node.jskeycloakrestkeycloak-serviceskeycloak-rest-api

How can I get userId after call create user api in keycloak?

I implemented keycloak in my node.js project and call following API for add user in keycloak:

{{keycloak_url}}/admin/realms/{{realm}}/users

This API works and I can add user in keycloak but I need userId in response to this API how can I get this, any alternative way for this

Thanks in advance

Solution

  • Update: The /auth path was removed starting with Keycloak 17 Quarkus distribution. So you might need to remove the /auth from the endpoint calls presented on this answer.

    You use the Keycloak Admin REST API endpoint GET /{realm}/users with the query parameter username. For instance:

    GET "{{keycloak_url}}/auth/admin/realms/{{realm}}/users/?username={{username}}"

    NOTE: In some Keycloak version it will return all the users with a username that matches {{username*}}. Therefore, you could use exact=true parameter to only fetch those matching {{username*}}. For those using bash script I have uploaded to my repo one example on how to do filter currently. From the response you just need to extract the field id.

    The approach pointed out first by @Sillas Reis allows to create the user and get its ID in a single call, which is more performant. For those using bash and curl that solution could look like the following:

    Call the Keycloak Admin REST API with an access token from a user with the proper permissions. For now, I will be using the admin user from the master realm:

    curl “https://${KEYCLOAK_HOST}/auth/realms/master/protocol/openid-connect/token” \
    -d "client_id=admin-cli" \
    -d "username=${ADMIN_NAME}” \
    -d "password=${ADMIN_PASSWORD}" \
    -d "grant_type=password"

    You get a JSON response with the admin's token. Extract the value of property access_token from that response. Let us save it in the variable $ACCESS_TOKEN for later reference.

    To create the user in your realm $REALM_NAME and get back its id execute:

    URL="https://${KEYCLOAK_HOST}/auth/admin/realms/${REALM_NAME}/users/"
curl --include -X -s POST "${URL}" \
        -H "Content-Type: application/json" \
        -H "Authorization: Bearer $ACCESS_TOKEN" \
        -d "$USER_JSON" | grep "Location: ${URL}" | grep -o '[^/]\+$'

    the flag --include will make curl include the headers, and the command grep "Location: ${URL}" will extract the location and the command grep -o '[^/]\+$' the user ID from that location.