基于此链接,我能够成功:
jboss/keycloak:16.1.1
但是,我需要 通过 REST API 在 keycloak 中创建(和获取) users。在下图中,您可以看到我在邮递员中尝试过的内容,结果我得到了
404
:
问题1:
jboss/keycloak:16.1.1
支持通过REST创建和获取用户吗?
当我检查下图中提供的API时,没有与用户相关的API。
问题2:我需要为我的客户分配哪些角色才能创建或获取用户?
我使用 jwt 网站来调查我的令牌,我发现这个令牌有一些
realm_roles
和 accoint_roles
例如 [ "default-roles-master", "offline_access", "uma_authorization" ]
,但我不确定这些角色是否为我提供了创建或获取的特权用户。他们是吗?
这是我的代币,您可以将其放入jwt.io并查看结果:
eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJ2X1gtMFJaTWhEbkNER0NnUjhoZGx5RGRwaENvUWxOcnNuZHZVUm9scms4In0.eyJleHAiOjE3MDMyNjU5MzcsImlhdCI6MTcwMzI2NTg3NywianRpIjoiZGQ1ZDNjOGQtM2Q1Yi00MjVjLTkwZTktOWJmNzc1MjNmMzMxIiwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo4MDgwL2F1dGgvcmVhbG1zL21hc3RlciIsImF1ZCI6ImFjY291bnQiLCJzdWIiOiIyYzVmNDQxMy04ZGIxLTQ4NjgtYTJiNC1kMzA2Njg2NDc5YWMiLCJ0eXAiOiJCZWFyZXIiLCJhenAiOiJhZG1pbi1yZXN0LWNsaWVudCIsImFjciI6IjEiLCJyZWFsbV9hY2Nlc3MiOnsicm9sZXMiOlsiZGVmYXVsdC1yb2xlcy1tYXN0ZXIiLCJvZmZsaW5lX2FjY2VzcyIsInVtYV9hdXRob3JpemF0aW9uIl19LCJyZXNvdXJjZV9hY2Nlc3MiOnsiYWNjb3VudCI6eyJyb2xlcyI6WyJtYW5hZ2UtYWNjb3VudCIsIm1hbmFnZS1hY2NvdW50LWxpbmtzIiwidmlldy1wcm9maWxlIl19fSwic2NvcGUiOiJwcm9maWxlIGVtYWlsIiwiY2xpZW50SWQiOiJhZG1pbi1yZXN0LWNsaWVudCIsImVtYWlsX3ZlcmlmaWVkIjpmYWxzZSwiY2xpZW50SG9zdCI6IjE3Mi4xNy4wLjEiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJzZXJ2aWNlLWFjY291bnQtYWRtaW4tcmVzdC1jbGllbnQiLCJjbGllbnRBZGRyZXNzIjoiMTcyLjE3LjAuMSJ9.LuEEDoRKubMXrccgxAkpVPun4jbmr7Kn_8EG0eeyxcwudnEF-aUDd0zLEIz8cDUnvLybbAIfq0CUOr6sslTdzgV52FFrOrIfo3kqyy6stHEuhSCs-G7SPwwbv3aOIUmQqC9H2Mi4rW3K46edutBGwDKqJ-bSKTTHfhw128UrU-x5Clk7pZ1hHEV56KttgBtlLIOpmhQ4Ji88ah0RaYb3I9j7ekLQWwUmd04c1JfR3rcOEquYYUfA-Se2wyhDP14HNOCQWq4Nx1ctf3Y9KDfX_qqF-cjG7JJy88bc7FDjBZjC5xAfdahScLS3aUR_wa0NyBYEY-4BC1G3qHMkvPYycg
POST http://localhost:8080/auth/admin/realms/my-realm/users
体内
{
"enabled": true,
"attributes": {},
"groups": [],
"username": "user2",
"emailVerified": "",
"email": "[email protected]",
"firstName": "Tom",
"lastName": "Cruise"
}
“管理用户”角色。
详情请看这里