Keycloak REST API 403 forbidden

keycloak keycloak-services
17,263

Solution 1

the user you use to access according functions needs according rights on your realm.

For example my 'admin' user needed a CLIENT ROLE "view-users" of CLIENT "realm-management" to be able to get information about users. In your case, when you need to delete a user, you may need a role "manage-users" or may be something more powerful.

Solution 2

Realm management role of manage-users will give you delete permissions. You can select realm management from the client roles drop down in the role mappings tab.

Manage-users is a powerful role though, it might give more permissions to the end user than you might like. You can upgrade other users role, delete anyone etc. Do test it out according to your requirements.

Share:
17,263
Avinash chavan
Author by

Avinash chavan

Updated on June 13, 2022

Comments

  • Avinash chavan
    Avinash chavan almost 2 years

    I am trying to delete user session using keycloak REST API, But getting the 403 forbidden Http status code. I am passing the token and cookie in to the header, please let me know if I missing something.

    static void logOut(String userId,KeycloakSecurityContext session){

        userId = "a12c13b7-fa2e-412f-ac8e-376fdca16a83";

        String url = "http://localhost:8081/auth/admin/realms/TestRealm/users/a12c13b7-fa2e-412f-ac8e-376fdca16a83/logout";
        HttpClient httpclient = HttpClients.createDefault();
        HttpPost httppost = new HttpPost(url);

        HttpResponse response;
        try {

            httppost.addHeader("Accept", "application/json");
            httppost.addHeader("Content-Type","application/json");
            httppost.addHeader("Cookie", "JSESSIONID=CABD8A135C74864F0961FA629D6D489B");
            httppost.addHeader("Authorization", "Bearer "+session.getTokenString());


            response = httpclient.execute(httppost);
            HttpEntity entity = response.getEntity();

            System.out.println("entity :"+response.getStatusLine());

            if (entity != null) {
                String responseString = EntityUtils.toString(entity, "UTF-8");
                System.out.println("body ....."+responseString);
            }
        } catch (ClientProtocolException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        } catch (IOException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }

    }

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Keycloak Angular 2 - Check authenticated status Keycloak object
How to get userinfo in springboot using keycloak?
KeyCloak : No 'Access-Control-Allow-Origin' header is present on the requested resource
Didn't find publicKey for kid ,Keycloak?
Keycloak, not returning access token if update password action selected
Generate JWT Token in Keycloak and get public key to verify the JWT token on a third party platform
Avoid keycloak default login page and use project login page
Keycloak Invalid token issuer
Flutter appauth Invalid parameter: redirect_uri
Authenticate flutter app with keycloak and openid_client