I am trying to access the create a user in the keycloak programmatically. But I am getting 403 as a status code. I am following the below link.
https://technology.first8.nl/programmatically-adding-users-in-keycloak/
Can anyone help me? Thanks In advance
I have using the following code to create user
Keycloak kc = Keycloak.getInstance(
"http://{server name}:8080/auth",
"{realm name}", // the realm to log in to
"{useraname}",
"{password}", // the user
"{client id}",
"{client secret key}");
CredentialRepresentation credential = new CredentialRepresentation();
credential.setType(CredentialRepresentation.PASSWORD);
credential.setValue("test123");
UserRepresentation user = new UserRepresentation();
user.setUsername("codeuser");
user.setFirstName("sampleuser1");
user.setLastName("password");
user.setCredentials(Arrays.asList(credential));
user.setEnabled(true);
Response result = kc.realm("{realm name}").users().create(user);
response.status is coming as 403
I faced the same issue. This is how i fixed it.
manage-users
UI update for server 9.0.2
Scope
tab and add the role to your Realm Roles
I faced the same issue with KeyCloak 9.0.3. What finally worked for me was:
curl \
-d "client_id=admin-cli\
-d "client_secret=<YOUR_CLIENT_SECRET>" \
-d "grant_type=client_credentials" \
"http://localhost:8080/auth/realms/myrealm/protocol/openid-connect/token"
I am not sure why, but using the admin client on the master realm simply did not work for me.
Set up the admin-cli client in the target realm with the role as mentioned in the correct answer above.
In addition to adding the new role to Scope, I also had to add the role to Service Account Roles.
BTW client credentials access token is not even mentioned as an option in the Admin Rest API docs for Keycloak 9.0.3, but it does work.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With