403 Error by GET REST request


I just implemented a User Federation using LDAP for an Active Directory with a huge number of users and synced them all to Keycloak.

When I try the following REST call I get a 403 Forbidden error.

GET http://localhost:9090/auth/admin/realms/{my_realm}/users/{user_id}/

The user does exist and if I try that GET request on another realm that does not sync users via LDAP I get a response.

Do I need to make a special request for users synced by LDAP? Or is the problem here the high number of users?

403 Forbidden => you don’t have permission to query users. You need to configure permissions for your user/client properly.

IMHO you need query-users or manage-users:


Thank you very much! That solver it