Closed adsanz closed 5 years ago
adsanz
commented
5 years ago As a workaround found this https://www.keycloak.org/docs/latest/server_admin/index.html#_group_operations althought I have yet to test it. Still if the operation is supported directly would be great.
babastienne
commented
5 years ago This problem is not related to this project but to the Keycloak's API. It is a known problem that is not corrected because there is a way to do it with another operation on the API (the way you found).
I agree with you, this is quite disturbing, especially because the API documentation says it is possible. Anyway this is the link of the related issue on the bugtracker of the Keycloak project in case you need it : https://issues.jboss.org/browse/KEYCLOAK-10876?_sscc=t
adsanz
commented
5 years ago Indeed is quite annoying, I'll close the issue because is not related to the project itself but to the API directly. Hopefully at some point they will solve it, thanks :)
babastienne
commented
3 years ago As said above, the function update_user cannot be used to update groups affiliated to a user.
If you want to know why, you can find more information on this stackoverflow issue : https://stackoverflow.com/questions/57390389/the-realmroles-parameter-is-ignored-when-adding-a-user-via-the-keycloak-api/57416390#57416390
The correct way for you to as a user to a group is to use the functions 'group_user_add' and 'group_user_remove'.
Check the code to find more information : https://github.com/marcospereirampj/python-keycloak/blob/3931246832be556bce0e3b6f54d70c6afc308900/keycloak/keycloak_admin.py#L739
You can use this function if you want to find a group id : https://github.com/marcospereirampj/python-keycloak/blob/3931246832be556bce0e3b6f54d70c6afc308900/keycloak/keycloak_admin.py#L653
I've set-up an instance of keycloak 6, and I've been able to create users, but I'm not able to add the user to any group. I've looked at the rest API from keycloak, and the next code does not return any error, but it seems to do nothing:
new_user = keycloak_admin.create_user({"email": "example@example.com", "username": "testing", "enabled": True, "firstName": "Example", "lastName": "Example", "groups": ['87ce8237-7b0b-4437-b302-8e1404f4b799']})Also tried:
update = keycloak_admin.update_user(user_id="a1e52cbd-99cd-46c2-8cbe-f34fa9d16e81",payload={'groups': ['87ce8237-7b0b-4437-b302-8e1404f4b799'],'enabled': False})The user gets disable, so the update works, but it does not get added to the group.
Gotta remark, everything else works perfectly, and when I submit this also seems to work, no errors. I tried also the group name instead of ID but it does not work either.