How to get client secret via Keycloak API?

问题

How to get client secret via Keycloak API?

In documentation I see:

GET /admin/realms/{realm}/clients/{id}/client-secret

My code is the following:

data = {
    "grant_type" : 'password',
    "client_id" : 'myclientid',
    "username" : 'myusername',
    "password" : 'mypassword'
}
response = requests.get("https://mylink.com/auth/admin/realms/{myrealm}/clients/{myclientid}/client-secret", data=data, headers= {"Content-Type": "application/json"})

I always get 401 error.

What do I do wrong?

回答1:

I think your authentication it's not working.

1. You need a token. You can generate using OpenID (see docs).
2. With the token (by header Authorization), you can do request to API.

Example:

Get the token

data = {"username": "username", "password": "password",
        "client_id": "client_id", "client_secret": "client_secret", 
        "grant_type": "password"}

token = request.post("https://{server-url}/"realms/{realm-name}/protocol/openid-connect/token", data=data)

Request to API

response = requests.get("https://mylink.com/auth/admin/realms/{myrealm}/clients/{myclientid}/client-secret", data=data, headers= {"Authorization": "Bearer " + token.get('access_token'), "Content-Type": "application/json"})

回答2:

{id} in the URL is not clientId, it is different from clientId. it is keycloak unique id ( which is uuid ) some thing like 628e4b46-3d79-454f-9b1c-e07e86ee7615

GET /admin/realms/{realm}/clients/{id}/client-secret

You can get id using this api , where it returns list of ClientRepresentation, which has both Id and clientId, use Id

GET /{realm}/clients

`

来源：https://stackoverflow.com/questions/53538100/how-to-get-client-secret-via-keycloak-api