Bergiu
commented
4 years ago For me the process was a littlebit different. I have a realm called "Hackademy" and a client called "api-backend". First the not working way: i created a new user and gave it the permission from the stackoverflow solution:
keycloak_admin = KeycloakAdminOpenID(server_url="mykeycloak.com/auth",
client_id="api-backend",
realm_name="Hackademy",
client_secret_key="secret", # from the client credentials page
username="myadmin",
password="secret", # password of the user
verify=True)this results in a 403 error
than i have seen that when i execute this, a new session is created in the client (client -> api-backend -> sessions) with a different user called Service-account-api-backend. This user is hidden in the users section so i was not able to find it in another way. in the sessions page i could click on the user and then i gave it the permissions from the above link. then i removed the username and password from the KeycloakAdminOpenID object and deleted the previously created user.
keycloak_admin = KeycloakAdminOpenID(server_url="mykeycloak.com/auth",
client_id="api-backend",
realm_name="Hackademy",
client_secret_key="secret", # from the client credentials page
verify=True)this works now.
steps:
- create the above KeycloakAdminOpenID object and execute it once. this creates a new session in client -> [your-client] -> sessions
- goto client -> [your-client] -> sessions and click on the username (Service-account-[your-client]) to open the user settings
- add the permissions from the stackoverflow link to this user
- now it should work
oscarcp
dimsamaras
maybe you should link this stackoverflow to make it easier to find out how to get the credentials of the KeycloakAdmin user https://stackoverflow.com/questions/56743109/keycloak-create-admin-user-in-a-realm