How does a client need to be set up for the account_api to work?

Question

I'm trying to use the Keycloak account API to implement a password change form, as described in https://stackoverflow.com/a/61388281/1058828. But I'm getting a 403 Forbidden error.

I looked at the code, and it seems the user needs the manage-account role, but I'm not sure how to configure the client appropriately.

How do I give users the role? And is there any further set-up I need to do to make the API work?

score 1 · Answer 1 · answered Jul 10 '20 at 02:43

I had the same problem after setting roles for users, users could change passwords, create accounts ... T settings like this: Step 1: login adminconsole keycloak Step 2: select the user tab> view all user> edit the user you need> select the role mappings> Client Client Roles> enter realm-management> select manager-user> add selected> done and test it again? Good luck!

How does a client need to be set up for the account_api to work?

1 Answers1