I am trying to get all scope-permissions for a client using an admin client. I am using keycloak 12.0.4, spring-boot and keycloak-admin-client maven dependency.
The client i am using has realm-management role associated. I can get client list but i can't do nothing with them.
Keycloak keycloak = this.getAdminClient();
List<ClientRepresentation> clients = keycloak.realm(kcProperties.getRealm()).clients().findAll();
ClientResource clientResource = keycloak.realm(kcProperties.getRealm()).clients().get(clientId);
//all these calls give 404 not found
clientResource.authorization().getSettings().getPolicies();
clientResource.authorization().getSettings().getScopes();
clientResource.authorization().getSettings().getResources();
clientResource.authorization().permissions();
clientResource.authorization().scopes();
clientResource.getPermissions();
private Keycloak getAdminClient() {
return KeycloakBuilder.builder()
.clientId(kcProperties.getResource())
.clientSecret(kcProperties.getCredentials().get("secret").toString())
.serverUrl(kcProperties.getAuthServerUrl())
.realm(kcProperties.getRealm())
.grantType("client_credentials")
.build();
}
all these call returns 404 not found
clientResource.authorization().getSettings().getPolicies();
clientResource.authorization().getSettings().getScopes();
clientResource.authorization().getSettings().getResources();
clientResource.authorization().permissions();
clientResource.authorization().scopes();
clientResource.getPermissions();
I think u can try creating a user in realm master and then assign a role for that user for a specific realm that u want control, and then when initialize a keycloak admin, you can use a admin-cli client and realm master for the configuration.this is example for initialize keycloak admin client
and then when u want to use that keycloak in service class. just use a dependency injection into service class.
}