403 Error by GET REST request

jominga · June 8, 2020, 1:20pm

Hello,

I just implemented a User Federation using LDAP for an Active Directory with a huge number of users and synced them all to Keycloak.

When I try the following REST call I get a 403 Forbidden error.

GET http://localhost:9090/auth/admin/realms/{my_realm}/users/{user_id}/

The user does exist and if I try that GET request on another realm that does not sync users via LDAP I get a response.

Do I need to make a special request for users synced by LDAP? Or is the problem here the high number of users?

jangaraj · June 8, 2020, 1:52pm

403 Forbidden => you don’t have permission to query users. You need to configure permissions for your user/client properly.

IMHO you need query-users or manage-users:

jominga · June 9, 2020, 2:28pm

Thank you very much! That solver it

Topic		Replies	Views
UserFederation AD rest api Getting advice admin-rest	0	404	November 3, 2022
403 Forbidden - Accessing Keycloak APIs Getting advice	3	3653	March 9, 2022
REST Api Error 403 Configuring the server	2	576	February 9, 2021
403 Forbidden error when using Rest API admin-console	4	4094	April 16, 2023
Problems listing users synced from LDAP Getting advice	0	1713	September 10, 2021