I am trying to create a client using keycloak SPI. The code I used to create the client and add other client information is as below. My requirement is to add all the possible relam-management roles have to added to this user.
ClientModel privateClientModel = realmModel.addClient(privateClientName);
privateClientModel.setProtocol(CLIENT_PROTOCOL);
privateClientModel.setClientId(privateClientName);
privateClientModel.addWebOrigin("*");
privateClientModel.addRedirectUri("*");
// privateClientModel setSecret "XXXXXXXXXXXXXXX"
// Capability config
privateClientModel.setEnabled(true);
privateClientModel.setClientAuthenticatorType(KeycloakModelUtils.AUTH_TYPE_CLIENT_SECRET);
privateClientModel.setStandardFlowEnabled(true);
privateClientModel.setDirectAccessGrantsEnabled(true);
privateClientModel.setServiceAccountsEnabled(true);
privateClientModel.setImplicitFlowEnabled(false);
// Set the consent required setting
privateClientModel.setConsentRequired(false);
// client scope settings
privateClientModel.setFullScopeAllowed(true);
Can anyone suggest an option to add these roles? I found a similar solution with keycloak client (Solution). But I don’t want to use the keycloak client dependancy inside keycloak SPI. And I don’t want to use keycloak admin API as well.
The following image is how I wanted my client, after adding service account roles,