I am using the latest keycloak image in docker and can access the standard admin console at http://localhost:9080. However, I cant seem to access any of the paths specified in the documentation for Admin REST api. For instance, the base path /auth and Resource Get clients belonging to the realm Returns a list of clients belonging to the realm: /{realm}/clients I am getting a 404. So is for any other method in the documentation. The only path returning a valid 200 json response is http://localhost:9080/auth/realms/{realm-name}/ which according to the documentation be reachable at basepath + "/{realm-name}". Am I missing something or trying to access with a wrong base path. The keycloak version in docker is 3.4.3.Final which is the latest version of keycloak according to the documentation.
Asked
Active
Viewed 1.3k times
15
-
3Have you tried `http://localhost:9080/auth/admin/realms/{realm}/clients` instead? – Alex Karasev Jan 30 '18 at 10:09
1 Answers
23
I'm almost sure you are trying to call the endpoint like this:
However, you've missed this part/auth/admin/realms
Please, don't forget to authorize your call first as stated here
UPDATE
Here are my steps to see the results:
$ docker run -d -e KEYCLOAK_USER=admin -e KEYCLOAK_PASSWORD=admin jboss/keycloak
Getting access_token
:
$ curl -X POST \
-H 'Content-Type: application/x-www-form-urlencoded' \
-d 'username=admin&password=admin&client_id=admin-cli&grant_type=password' \
http://localhost:9080/auth/realms/master/protocol/openid-connect/token
Copy and paste obtained access_token
to Authorization
header:
$ curl -X GET \
-H 'Authorization: Bearer <access_token_goes_here>' \
http://localhost:9080/auth/admin/realms/master/clients
Alex Karasev
- 888
- 10
- 22
-
2Doesn't work (even after replacing demo with a valid realm). I have tried using AdvancedRESTClient sending the same Authorization header as used by the admin console but still getting a 404. And I have tried this with a dockerized keycloak and a standalone one. – Taha Rehman Siddiqui Jan 30 '18 at 16:32
-
Your other point 'missing authorization' was helpful in my case because, strangely, accessing the same url from browser did not work for me(after authenticating). But when I sent the bearer token to same URL through postman, it was successful. – tryingToLearn Jul 17 '19 at 09:13
-
2@TahaRehmanSiddiqui, it help to 9 persons. Maybe it's time to accept the answer ;-) – Alex Karasev Aug 15 '19 at 13:10