0

I just started playing around with keycloak and openldap. I was able to link openldap with keycloak and also created some mappers to get user data through OAUTH2 authentication.

Now I am trying to change some editing of user data through keycloak through the REST API. However, when I tried to change the email address (with authenticated PUT request on a user) of an user I get this error message from keycloak.

Does anyone know why this could have happened?

enter image description here

This is the request I am sending to keycloak with a PUT request http://localhost:8080/auth/admin/realms/dev/users/e25c4897-4b61-4334-9be2-6c7cbffa763e

{
  "email": "new@email.com"
}
lukasv90
  • 106
  • 3
  • I'm guessing that you send the whole UserRepresentation to Keycloak? I that case Keycloak then tries to overwrite the readonly attributes with the same values and fails. Can you try just sending the new email address in your PUT request? – Garuno Feb 08 '21 at 22:47
  • No, I am only sending the email... :( – lukasv90 Feb 09 '21 at 08:19
  • Then I am not sure. Maybe you could try it the other way around and send all attributes? Maybe this simply doesn't work with keycloak. If you wanna try digging in the source code, here is the method in keycloak that gets called: https://github.com/keycloak/keycloak/blob/eb37a1ed691381e60342bf31560fbd4d6582ba32/services/src/main/java/org/keycloak/services/resources/admin/UserResource.java#L164 – Garuno Feb 09 '21 at 10:18

0 Answers0