Keycloak - PATCH user attributes through REST API

About

Asked 13/4, 2023 at 9:15 Answered 20/3, 2024 at 21:23

I am using Keycloak docker image 21.0.2 (the latest one).

I make a PUT request to this URL: http://localhost:8080/admin/realms/custom-realm/users/14905db1-5229-4110-bfbb-df13845a4f52 and with this JSON body to edit a user's attributes:

{
    "attributes": {
        "organization_id": "1"
    }
}

The problem is that this wipes out all user attributes and I want it to keep the old ones as they are used for other functionalities and cannot be wiped out.

I just want to append or replace 'organization_id' value in the list of user attributes.

I think it should be a PATCH request but Keycloak doesn't have one for users. Is there any way to make this work?

I tried to update user attributes through the ADMIN REST API but I think a PATCH method is missing...

Scalp answered 13/4, 2023 at 9:15 Comment(8)

You can do it by "PUT {Keycloak URL}/admin/realms/{realm-name}/users/{user-id}" in here – Sportive 13/4, 2023 at 9:54

Hi there, This does not work, as explained in my comment it will override ALL attributes of the specific user and what I want is override 1 attribute in the list, not all of them... – Scalp 14/4, 2023 at 11:35

There is no PATCH command, you need to get attributes first and then to update the organization_id with other attributes to keep by PUT command. – Sportive 14/4, 2023 at 11:49

Thanks for your answer. Yes I was thinking the same and wondering if there was any other way to do that but it looks like a PATCH command is missing in the API... – Scalp 14/4, 2023 at 13:43

@Scalp with 23.0.6 - when using the Java Rest client at least - PUT seems to behave like a patch would. Maybe this helps – Jameljamerson 5/3, 2024 at 9:19

Did you try replacing a specific attribute ? not the entire list ? – Scalp 5/3, 2024 at 12:49

@Scalp I updated the enabled flag and the role, using the UserResource.update() method and all other attributes (firstname, email, other attributes) stayed the same. – Jameljamerson 6/3, 2024 at 9:4

Is there any way to know the exact http request sent by your Java rest client ? (body, method, headers, endpoint?) – Scalp 6/3, 2024 at 11:20

I had the exact same issue and i finally resolve it by fetching first the information of the user and made a custom merge when updating the user with the keycloak admin client. It's not a fancy solution, but Keycloak at this date does not provide a way to partially update the user.

Iinde answered 20/3, 2024 at 21:23 Comment(1)

I opened an open issue on their github for this, but it is not prioritary... github.com/keycloak/keycloak/issues/19691 – Scalp 21/3, 2024 at 8:9

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags