Learn Keycloak Admin Rest Api in Spring Boot
I. Introduction Keycloak has provided an admin GUI where a user can manage his profile or an admin user to manage the realm which includ...
https://www.czetsuyatech.com/2020/03/spring-rest-api-keycloak-admin.html
I. Introduction
Keycloak has provided an admin GUI where a user can manage his profile or an admin user to manage the realm which includes the roles, permissions, and users.
But there are times when we want to integrate these functionalities into our application so that the interaction is seamless. To do that Keycloak has provided an API for us to manage a realm from an external application. The API is available from mvnrepository https://mvnrepository.com/artifact/org.keycloak/keycloak-admin-client.
And in this blog, I will share a Spring Boot 2 project where a logged user can view his/her roles and profile information.
Included in the project is a postman collection that can be used for testing.
II. Setting Up Keycloak
Follow the instructions in this blog post: https://www.czetsuyatech.com/2020/02/keycloak-download-and-configure.html.
III. The Spring Boot 2 Project
Let's start creating a Spring Boot 2 rest project.
1.) Using Spring STS IDE, create a new project using the Spring Starter Project template.
2.) Make sure to add the following dependencies: keycloak-spring-boot-starter and spring-boot-starter-security.
2.) Make sure to add the following dependencies: keycloak-spring-boot-starter and spring-boot-starter-security.
3.) We need to extend the class KeycloakWebSecurityConfigurerAdapter as specified in the keycloak securing apps documentation below. See the code below.
4.) Due to some Keycloak issues, we need to extend the class KeycloakSpringBootConfigResolver. See the code below.
5.) I created a utility class that will help us initialize a Keycloak class that we can use to communicate and manage a Keycloak instance - KeycloakAdminClientUtils. See the code below.
6.) We then need a service to get or manage information from Keycloak depending on the user's role. For instance, the user I'm using has a manage-realm role, this means that I can call almost all the API provided by Keycloak. In my example, I'm returning the user's role as well as its profile. See class KeycloakAdminClientService.
7.) I create a REST controller class to use the service in #6 for demo. See KeycloakController.
8.) And finally, don't forget to specify the Keycloak configuration in application.properties.
9.) The Keycloak realm configuration and postman project I used for testing are both available in Github under the project's config folder.
Java Classes:
IV. References
- https://github.com/czetsuyatech/keycloak-rest-admin-api
- https://www.keycloak.org/docs/latest/securing_apps/
- https://www.keycloak.org/docs-api/9.0/rest-api/index.html
8. Development and Support
Unlock the full coding experience! As a GitHub Sponsor, you gain exclusive access to the code behind this article—start learning and building today!
I'm available for contracting services and support. You can reach me at: https://www.czetsuyatech.com/p/consultation-services.html.
Post a Comment