问题
We use keycloak API in our application. When we try to retrieve the Client list of the realm it pass 403 forbidden error. Highly appreciate your comments for avoid this matter.
String authServer = UriUtils.getOrigin(httpRequest.getRequestURL().toString()) + AUTH_CONTEXT_PATH;
String token = httpRequest.getHeader("Authorization").replaceAll("Bearer ", "");
String realmClientsUrl = authServer+"/admin/realms/testrealm/clients/"+getClientRepresentationId(authServer,realm,token);
ClientRequest request = getClientRequest(realmClientsUrl,token);
ClientResponse<String> response;
ClientRepresentation clientRepresentation = null;
try{
response = request.get(String.class);
validateResponse(response,"CLIENT_REPRESENTATION");
clientRepresentation = response.getEntity(ClientRepresentation.class);
return clientRepresentation;
} catch (Exception e) {
e.printStackTrace();
}
Error which passed,
java.lang.Exception: ErrorStage:CLIENT_REPRESENTATION_ID,HTTP responseCode:403,StatusIno=Forbidden
回答1:
You might get this error if the logged in user doesn't have the relevant Client Roles access. Add the client role access as "View Client" under realm-management.
来源:https://stackoverflow.com/questions/36908982/403-forbidden-error-while-access-the-clientrepresentation-in-keycloack