Keylcloak admin api returns invalid credentials

Question

I am trying to authenticate to keycloak as a root user. I have the following config and I already have a root user which has been assigned realm-management roles

I am using the keycloak nodejs client in the following manner, but I am met with an error and am totally clueless how I can debug this.

  const kcAdminClient = new KcAdminClient({
            baseUrl: process.env.KEYCLOAK_URL,
            realmName: process.env.KEYCLOAK_REALM,
          });
      await kcAdminClient.auth({
        username: "realm-root",
        password: "rolemodel",
        grantType: "password",
        clientId: "cycube",
      });

I received the following in my logs.

user-keycloak-1       | 11:20:41,513 WARN  [org.keycloak.events] (default task-109) type=LOGIN_ERROR, realmId=cycube, clientId=cycube, userId=null, ipAddress=172.25.0.4, error=invalid_client_credentials, grant_type=password
user-keycloak-1       | 11:21:14,758 WARN  [org.keycloak.events] (default task-110) type=LOGIN_ERROR, realmId=cycube, clientId=cycube, userId=null, ipAddress=172.25.0.4, error=invalid_client_credentials, grant_type=password
user-keycloak-1       | 11:21:15,496 WARN  [org.keycloak.events] (default task-110) type=LOGIN_ERROR, realmId=cycube, clientId=cycube, userId=null, ipAddress=172.25.0.4, error=invalid_client_credentials, grant_type=password

Issue might be caused from the lack of client secret. Confidential Access Type Application requires client secret sending. Since it is also security violation, recommended way is making public: https://www.keycloak.org/docs/latest/securing_apps/#_javascript_adapter — kaan bobac, Nov 22 '21 at 15:47
https://keycloak.discourse.group/t/unable-to-authenticate-using-nodejs-client/12240/2 — Jan Garaj, Nov 22 '21 at 15:56

Keylcloak admin api returns invalid credentials

0 Answers0