I have a user with Client Roles realm-management in a realm which contains password policy. I want to exclude this user from the password policy since I use this user to do some operation fetch the roles get all the user via Java API and I don't want all the operation to be drop when the password needs to be updated. I tried to use the admin user from the master realms but I did not get any result
Any ideas?
When you create a realm in keycloak with password policy and you want to exclude the admin user from this policy do this follow these steps :
When a user creates new realm e.g "FooRealm" keycloak adds sibling client inside the master realm with a suffix -realm, in this case, we will see FooRealm-realm
Inside this client, FooRealm-realm do those changes (settings tab)
Create user inside the master realm, In user details, go to: Role Mappings >> Clients Roles and from the drop down menu select the sibling client (FooRealm-realm) and make sure it is own all the roles inside
Now To fetch all the user from the Slave realm FooRealm
Keycloak keycloak = KeycloakBuilder.builder()
.serverUrl("http://localhost/auth")
.realm("master")
.grantType(OAuth2Constants.PASSWORD)
.clientId(FooRealm-realm)
.clientSecret("7f0080cf-xxxx-xxxxx-9115-xxxxxxxxxx")
.username("sysadmin")
.password("x123456")
.build();
RealmResource realmResource = keycloak.realm("FooRealm");
realmResource.users().list(0, 1000);
