keycloak

I would like to ask, if somebody knows, why there are no roles within the user details in REST ADMIN API request. I saw some posts dealing with this topic, but there were either no clear answer or they propose to use keycloak-admin-client, but that seems not very convenient. Maybe I need to map the roles in Admin console or use claims? Roles are one of the most important user attribute so whats the reason they are not retrieved as other user attributes?Any suggestion? Thanks GET /auth/admin/realms/{realm}/users { "id": "efa7e6c0-139f-44d8-baa8-10822ed2a9c1", "createdTimestamp": 1516707328588,

I am using keycloak for production for the first time. I run keycloak on my local machine and never faced this issue. First I am using docker to run keycloak server. The docker image is pulled from jboss/keycloak . I have set up my SSL using letsEncrypt on my domain test.com After running the docker image I ended up getting error HTTPS-REQUIRED when I click on administrative console. After reading up a lot about this from HERE HERE and HERE I realized I need SSL on my domain which I did. I also pass PROXY_ADDRESS_FORWARDING=true in my docker command. This is how I run it. docker run -e

I like to manage keycloak from my own application:create user & clients, display users & client. As this is not a real user but a machine I would like to use a service account with a client credential grant as proposed in How to get Keycloak users via REST without admin account . To realize this I: create a realm inside the real created a client configured the access type of the client to "confidential" saved and activated the "Service Accounts Enabled" option that will apear after the save. enable under scopes the client-roles of the "real-management" (see screenshot) requested an access

I'm struggling with registering a custom ProtocolMapper in Keycloak. I would like to add some data from my database on token request. So i followed the idea given in Keycloak add extra claims from database / external source . I implemented the ProtocolMapper interface and added the file META-INF/services/org.keycloak.protocol.ProtocolMapper containing the reference to my class. So far so good and Keycloak recognizes the new implementation. I'm also able to configure it via the admin console. To add some data to the token I think I must also add one/some of the interfaces org.keycloak.protocol

Is there something similar to: request.getUserPrincipal().getName() // Java In Node to get username when we are using connect-keycloak with express middle-ware? I also came along with this issue. I did dive into the middleware code and tried to find something similar. It turns out that the request object is modified and appended by kauth.grant . console.log('req.kauth.grant') prints out: { access_token: { token: 'kasdgfksj333', clientId: 'mobile', header: { alg: 'RS256' }, content: { jti: '33389eb6-3611-4de2-b913-add9283c3de0', exp: 1464883174, nbf: 0, iat: 1464882874, iss: 'http://docker:9090

I know keycloak has exposed below api, <dependency> <groupId>org.keycloak</groupId> <artifactId>keycloak-services</artifactId> <version>2.0.0.Final</version> </dependency> With complete documentation here . I cannot find the required api here to fetch all users with specific role mapped to them. Problem Statement - I need to pick all users from keycloak server who have a specific role. I need to send email to all users with role mapped to them. There is an outstanding feature request asking for this function via the API. In the meantime if your requirement is once-off you could obtain the user