Realm Import - Service Account Roles Missing

hello there,

in order to have fully automated docker development environment, our team deployment of keycloak does the realm import everytime the container gets up. no problems there.
unfortunately something that is never applied to the realm are the client service account roles, we always have to add them manually eventhough they exists in the users exported file.
everything else, including clients, secrets, users, … gets imported.
is there a known limitation on this part of the import?

any help is much appreciated

Our export configurations:
-Dkeycloak.migration.action=export
-Dkeycloak.migration.provider=dir
-Dkeycloak.migration.dir=/opt/jboss/keycloak/realm-config
-Dkeycloak.migration.usersExportStrategy=SAME_FILE
-Dkeycloak.migration.realmName=my-realm
-Djboss.socket.binding.port-offset=1

Our import configurations:
‘-Dkeycloak.migration.action=import’,
‘-Dkeycloak.migration.provider=dir’,
‘-Dkeycloak.migration.dir=/opt/jboss/keycloak/realm-config’,
‘-Dkeycloak.migration.strategy=OVERWRITE_EXISTING’,

I’m on the same problem since Keycloak 7… I believe some import bugs have been fixed, but this one still remains.
Hope this can be fixed eventually

do you know if there is an issue open for this situation that we can link to this thread?
if not i will create a new one on the red hat tracker…

Hi,

I believe its this issue: https://issues.redhat.com/browse/KEYCLOAK-13823
Hopefully to be resolved by Keycloak 11.

Regards
João

I saw an update today that 10.0.2 was released but sad to see it’s not included.
The fix has been merged almost a month ago in the master branch so I don’t understand why they didn’t include it.

Keycloak 11.0.0 i cant import client roles

try 11.0.2 and see if that solves your problem.