My aim is next: I want to assign using @keycloak/keycloak-admin-client new role for the group in realm and in the some specific client like using UI:
For example I have created new role:
async createRole(createRoleInput: CreateRoleInput) {
const client = await this.keycloakAdminService.getClient();
await client.roles.create({
...createRoleInput,
realm: 'space-realm',
});
return (await client.roles.find()).map(r => r.name);
}
createRoleInput is an object, that includes just one field name, that will be used for role creation
Then I create a group using this code:
async createGroup(name: string) {
const client = await this.keycloakAdminService.getClient();
client.groups.create({
realm: 'space-realm',
name,
});
}
And the final task is to assign role to the realm and client using this group, that is happening in the following code:
async assignRoleToGroup(groupname: string, rolename: string) {
const client = await this.keycloakAdminService.getClient();
const groups = await client.groups.find({
search: groupname
});
if (!groups.length) {
throw new Error('No groups were found...')
}
const roles = await client.roles.find({
search: rolename
});
if (!roles.length) {
throw new Error('No roles were found...')
}
try {
if (groups[0] && roles[0]) {
const group = groups[0];
const role = roles[0];
await client.groups.addRealmRoleMappings({
realm: 'space-realm',
id: group.id,
roles: [{
id: role.id,
name: role.name
}]
});
const targetClients = await client.clients.find({
clientId: 'finance-backend',
})
if (!targetClients.length) {
throw new Error("Client wasn't identified");
}
const targetClient = targetClients[0];
await client.groups.addClientRoleMappings({
clientUniqueId: targetClient.id,
id: group.id,
roles: [{
id: role.id,
name: role.name
}]
})
}
} catch (error) {
console.error('Error:', error.response ? error.response.data : error.message);
}
return (await client.groups.find()).map(r => r.name);
}
But maybe I did something wrong because I have got multiple times this error:
Error: { error: 'Role not found' }
in this part of the code :
await client.groups.addClientRoleMappings({
clientUniqueId: targetClient.id,
id: group.id,
roles: [{
id: role.id,
name: role.name
}]
})
that is absolutely strange, because it has added this role to the realm without any similar troubles, using the same role. I will be very appreciated for the answer