Hello,
- I am running a standard installation of Keycloak 26.1.0.
- I have a single realm, R, configured; the realm has the standard set of clients and one additional client, C, for my application.
- I would like to use the Admin REST API to administer users for this realm.
- The server developer guide states the following to login:
curl \
-d "client_id=admin-cli" \
-d "username=admin" \
-d "password=password" \
-d "grant_type=password" \
"http://localhost:8080/realms/master/protocol/openid-connect/token"
- I changed the hostname and realm; I supplied the credentials of an admin user for the target realm. The target client is the ‘admin-cli’.
- I verified that I can log into the web interface to administer the realm with the admin user’s credentials. In fact, I do that all the time.
However I get the following error message when I invoke the API:
{"error":"invalid_grant","error_description":"Invalid user credentials"}
I am unable to discover any material information on how to solve this issue and would appreciate any guidance.
[ What I have seen on the internet but that I am skeptical of is: due the the OTP (optional) in the direct grant Flow ]
Lastly, I have attached a screenshot of the Capability Config section of the admin-cli client, if that is useful.
Thank you!
