keycloak管理员cli无法验证

Question

I am new to keycloak. I have been following the admin cli guide to automate realm creation ( inside a dockerfile ). The kcadm call to create realm is failing with authentication error - " HTTP error - 401 Unauthorized ".

These are the 3 lines which I am trying to execute and the exception is thrown at the last line -

i) $JBOSS_HOME/bin/add-user-keycloak.sh -r master -u uadmin -p ${UADMIN_PWD}

( started the keycloak server after this )

ii) $JBOSS_HOME/bin/kcadm.sh config credentials --server http://localhost:8080/auth --realm master -user uadmin --password ${UADMIN_PWD}

iii) $JBOSS_HOME/bin/kcadm.sh create realms -s realm=myrealm -s enabled=true

Top of the stack is here -

04:53:48,721 ERROR [org.jboss.resteasy.resteasy_jaxrs.i18n] (default task-1) RESTEASY002005: 
Failed executing POST /admin/realms:org.jboss.resteasy.spi.UnauthorizedException: Bearer
at org.keycloak.services.resources.admin.AdminRoot.authenticateRealmAdminRequest(AdminRoot.java:160)
    at org.keycloak.services.resources.admin.AdminRoot.getRealmsAdmin(AdminRoot.java:209)

I inspected the $HOME/.keycloak/kcadm.config file and the content is as below -

$ cat kcadm.config
{
  "serverUrl" : "http://localhost:8080/auth",
  "realm" : "master",
  "endpoints" : { }
}

There is no authentication token , which I could see there.

( One more observation, the "config credentials" command does not throw any exception if an invalid credential is passed. It would be helpful if there is an exception thrown. )

Any pointers for what am I doing wrong here, for the authentication issue during realm creation ?

Answer 1

Actually there was a typo error in the command --

"ii) $JBOSS_HOME/bin/kcadm.sh config credentials --server http://localhost:8080/auth --realm master -user uadmin --password ${UADMIN_PWD} "

The user parameter was "-user" , which should have been "--user"