I have generated a token to invoke the keycloak Admin Rest API that returns a list of users of a given realm.
To get the token from the master realm, I executed the following URL. The user “prod-api-user” has the necessary roles to access all the available realms in the keycloak.
curl --location --request POST ‘https://sso.test.com/auth/realms/master/protocol/openid-connect/token’
–header ‘Content-Type: application/x-www-form-urlencoded’
–data-urlencode ‘username=prod-api-user’
–data-urlencode ‘password=xxxxxx’
–data-urlencode ‘grant_type=password’
–data-urlencode ‘client_id=prod-client’
The above curl will return the token and I can copy/paste it in below Authorization payload.
curl --location --request GET ‘https://sso.test.com/auth/admin/realms/osm/users’
–header ‘Authorization: Bearer xxxxxx’
It returns the list of the users who belongs to the realm “osm”.
The username prod-api-user has view-realm and view-users roles for osm realm and other available realms too.
But, When I try with the next available realm i.e test let’s say, I get a blank response with a 200 response code. There are plenty of users in the realm test.
However, the Test realm has the same level roles as osm has. I observe no error logs or any logs that are interesting to this request. (I have tried other realm too, they behave the same, their realm settings are similar to the osm realm)
I am using keycloak 10.0.2
Any help will be greatly appreciated.