Unable to perform any actions with the REST API

oscarcp · June 8, 2020, 11:04am

Hi! I’m having problems performing any actions whatsoever with the REST API in my python script. At the moment, just for testing I want to login and create a user (or a client), this is what I have so far, both with direct requests, and with the python-keycloak library.

Directly with requests, trying to create a client:

import requests
import argparse
import ast


def get_token():
    url = f"{kc['SERVER_URL']}realms/my-realm-name/protocol/openid-connect/token"
    params = {
        'client_id': 'admin-cli',
        'client_secret': kc['CLIENT_SECRET'],
        'grant_type': 'client_credentials',
        #'username': kc['USER'],
        #'password': kc['PASS']
    }
    x = requests.post(url, params, verify=True).content.decode('utf-8')
    print(x)
    print('\n')
    return ast.literal_eval(x)['access_token']
    # return requests.post(url, params, verify=False).content.decode('utf-8')


def create_client():
    url = f"{kc['SERVER_URL']}admin/realms/my-realm-name/clients"
    headers = {
        'content-type': 'application/json',
        'Authorization': 'Bearer ' + str(get_token())
    }
    params = {
        "clientId": "testclient",
        "id":"3",
        "name": "testclient-3",
        "description": "TESTCLIENT-3",
        "enabled": True,
        "redirectUris":[ "\\" ],
        "publicClient": True
    }
    x = requests.post(url, headers=headers, json=params)
    print(x)
    print(x.content)
    print(x.text)
    return x.content


create_client()

With python-keycloak library creating a user:

from keycloak import KeycloakAdmin, KeycloakOpenID
from .settings import KEYCLOAK as kc


keycloak_access = KeycloakAdmin(server_url=kc['SERVER_URL'],
                                username=kc['USER'],
                                password=kc['PASS'],
                                realm_name=kc['REALM'],
                                client_id=kc['CLIENT_ID'],
                                client_secret_key=kc['CLIENT_SECRET'],
                                user_realm_name='master',
                                verify=True)

print(keycloak_access)
# Add user
new_user = keycloak_access.create_user({
                    "email": "example@example.com",
                    "username": "example",
                    "enabled": True,
                    "firstName": "Example",
                    "lastName": "Example",
                    "realmRoles": ["test_role", ],
                    "attributes": {"example": "1,2,3,3,"}})

Both login correctly (I get the token etc.) but when I perform any actions I get a 403 with “unknown error”.

Any clue on why this is happening? The clients have full scopes active, they are confidential type with service accounts enabled, etc.

Topic		Replies	Views
Creating user via Admin REST API using other oauth2 client than "admin-cli" Getting advice	3	718	July 4, 2021
Create user via Rest api Getting advice admin-console	1	794	December 8, 2020
How to add user with client roles using rest api Getting advice account-rest , admin-rest	2	2671	December 11, 2021
Create a oauth client using rest api Getting advice	5	3417	March 31, 2020
REST Api Error 403 Configuring the server	2	473	February 9, 2021

Unable to perform any actions with the REST API

Related Topics