Joins with Keycloak java admin client

Question

I m trying to understand the admin client api of Keycloak, especially around joins.

There is this post that adresses a similar need for getting users per role.

Keycloak - Get all Users mapped to roles

How would we do this with the admin client?

Because for now I am retrieving all users and checking if the roles match:

List<UserRepresentation> userRepresentations = keycloak.realm(realm).users().search("", 0, 1000); //get all users :(
        for (UserRepresentation userRepresentation : userRepresentations ) {
            List<String> userRoles = userRepresentation.getRealmRoles();

            if(userRoles != null && !Collections.disjoint(userRoles, roles)){
                result.add(KeycloakUserTransformer.userRepresentationToSimpleUserDTO(userRepresentation));
            }
        }

And the thing is, userRoles list is always empty :S. But actually, we have ~2500 users in keycloak users.

EDIT: I am using the keycloak admin client v.2.0. I guess the newer versions support this.

Thanks in advance.

score 2 · Accepted Answer · answered Mar 06 '18 at 01:12

2

With latest admin client you can easily get

RoleResource roleResource = keycloak.realm("realm_name").roles().get("role_name");  
    Set<UserRepresentation> users = roleResource.getRoleUserMembers();

answered Mar 06 '18 at 01:12

ravthiru

8,878
2
43
52

Careful, this only gives u the direct assigned user to this role, not the effective ones. I prefer to use groups for querys of users sets. – Stefan Höltker Nov 06 '20 at 15:15

Joins with Keycloak java admin client

1 Answers1