Uploaded image for project: 'Keycloak'
  1. Keycloak
  2. KEYCLOAK-13823

"Dir" Full export/import: On import, service account roles and authorization info are not imported

    XMLWordPrintable

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Done
    • 9.0.2
    • 11.0.0
    • Import/Export
    • None
    • Hide
      1. Make sure Service Accounts Enabled is enabled in admin-cli client.
      2. Assign to the client admin-cli in the Service Accounts Roles tab the following clientRoles _of _realm-management: view-users and manage-users
      3. Do an export of the realm
      4. Delete the database
      5. Do an import of the realm
      6. Verify in the Service Accounts Roles tab in the clientRoles _section that in _realm-management: view-users and manage-users are not assigned.
      Show
      Make sure Service Accounts Enabled is enabled in admin-cli client. Assign to the client admin-cli in the Service Accounts Roles tab the following clientRoles _of _realm-management : view-users and manage-users Do an export of the realm Delete the database Do an import of the realm Verify in the Service Accounts Roles tab in the clientRoles _section that in _realm-management : view-users and manage-users are not assigned.
    • NEW
    • NEW

    Description

      The same as these https://issues.redhat.com/browse/KEYCLOAK-8463, but it should be fixed in the version I tested.

      After successfully importing the realm and users, the roles are not assigned on the Service account roles tab.

      This is a snippet the file users to be imported. This is the service-account-admin-cli with the clientRoles _ of _realm-management. The roles view-users and manage-users are not imported.

      "users" : [ {
      "id" : "c4d4c0e7-62c9-4482-9f9c-43f5a67db3da",
      "createdTimestamp" : 1587025445241,
      "username" : "service-account-admin-cli",
      "enabled" : true,
      "totp" : false,
      "emailVerified" : false,
      "serviceAccountClientId" : "admin-cli",
      "credentials" : [ ],
      "disableableCredentialTypes" : [ ],
      "requiredActions" : [ "UPDATE_PASSWORD" ],
      "realmRoles" : [ "offline_access", "uma_authorization" ],
      "clientRoles" :

      { "realm-management" : [ "view-users", "manage-users" ], "account" : [ "view-profile", "manage-account" ] }

      ,
      "notBefore" : 0,
      "groups" : [ ]
      }, ...

      Attachments

        Issue Links

          Activity

            People

              rhn-support-rmartinc Ricardo Martin Camarero
              ikeraguayo Iker Aguayo (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: