Unknown error while creating client using Keycloak REST API

About

Asked 20/11, 2019 at 11:35 Answered 9/4, 2024 at 6:57

I'm trying to create a new client in my Springboot realm through the keycloak REST API using postman, but I'm getting an unknown error as the response.

The URL in post method is

localhost:8180/auth/admin/realms/springboot/clients

The header includes:

content-type - application/json
authorization - bearer <access token...>

The JSON body is

{    
  "id":"1",
  "clientId":"zzzzz",
  "name":"aaaaa",
  "description":"bbbbb",
  "redirectUris":[ "\\" ],
  "enabled":"true"
}

The response I'm getting is 403 : unknown error.

Bellis answered 20/11, 2019 at 11:35 Comment(4)

403 no permissions, but you are authorized. most probably add roles to your user, something from realm-management, like create/manage-clients. should work if you try with admin user access token – Saenz 20/11, 2019 at 14:26

i am new to keycloak , i have set role for my user and i have also set client role too but still not working .... should i do client registration? – Bellis 21/11, 2019 at 6:6

as far as I remember, create user under 'master' realm, assign roles from 'Realm management' something like 'create client' or 'manage client' (not sure about wording). what I am trying to say, user with permissions to create clients should be created under main 'master' realm. you can assign 'admin' role to make your code passing, and slowly play with roles to find right one, or read documentation – Saenz 21/11, 2019 at 10:24

i have successfully created a client through api using intial access token from client registration in realm settings . But now my doubt is how can i get the intial access token from client registration through api. In the above case i got that registration intial access token through their front end admin console. Now i want to do the same through api call. Can anyone help? – Bellis 21/11, 2019 at 11:38

I obtained the same error because the client had not the necessary role.

Go to Clients -> {your-client-name}
Select the 'Service Account Roles' tab
Add the necessary role. (In my case I needed the admin role)

Peep answered 18/5, 2021 at 13:34 Comment(1)

Adding the 'admin' role to service accounts under the 'admin-cli' client fixed it for me. – Rodrigorodrigue 24/5, 2022 at 13:38

403 is when you are not authorized. you need to add the role to concerned user as shown in below video (user -> role mapping -> assign role -> filter by clients) https://www.youtube.com/watch?v=uob6GE_IvZw&t=603s

Catwalk answered 9/4, 2024 at 6:57 Comment(0)

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags