Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Keycloak - Create Admin User in a Realm

Tags:

keycloak

How do I create an admin user in a realm in Keycloak? I tried /bin/add-user.sh -r myrealm -u admin -p <pwd> It gave me the error:


 * Error *
WFLYDM0065: The user supplied realm name 'myrealm' does not match the realm name discovered from the property file(s) 'ManagementRealm'.

Exception in thread "main" org.jboss.as.domain.management.security.adduser.AddUserFailedException: WFLYDM0065: The user supplied realm name 'myrealm' does not match the realm name discovered from the property file(s) 'ManagementRealm'.
    at org.jboss.as.domain.management.security.adduser.ErrorState.execute(ErrorState.java:72)
    at org.jboss.as.domain.management.security.adduser.AddUser.run(AddUser.java:133)
    at org.jboss.as.domain.management.security.adduser.AddUser.main(AddUser.java:231)
    at org.jboss.modules.Module.run(Module.java:352)
    at org.jboss.modules.Module.run(Module.java:320)
    at org.jboss.modules.Main.main(Main.java:593)

I tried /bin/add-user-keycloak.sh -r myrealm -u admin -p <pwd>. It asked me to restart the server which I did but I did not see the user either.

If one knows how to make it using the python client, that would be great too.

like image 772
RAbraham Avatar asked Jun 24 '19 19:06

RAbraham

People also ask

What are realm roles in Keycloak?

Keycloak roles are defined in a dedicated namespace so that all users with the same roles have identical permissions in that namespace. In other words, realm-level roles are a global namespace for a given realm, while client roles are namespaces intended for specific applications.

How do I access administrative Keycloak?

To access the admin console, open http://localhost:8080/auth/admin/ in a browser. You will be redirected to the Keycloak login pages, where you can log in with the admin username and password you created in the previous section while installing Keycloak.

2 Answers

  1. Create regular user in a realm:
    1. Open admin console and select realm of your choice (realm selection box on top left side).
    2. Go to users (sidebar) -> add user (button on the right side)
    3. Fill in required fields and press save button.
    4. Open Credentials tab and set password.
    5. Open Role Mapping tab:
      1. Select realm-management under Client Roles.
      2. Select all available roles and press Add selected.
  2. Go to http://keycloak/auth/admin/REALM_NAME/console (replace REALM_NAME with realm name in which you created the user) and login.
  3. You should see admin UI only for this realm.

You can also automate user creation via Admin REST API: https://www.keycloak.org/docs-api/10.0/rest-api/index.html#_users_resource

like image 65
Vadim Ashikhman Avatar answered Oct 03 '22 23:10

Vadim Ashikhman

You should be able to create using add-user-keycloak command , but you need to restart the keycloak server to actually add the user. here is the documentation 

/bin/add-user-keycloak.sh -r myrealm -u admin -p <password>

But before adding user you need to create realm myrealm using 

  kcadm.sh create realms ........
like image 21
ravthiru Avatar answered Oct 04 '22 00:10

ravthiru
Sign in to Comment

Related questions

Get keycloak Server logs
KEYCLOAK - Refresh/update token not working
Spring Websockets Authentication with Spring Security and Keycloak
Keycloak CORS issue when being redirected to login
trying to up keycloak with docker but it's not starting . Operation ("add") failed - address:
why is keycloak removing the SSL in the redirect uri?
How to have Keycloak login page in iframe?
Keycloak add extra claims from database / external source with custom protocol mapper
Keycloak cookies : KEYCLOAK_SESSION,Oauth_token_request_state, KEYCLOAK_IDENTITY
Spring Keycloak: Get User ID
Obtain id_token with Keycloak
How to create a Script Mapper in Keycloak?
Bottleneck when using auth/admin/realms/myrealm/users in my app
Keycloak logout request does not log out user
Localization of custom keycloak login theme
Keycloak: remote-store configuration for dedicated Infinispan cluster
Keycloak JavaScript API to get current logged in user
Create a User on Keycloack including password from curl command
Globally disable https keycloak
Getting Keycloak's public key

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!