Open Bergiu opened 4 years ago
For me the process was a littlebit different. I have a realm called "Hackademy" and a client called "api-backend". First the not working way: i created a new user and gave it the permission from the stackoverflow solution:
keycloak_admin = KeycloakAdminOpenID(server_url="mykeycloak.com/auth",
client_id="api-backend",
realm_name="Hackademy",
client_secret_key="secret", # from the client credentials page
username="myadmin",
password="secret", # password of the user
verify=True)
this results in a 403 error
than i have seen that when i execute this, a new session is created in the client (client -> api-backend -> sessions) with a different user called Service-account-api-backend. This user is hidden in the users section so i was not able to find it in another way. in the sessions page i could click on the user and then i gave it the permissions from the above link. then i removed the username and password from the KeycloakAdminOpenID object and deleted the previously created user.
keycloak_admin = KeycloakAdminOpenID(server_url="mykeycloak.com/auth",
client_id="api-backend",
realm_name="Hackademy",
client_secret_key="secret", # from the client credentials page
verify=True)
this works now.
steps:
+1 documentation needs a big rewrite, and the code as well, there are functions with required parameters that are never used like assign_realm_roles().
Thank you soooo much!
maybe you should link this stackoverflow to make it easier to find out how to get the credentials of the KeycloakAdmin user https://stackoverflow.com/questions/56743109/keycloak-create-admin-user-in-a-realm