How to modify the realm user profile attributes using a keycloak module?

actionmystique · April 3, 2024, 12:32pm

There are several very useful keycloak modules in the community.general collection, like keycloak_realm and keycloak_user. There is no Discussions tab in their dedicated github site, hence this post here.

It seems difficult or impossible to modify or add the attributes of all user profiles in a specific realm using a keycloak module. keycloak_realm would seem more appropriate and the only parameter which could be useful as described by the official documentation is attributes but it is evasive.

When using the keycloak embedded script kcadm.sh, I get:

# bin/kcadm.sh get realms/realm_name/users/profile
{
  "attributes" : [ {
    "name" : "username",
    "displayName" : "${username}",
    "validations" : {
      "length" : {
        "min" : 3,
        "max" : 255
      },
      "username-prohibited-characters" : { },
      "up-username-not-idn-homograph" : { }
    },
    "permissions" : {
      "view" : [ "admin", "user" ],
      "edit" : [ "admin", "user" ]
    },
    "multivalued" : false
  }, {
    "name" : "email",
    "displayName" : "${email}",
    "validations" : {
      "email" : { },
      "length" : {
        "max" : 255
      }
    },
    "required" : {
      "roles" : [ "user" ]
    },
    "permissions" : {
      "view" : [ "admin", "user" ],
      "edit" : [ "admin", "user" ]
    },
    "multivalued" : false
  }, {
    "name" : "firstName",
    "displayName" : "${firstName}",
    "validations" : {
      "length" : {
        "max" : 255
      },
      "person-name-prohibited-characters" : { }
    },
    "required" : {
      "roles" : [ "user" ]
    },
    "permissions" : {
      "view" : [ "admin", "user" ],
      "edit" : [ "admin", "user" ]
    },
    "multivalued" : false
  }, {
    "name" : "lastName",
    "displayName" : "${lastName}",
    "validations" : {
      "length" : {
        "max" : 255
      },
      "person-name-prohibited-characters" : { }
    },
    "required" : {
      "roles" : [ "user" ]
    },
    "permissions" : {
      "view" : [ "admin", "user" ],
      "edit" : [ "admin", "user" ]
    },
    "multivalued" : false
  } ],
  "groups" : [ {
    "name" : "user-metadata",
    "displayHeader" : "User metadata",
    "displayDescription" : "Attributes, which refer to user metadata"
  } ]
}

The goal is to add another attribute to all users in that realm, for instance:

  {
    "name" : "new_attribute",
    "displayName" : "${new_attribute}",
    "validations" : {
      "options" : {
        "options" : [ "option1", "option12" ]
      }
    },
    "annotations" : {
      "inputType" : "select"
    },
    "required" : {
      "roles" : [ "admin", "user" ]
    },
    "permissions" : {
      "view" : [ "admin" ],
      "edit" : [ "admin" ]
    },
    "multivalued" : false
  }

Any suggestion?

collections #community_general #keycloak

softyeducation · July 10, 2024, 12:22pm

Im having the same issue, did you find a solution ?