运行以下命令以导入具有角色的用户。
./kcadm.sh config credentials --server http://localhost:8080/auth --realm master --user admin --password [pass]
./kcadm.sh create users -r [realm_name] -f user-admin.json
user-admin.json看起来像:
{
"username": "adminLocal",
"enabled": true,
"totp": false,
"emailVerified": false,
"firstName": "admin",
"lastName": "local",
"email": "adminLocal@domain.com",
"disableableCredentialTypes": ["password"],
"requiredActions": [],
"notBefore": 0,
"access": {
"manageGroupMembership": true,
"view": true,
"mapRoles": true,
"impersonate": true,
"manage": true
},
"credentials" : [
{
"value" : "secret",
"type" : "password",
"temporary" : false
}
],
"realmRoles" : ["admin","offline_access","uma_authorization"]
}
期望分配“realmRoles”键中的所有指定角色。然而只是Realm Default Roles: "offline_access","uma_authorization"被分配给用户。这些角色存在并且是通过 Keycloak Admin UI 预先添加的。
作为一种解决方法,可以创建用户然后分配角色。但是想用一个命令来完成。