1

Context
I have a php website. Keycloak is used for auth. This part works fine. I now try to save user related state to keycloak directly via its REST API (to not need another user db).

The Problem
When I try to do the request PUT /admin/realms/{realm}/users/{user-id} (from the rest-api docs) I get

{
  "error":"unknown_error", 
  "error_description":"For more on this error consult the server log at the debug level."
}

The Keycloak logs

com.fasterxml.jackson.core.JsonParseException: Unrecognized token 'attributes': was expecting (JSON String, Number, Array, Object or token 'null', 'true' or 'false')

To build the PUT request I use PHP curl. My value for CURLOPT_POSTFIELDS is

json_encode([
    "attributes" => [
        "test" => ["foo"]
    ]
])

which produces the following request body {"attributes":{"test":["foo"]}}. This should be a UserRepresentation (from the docs).

Unfortunately I can't find any other hints about what I do wrong in the docs or keycloak logs. Any idea?

Update When I came back from my weekend it simply worked. Unfortunately I don't know what the problem was. In addition I decided against saving attributes to my users in keycloak as it seems like I can only override the whole user object. As I have spent way too much time with making this feature work I will instead save my data into my own db, referenced by the keycloak userid.

Improve this question
5
  • Can you show the PHP code that sends the request? Commented Jun 22, 2024 at 7:33
  • I will add it as soon as I am back at the computer. But I use pretty much the same code as in a request to another API, where it works fine. I guess the problem is the format of my payload (the json string I showed in the question) Commented Jun 22, 2024 at 11:36
  • The weird thing is that Jackson complains that the JSON is invalid... Commented Jun 22, 2024 at 11:50
  • Yes, but I am not sure what the exception means exactly. I mean, I guess it should expect an object of the type UserRepresentation but the exception does not help me understand if that's right or what it did get instead Commented Jun 22, 2024 at 21:54
  • 1
    The exception means that the JSON is syntactically invalid, as if it started directly with attributes (without {" at the begininng). Commented Jun 23, 2024 at 6:29

1 Answer 1

Reset to default
1

I am not a PHP developer, but I achieved the same result in a Java project. I was able to save and update users to Keycloak via the REST Admin endpoints using the model below.

Keycloak version 20.0.3 used

public class KeycloakUser {

  private String id;
  private String username;

  private String email;

  private boolean enabled;

  private String firstName;

  private String lastName;

  private boolean emailVerified;

  private Map<String, String> attributes;

  private List<Credential> credentials;

  private List<String> requiredActions;
}

From you JSON encoding, You can try this instead {"attributes":{"test":"foo"}}. Make the value of the attributes a dictionary/map of Strings as both the keys and the `values' respectively.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.