问题
Running the below commands to import user with roles.
./kcadm.sh config credentials --server http://localhost:8080/auth --realm master --user admin --password [pass]
./kcadm.sh create users -r [realm_name] -f user-admin.json
user-admin.json looks like:
{
"username": "adminLocal",
"enabled": true,
"totp": false,
"emailVerified": false,
"firstName": "admin",
"lastName": "local",
"email": "adminLocal@domain.com",
"disableableCredentialTypes": ["password"],
"requiredActions": [],
"notBefore": 0,
"access": {
"manageGroupMembership": true,
"view": true,
"mapRoles": true,
"impersonate": true,
"manage": true
},
"credentials" : [
{
"value" : "secret",
"type" : "password",
"temporary" : false
}
],
"realmRoles" : ["admin","offline_access","uma_authorization"]
}
Expected all the specified roles in "realmRoles" key to be assigned. However just Realm Default Roles: "offline_access","uma_authorization" were assigned to user.
The roles exist and were added beforehand via Keycloak Admin UI.
It's possible to create user and then assign roles as a workaround. However would like to do it with one command.
来源:https://stackoverflow.com/questions/56206472/keycloak-roles-not-assigned-when-user-is-created-via-cli