I was trying to call keycloak’s REST api to create new users under a realm and I was following this tutorial:
I was able to configure the Admin-cli client and I was able to get the access token by using the client id and secret
However, when I make a POST request to /auth/admin/realms/myapp/users with the bearer token, it fails to create a user and I got an ''unknow_error"
I searched through the internet and community and documentation but there was no clue. Eventually after hours and hours of trying, I found a solution:
You need to first go to clients → admin_cli → Sessions:
Then click on the user “Service-account-admin-cli” and configure such that it has admin role
Then, the previous POST request will successfully create a new user.
I cannot understand why this user “Service-account-admin-cli” is hidden under the users section:
Why would it be hidden??? How are people supposed to find this user (Service-account-admin-cli) and configure it? Does keycloak expect people to find it by clicking clients → admin_cli → Sessions and then see the user from there??