Menu
I am using the latest keycloak image in docker and can access the standard admin console at http://localhost:9080. However, I cant seem to access any of the paths specified in the documentation for Admin REST api. For instance, the base path /auth and Resource Get clients belonging to the realm Returns a list of clients belonging to the realm: /{realm}/clients I am getting a 404. So is for any other method in the documentation. The only path returning a valid 200 json response is http://localhost:9080/auth/realms/{realm-name}/ which according to the documentation be reachable at basepath + "/{realm-name}". Am I missing something or trying to access with a wrong base path. The keycloak version in docker is 3.4.3.Final which is the latest version of keycloak according to the documentation.
293
Show activity on this post. First step to do that is create an admin account (which you would have been prompted to do as soon as you would have opened {keycloak-url}/auth ). Next steps depend on how you want to create config. Through Admin console GUI or through Rest API.
Keycloak comes with a fully functional Admin REST API with all features provided by the Admin Console. To invoke the API you need to obtain an access token with the appropriate permissions.
To access the admin console, open http://localhost:8080/auth/admin/ in a browser. You will be redirected to the Keycloak login pages, where you can log in with the admin username and password you created in the previous section while installing Keycloak.
I'm almost sure you are trying to call the endpoint like this:
http://localhost:9080/auth/admin/realms/demo/clients
However, you've missed this part/auth/admin/realms
Please, don't forget to authorize your call first as stated here
UPDATE
Here are my steps to see the results:
$ docker run -d -e KEYCLOAK_USER=admin -e KEYCLOAK_PASSWORD=admin jboss/keycloak
Getting access_token:
$ curl -X POST \
-H 'Content-Type: application/x-www-form-urlencoded' \
-d 'username=admin&password=admin&client_id=admin-cli&grant_type=password' \
http://localhost:9080/auth/realms/master/protocol/openid-connect/token
EDIT: With keycloak 17.0+ the /auth path segment should be omitted, so the correct URL is http://localhost:9080/realms/master/protocol/openid-connect/token
Reference: https://stackoverflow.com/a/71634718/3692110
Copy and paste obtained access_token to Authorization header:
$ curl -X GET \
-H 'Authorization: Bearer <access_token_goes_here>' \
http://localhost:9080/auth/admin/realms/master/clients
They have now updated it to be:
http://localhost:9080/realms/demo/clients
I struggled the whole day only to figure out it's different from how the documentation says it should be.
Config endpoints can be found on the Keycloak console under realm settings. On the endpoints part, it will show you all the endpoints you need.
1
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
