2

Details:

We are using Keycloak authentication server with Asp.Net WebAPI.

Now I need to get the Keycloak user details based on GUID. Basically I am interested in roles, groups associated with the user.

I tried : GetUser

URI: GET /admin/realms/{realm}/users/{id}

It is returning user details but few properties are not present in received User details.

Kindly help to resolve this issue.

Subodh Joshi
  • 12,717
  • 29
  • 108
  • 202
Dreamer
  • 586
  • 3
  • 7
  • 23
  • 1
    For the roles, you would need to fetch the role mapping. – Aritz Mar 20 '19 at 21:09
  • exactly...I already used the same URL for role mapping and it is working. But my concern is, the URI which I mentioned above in question, it will return User according to the Keycloak document and the user representation has the array of roles, groups but while hitting that end point it is not return all these things. So I am trying to get the reason behind this behavior. – Dreamer Mar 25 '19 at 08:22
  • @Xtreme Biker, I do have 1 more question actually I need all the roles and groups which are available for a keycloak User. URI: /admin/realms/{realm}/groups/{id}/role-mappings/realm/available Using this end point I am getting the roles available for that user but I didn't found any end point to get the available groups. Is there any endpoint already available? Or I need to do the manipulation on all groups and assigned user groups? – Dreamer Mar 25 '19 at 08:35
  • that would involve another SO question.. BTW, this question is, in practice, a dup of this: https://stackoverflow.com/questions/48458138/keycloak-user-roles-missing-in-rest-api – Aritz Mar 25 '19 at 09:16
  • Do you have full scope allowed for the client? http://lists.jboss.org/pipermail/keycloak-user/2018-October/015859.html – Aritz Mar 25 '19 at 09:22
  • Possible duplicate of [Keycloak User Roles missing in REST API](https://stackoverflow.com/questions/48458138/keycloak-user-roles-missing-in-rest-api) – Aritz Mar 25 '19 at 09:24

1 Answers1

2

You will not get the Roles info from this API.You will have to call Role mappings.

This is the API.You will have to pass the UserID in the API

http://${KEY_CLOAK_IP}/auth/admin/realms/MeetingApp/users+'/' + userid + '/role-mappings/realm
avinashjha
  • 590
  • 4
  • 18
  • 1
    exactly...I already used the same URL mentioned above and it is working. But my concern is, the URI which I mentioned above in question, it will return User according to the Keycloak document and the user representation has the array of roles, groups but while hitting that end point it is not return all these things. So I am trying to get the reason behind this behavior. – Dreamer Mar 25 '19 at 08:20
  • 1
    @XtremeBiker, When I started reading keycoak document, i got this endpoint "/admin/realms/{realm}/users/{id}/role-mappings/realm" which is returning the the roles assigned to User. But my concern is, the URI which I mentioned above in question, it will return User according to the Keycloak document and the user representation has the array of roles, groups but while hitting that end point it is not return all these things. – Dreamer Mar 25 '19 at 08:50
  • 1
    URI: GET /admin/realms/{realm}/users/{id} which I mentioned in question. – Dreamer Mar 25 '19 at 09:28