[英]create user programmatically using keycloak admin client for a client that has acces-type public
I have just started using keycloak and seems to have hit a hurdle.我刚刚开始使用 keycloak,似乎遇到了障碍。 I am not able to create a user programmatically using the keycloak-admin-client for java.
我无法使用 java 的 keycloak-admin-client 以编程方式创建用户。 My keycloak server version is 8.0.0 and the library/jar version is also same.
我的 keycloak 服务器版本是 8.0.0,库/jar 版本也相同。 When I try to create a user my program just sits there keep waiting where as in logs i can see login error
当我尝试创建用户时,我的程序只是坐在那里等待,在日志中我可以看到登录错误
2019-12-03 20:10:19,842 WARN [org.keycloak.events] (default task-26) type=LOGIN_ERROR, realmId=root-admin, clientId=demo-app, userId=null, ipAddress=192.x.x.x, error=not_allowed, auth_method=oauth_credentials, grant_type=password, client_auth_method=client-secret
Keycloak keycloak = KeycloakBuilder.builder() //
.serverUrl("http://192.x.x.x:8080/auth") //
.realm("root-admin") //
.grantType(OAuth2Constants.PASSWORD) //
.clientId("demo-app")
.clientSecret("")////
.username("genghis khan") //
.password("1234") //
.build();
CredentialRepresentation credential = new CredentialRepresentation();
credential.setType(CredentialRepresentation.PASSWORD);
credential.setValue("12345678");
UserRepresentation user = new UserRepresentation();
user.setEnabled(true);
user.setUsername("michaeljackson");
user.setFirstName("michael");
user.setLastName("jackson");
user.setCredentials(Arrays.asList(credential));
Response resp=keycloak.realm("root-admin").users().create(user);
System.out.println(resp.getStatus());
My client is a public facing app so it has access type set as public and therefore no client secret is generated for it, also genghis khan user has role as admin and root-admin realm has been created by me.我的客户端是一个面向公众的应用程序,因此它的访问类型设置为公开,因此没有为其生成客户端机密,而且成吉思汗用户的角色为管理员,root-admin 领域已由我创建。 Need help as to how to make this work
需要有关如何进行这项工作的帮助
Try enabling "Direct Access Grants Enabled" of demo-app
client on the admin console.尝试在管理控制台上启用
demo-app
客户端的“启用直接访问授权”。
.grantType(OAuth2Constants.PASSWORD) //
This line means you're using "Resource Owner Password Credentials Grant", and it needs to be enabled.此行表示您正在使用“资源所有者密码凭据授予”,并且需要启用它。
See also: https://www.keycloak.org/docs/8.0/server_admin/index.html#oidc-clients另见: https : //www.keycloak.org/docs/8.0/server_admin/index.html#oidc-clients
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.