Currently, there’s no option for bulk user operations. When using the default admin API, you’d have to iterate over each user and send a separate request for each user.
Alternative could be to implement a custom endpoint and implementing the desired operations. But IMHO this is only worth the effort if you need this more often than once.
“Yes”:
Previously, there was only the extension point for the custom RealmResourceProvider. You can still use this.
“No”:
Since a few versions (don’t know exactly since which exactly), there’s also an admin-realm-restapi-extension SPI, which you can use to extend the admin api with custom endpoints.
The former mentioned RealmResourceProvider is for “regular” endpoints throughout the whole system, whereas with the latter approach is for extending the admin api only. IMHO for your use case, the admin API approach makes more sense.
Unfortunately I don’t an example for that already.
Ok, now I have an example for extending the admin API…
The approach is the same as the regular resource provider, but for admin components and you have the admin auth options at hand (so you don’t need to do the whole auth processing yourself).
The endpoint will then be available at /admin/realms/{realmname}/{your-provider-id}...
I am trying to create the admin component and i have access to it.
I have created a new project for the endpoints and i copy the jar to “/opt/keycloak/providers/”. I am getting 404 when i call HTTPGET /admin/realms/{realmname}/{your-provider-id}/users. Should i place the generated jar with endpoint to another folder?
I have created the service loader file under META-INF/services named as org.keycloak.services.resource.MyAdminRealmResourceProviderFactory and in there i have put the related path that the factory will be found.
The file under META-INF/services must be named org.keycloak.services.resources.admin.ext.AdminRealmResourceProviderFactory and the content is the full qualified classname of your factory class, e.g. dasniko.keycloak.resource.MyAdminRealmResourceProviderFactory
I am trying to access via code the corresponding class/code for the admin ui call PUT “admin/realms/{realm-name}/users/{id}/execute-actions-email” for sending the update password.
var user = session.users().getUserById(realm, id);
user.addRequiredAction(RequiredAction.UPDATE_PASSWORD) does not send an email, but only adds the required action to the user.
Hi @dasniko . Does keycloak support long running background processes such as sending emails for multiple users? The iteration over the desired users will take a lot of time if the number of users is big