Could not update user! because of a NullPointerException

johnny-human · January 5, 2023, 9:00pm

Hello, I’m trying to update a user in a specific realm as admin-cli. I have set up Postman and I’m able to return a list of all users in the realm, and also access a specific user. But when trying to update that specific user, I get this error:

[org.keycloak.services.resources.admin.UserResource] (executor-thread-9) Could not update user!: java.lang.NullPointerException: Cannot invoke "org.keycloak.representations.idm.UserRepresentation.isEnabled()" because "rep" is null
        at org.keycloak.services.resources.admin.UserResource.updateUser(UserResource.java:169)

This is the request:

PUT http://localhost:8080/admin/realms/bikefolder/users/5c2b646a-2964-438e-8b03-265dc64f113a
{
   "attributes": {
      "test": "test"
   }
}

Does anyone have a clue what could be the problem?

xgp · January 6, 2023, 8:13am

You have to include the full representation. These update endpoints don’t “overlay” changes. The recommended practice is to do a GET for the user you want to update, change the values in the representation you get, and then PUT that representation back.

johnny-human · January 6, 2023, 9:05am

Ok, thanks. But still not working. I tried to send this, the request body sent when updating a user in the browser:

{
    "username":"john",
    "email":"john@test.com",
    "firstName":"John",
    "lastName":"Doe",
    "enabled":true,
    "emailVerified":true,
    "requiredActions":[]
}

Sending back the representation I receive when running a GET in Postman, will not work either.

I’m using openjdk 19.0.1 and keycloak-20.0.2 and running it as a standalone production server with this config:

kc.cache =  ispn
kc.config.built =  true
kc.db =  dev-file
kc.features =  account-api, admin-api 
kc.health-enabled =  false
kc.hostname-strict =  false 
kc.hostname-strict-https =  false 
kc.http-enabled =  true 
kc.http-relative-path =  /
kc.log-console-output =  default

xgp · January 6, 2023, 9:27am

Can you send the full request you are using? A curl or something like that, so we can see all of the headers you are sending.

Also, one useful “hack” is to use the Keycloak Admin UI to do a sample user update with the browser network inspector open, copy the request, and make sure you are doing the same thing.

johnny-human · January 6, 2023, 9:39am

[Request]
PUT /admin/realms/bikefolder/users/0f6aa9db-943d-4b88-af94-57e3e7d612ca HTTP/1.1
Content-Type: application/json
Authorization: Bearer ...
User-Agent: PostmanRuntime/7.29.2
Accept: */*
Postman-Token: f3cd6488-9ea5-438e-8266-4a762b218680
Host: localhost:8080
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
 
{
    "username":"john",
    "email":"test@test.com",
    "firstName":"John",
    "lastName":"Doe",
    "enabled":true,
    "emailVerified":true,
    "requiredActions":[]
}

[Response]
HTTP/1.1 400 Bad Request
Referrer-Policy: no-referrer
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Type: application/json
content-length: 41

{"errorMessage":"Could not update user!"}

This is the headers from the browser network inspector, when updating a user in Admin UI:

[Request]
PUT /admin/realms/bikefolder/users/0f6aa9db-943d-4b88-af94-57e3e7d612ca
Accept: application/json, text/plain, */*
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9,no;q=0.8
Authorization: bearer ...
Connection: keep-alive
Content-Length: 153
Content-Type: application/json
Host: localhost:8080
Origin: http://localhost:8080
sec-ch-ua: "Chromium";v="108", "Not?A_Brand";v="8"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36
 
{
    "username":"john",
    "email":"test@test.com",
    "firstName":"John",
    "lastName":"Doe",
    "enabled":true,
    "emailVerified":true,
    "requiredActions":[]
}

[Response]
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://localhost:8080
Access-Control-Expose-Headers: Location
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Status Code: 204 No Content

Topic		Replies	Views
Update user not working in springboot	0	505	September 11, 2021
JAVA code to update Keycloak User profile Getting advice	1	126	February 20, 2024
Updating a user via Rest API Getting advice	3	1441	May 4, 2022
Is there the option of giving users permission to only update their own account via admin REST api? Getting advice admin-rest	2	857	October 26, 2022
Update User Client Role for existing User Getting advice	0	349	October 31, 2021

Could not update user! because of a NullPointerException

Related Topics