Why is the deprecated upload-scripts feature required to import realms which use authorization?

Using Keycloak.X (Quarkus), it is possible to import a realm JSON file via the command line (bin/kc.sh import --file=realm.json) or via the browser using the admin control panel.

However, if that realm JSON file contains a client which has authorization enabled, then any attempt to import will result in the error “Script upload is disabled”. This happens even if your client doesn’t use the script mapper.

To circumvent this, you need to enable the deprecated feature “upload-scripts” during the build process:

bin/kc.sh build --features=upload-scripts

Why is realm-import dependent on upload-scripts in this case? And Is there no setting specific to importing realms (with authorization) ?

Thinking further ahead, is there a timeline on the deprecated feature being totally unsupported/removed ?

Thank you.

Hey,

I tried the option but it seams like it got finally removed.
How is it possible to get the import done then?

Kind regards

Simply reading the blog post for the new version leads you to the current possibilities.

That blog post no longer exists. Do you have a link to what you are describing?
And by the “current possibilities” what does that mean exactly? This link points to Script Providers section but how does that help with importing an exported realm that had authorization turned on?

The solution shouldn’t be to just remove JS policies that get added on an export so what do you suggest?