could write a script that go through them all with the REST API, delete,
> re-create...
> Or run some commands directly in the MySQL database? I'm not sure about its
> structure, though, and I will be afraid to break something.
I did something that sounds a bit similar, with the user IDs and a
Postgres database. I couldn't update the IDs directly because of
database constraints, so I created a database dump, edited it, then
restored it.
It was actually quite straightforward because Keycloak uses UUIDs as
user IDs rather than, for example, a numeric sequence. This means that
you can find the UUID you want to change, then just replace all
occurrences of it in the database dump. UUIDs are supposed to contain a
lot of random bits so you're extremely unlikely to get random false
matches (though of course I did look closely at what was actually
getting changed).
The restored database has been running for some time with no obvious bad
effects.
I'm not sure if the authorisation resources work in a similar way, but
perhaps they do, in which case you might be able to apply this technique
to your situation.
Pete
More information about the keycloak-user
mailing list