具有空格的领域中的Keycloak查询用户

时间:2020-09-23 10:46:07

标签: keycloak keycloak-rest-api

我的密钥斗篷(9.0.2)中有一个域“ Testkunde 2” 我想通过REST调用来查询用户,该调用带有由clientid / secret获得的令牌。但是我收到错误401。我可以使用类似的域名查询用户,而名称中没有空格。密钥斗篷SPA可以执行相同的请求,但它使用来自主领域的令牌。

我的要求是: curl --location --request GET 'https://pc62.mid.de:9443/auth/admin/realms/Testkunde%202/users?briefRepresentation=true&first=0&max=20' --header 'Authorization: Bearer

我随请求获得令牌 curl --location --request POST 'https://pc62.mid.de:9443/auth/realms/Testkunde%202/protocol/openid-connect/token' --header 'Content-Type: application/x-www-form-urlencoded' --header 'Authorization: Basic xxx' --data-urlencode 'grant_type=client_credentials'

令牌的内容为:

{
  "exp": 1600851850,
  "iat": 1600851550,
  "jti": "6f2eab19-01fd-4ea8-91a2-d76cc0bc2dc9",
  "iss": "https://pc62.mid.de:9443/auth/realms/Testkunde%202",
  "aud": [
    "realm-management",
    "account"
  ],
  "sub": "f9027840-2041-417c-9053-24d6f1ed1d74",
  "typ": "Bearer",
  "azp": "camp",
  "session_state": "062eeed5-ed39-4576-9e45-297266b4c7d1",
  "acr": "1",
  "realm_access": {
    "roles": [
      "offline_access",
      "uma_authorization"
    ]
  },
  "resource_access": {
    "realm-management": {
      "roles": [
        "manage-users",
        "view-users",
        "query-groups",
        "query-users"
      ]
    },
    "account": {
      "roles": [
        "manage-account",
        "manage-account-links",
        "view-profile"
      ]
    },
    "camp": {
      "roles": [
        "uma_protection"
      ]
    }
  },
  "scope": "mid:camp profile email",
  "http://smartfacts.com/claims/id": "f9027840-2041-417c-9053-24d6f1ed1d74",
  "http://smartfacts.com/claims/ID": "f9027840-2041-417c-9053-24d6f1ed1d74",
  "http://smartfacts.com/claims/scope": [
    "sf:bpm",
    "mid:camp"
  ],
  "email_verified": false,
  "clientId": "camp",
  "clientHost": "192.168.4.165",
  "http://smartfacts.com/claims/profileclaims/username": "service-account-camp",
  "preferred_username": "service-account-camp",
  "clientAddress": "192.168.4.165",
  "http://smartfacts.com/claims/role": [
    "uma_authorization",
    "manage-account",
    "manage-users",
    "query-users",
    "view-profile",
    "uma_protection",
    "offline_access",
    "query-groups",
    "view-users"
  ],
  "http://smartfacts.com/claims/profileclaims/givenname": null,
  "nameid": null,
  "http://smartfacts.com/claims/profileclaims/lastname": null,
  "http://smartfacts.com/claims/emailaddress": null
} ```

0 个答案:

没有答案
相关问题
最新问题