Marcelo Paixão Resende
Reputation: 41
403 status when creating realm and user using service account from master realm - Keycloak
I have a multitenant app where realms will be created automatically by the backend service.
For this, I have a client with service account enabled and full scope allowed at the master realm, but when using it through the keycloak admin java client I can create a new realm, but can't create a new user inside of it.
KeycloakBuilder
.builder()
.grantType(OAuth2Constants.CLIENT_CREDENTIALS)
.serverUrl(masterCredentials.getAuthServerUrl())
.realm(MASTER_REALM)
.clientId(masterCredentials.getClientId())
.clientSecret(masterCredentials.getClientSecret())
.resteasyClient(buildResteasyClient())
.build();
When logging with the admin user the user was created successfully:
Keycloak.getInstance(masterCredentials.getAuthServerUrl(),
"master",
"admin",
"admin",
"admin-cli");
Upvotes: 1
Views: 462
Answers (1)
ravthiru
Reputation: 9623
You need to set needed roles for your service Account , can check more information about service account roles in keycloak wiki
Upvotes: 1
Related Questions
- Keycloak ignores realmRoles when adding a user by rest api
- Keycloak - Manage realm with user from different realm
- How to add realm-admin to an User using keycloak rest-api
- When Creating a new user set realmRoles - Keycloak Admin REST API
- Unable to assign realm Role to a newly created Keycloak User via Admin REST API
- Unable to login to keycloak using master realm credentials
- Keycloak initial user in a realm
- Am getting status code 401 when access Keycloak users list even after adding realm-management roles
- Assign realm role to service account keycloak
- Newly added admin of realm can't login to the realm in Keycloak