Keycloak PUT-request returns 401 (unauthorized)
I am using postman and I've tried updating a user's profile via http://localhost:8180/auth/admin/realms/demo/users/{userID} but I received a 401 response.
The procedure I used:
Requested and received admin token via http://localhost:8180/auth/realms/master/protocol/openid-connect/token
Added token to request headers the appropriate way i.e Authorization: Bearer {access_token}
Sent Put request with Json content type and the user's info as body via http://localhost:8180/auth/admin/realms/demo/users/{userID}.
Unfortunately, I've received back-to-back 401 responses.
First request:
-Body(x-www-form-urlencoded)
client_id : admin_cli
username: ...
password: ...
grant_type: password
client_secret: ...
-To http://localhost:8180/auth/realms/master/protocol/openid-connect/token
Second request:
-Header -> Authorization: Bearer ...
-Body(JSON)
"email": "d@gmail.com",
"firstName": "divad",
"lastName": "d"
-To http://localhost:8180/auth/admin/realms/demo/users/{userID}
Update: The /auth path was removed starting with Keycloak 17 Quarkus distribution. So you might need to remove the /auth from the endpoint calls presented on this answer.
In your first call, the david user has to be one with admin-alike privileges. Otherwise, one gets an authorized error response for the actions that the david user does not have the privileges to perform. Have a look at this SO thread to check how to assign admin-alike privileges to a user.
For now let us request a token on the behalf of the master admin user as follows:
from the body response extract the access_token.
For the second call first, copy and paste the access_token to the Authorization > Type Bearer Token:
On the second call, instead of
http://localhost:8180/auth/admin/realms/demo/users/{userID}
you need to replace the userID parameter with the actual userID of the user that you are updating. To get userID you can call the following endpoint:
GET <YOUR_KEYCLOAK_DOMAIN>/auth/admin/realms/<YOUR_REALM>/users/?username=<THE_USERNAME>
or you can copy and paste from the Keycloak Admin Console, under the tab users:
So in Postman would look like:
- Maven Error | Error: Could not find or load main class org.codehaus.plexus.classworlds.launcher.Launcher
- Adding a item to a list
- Connection error to Kafka broker when publishing a message through java app
- IntelliJ - Can't start - "JAVA_HOME does not point to a valid JVM installation"
- Execution default of goal org.springframework.boot:spring-boot-maven-plugin:1.0.2.RELEASE:repackage failed: Source must refer to an existing file
- Is Qt Jambi dead?
- Anticapte FileChooser closing to abort a the runing task
- How to short-circuit a reduce() operation on a Stream?
- I want to give condition to list.add in the ~impl file generated by mapstruct. What should I do?
- Error: Unable to determine the current character, it is not a string, number, array, or object in react-native for android
- filter list based on dynamic criteria using java streams
- Conditionally modifying collections inline using Java Streams
- Upgrading to Spring Boot 3 causing annotation processing errors
- Guava EventBus: How to return result from event handler
- run project in netbeans does nothing at all
- NoSuchMethodError in org.json.JSONObject after kubernetes upgrade from 1.21 to 1.23
- Reflection generic get field value
- "Stored procedure 'xxx' may be run only in unchained transaction mode." error when calling a procedure from a DataSource, in an EJB context
- Kotlin + Java 9 modules: Module java.base cannot be found in the module graph
- Customizing time zone with TaskScheduler.getClock()
- No endpoint mapping found for [SaajSoapMessage {http://schemas.xmlsoap.org/soap/envelope/}UpdateXXXRequest]
- Clone() vs Copy constructor- which is recommended in java
- Create a shortcut for system.out.println in visual studio code
- Spring Transactional TimeOut
- Initial SessionFactory creation failed - org.hibernate.MappingException: An association from the table X refers to an unmapped class: Y
- "Invalid privatekey" when using JSch
- What is the exact meaning of instantiate in Java
- Plugin with id 'maven' not found
- How do I get trading holidays from the Bloomberg API
- Conflicts between pytorch and openCV on android