stackoom
  简体   繁体   中英

create user programmatically using keycloak admin client for a client that has acces-type public

 原文  2019-12-03 15:28:23       java/ keycloak

Question

I have just started using keycloak and seems to have hit a hurdle. I am not able to create a user programmatically using the keycloak-admin-client for java. My keycloak server version is 8.0.0 and the library/jar version is also same. When I try to create a user my program just sits there keep waiting where as in logs i can see login error

2019-12-03 20:10:19,842 WARN  [org.keycloak.events] (default task-26) type=LOGIN_ERROR, realmId=root-admin, clientId=demo-app, userId=null, ipAddress=192.x.x.x, error=not_allowed, auth_method=oauth_credentials, grant_type=password, client_auth_method=client-secret


Keycloak keycloak = KeycloakBuilder.builder() //
                .serverUrl("http://192.x.x.x:8080/auth") //
                .realm("root-admin") //
                .grantType(OAuth2Constants.PASSWORD) //
                .clientId("demo-app")
                .clientSecret("")////
                .username("genghis khan") //
                .password("1234") //
                .build();
        CredentialRepresentation credential = new CredentialRepresentation();
        credential.setType(CredentialRepresentation.PASSWORD);
        credential.setValue("12345678");
        UserRepresentation user = new UserRepresentation();
        user.setEnabled(true);
        user.setUsername("michaeljackson");
        user.setFirstName("michael");
        user.setLastName("jackson");
        user.setCredentials(Arrays.asList(credential));

        Response resp=keycloak.realm("root-admin").users().create(user);
        System.out.println(resp.getStatus());

My client is a public facing app so it has access type set as public and therefore no client secret is generated for it, also genghis khan user has role as admin and root-admin realm has been created by me. Need help as to how to make this work

1 answers

solution1
 0  2019-12-05 01:23:31

Try enabling "Direct Access Grants Enabled" of demo-app client on the admin console.

.grantType(OAuth2Constants.PASSWORD) //

This line means you're using "Resource Owner Password Credentials Grant", and it needs to be enabled.

See also: https://www.keycloak.org/docs/8.0/server_admin/index.html#oidc-clients

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Create Client programmatically in Keycloak Create user in keycloak through keycloak admin client returns 400 Create user in keycloak through keycloak admin client returns IllegalArgumentException Cannot create user in Keycloak with keycloak-admin-client How to create keycloak client role programmatically and assign to user Displaying a User Email using keycloak Admin Client not working(UnrecognizedPropertyException) 403 during user creation using keycloak-admin-client Keycloak public client and authorization Quarkus Keycloak Admin client Create keycloak client and assign role from other client programmatically
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM