How to modify the realm user profile attributes using a keycloak module?

actionmystique · April 3, 2024, 12:32pm

There are several very useful keycloak modules in the community.general collection, like keycloak_realm and keycloak_user. There is no Discussions tab in their dedicated github site, hence this post here.

It seems difficult or impossible to modify or add the attributes of all user profiles in a specific realm using a keycloak module. keycloak_realm would seem more appropriate and the only parameter which could be useful as described by the official documentation is attributes but it is evasive.

When using the keycloak embedded script kcadm.sh, I get:

# bin/kcadm.sh get realms/realm_name/users/profile
{
  "attributes" : [ {
    "name" : "username",
    "displayName" : "${username}",
    "validations" : {
      "length" : {
        "min" : 3,
        "max" : 255
      },
      "username-prohibited-characters" : { },
      "up-username-not-idn-homograph" : { }
    },
    "permissions" : {
      "view" : [ "admin", "user" ],
      "edit" : [ "admin", "user" ]
    },
    "multivalued" : false
  }, {
    "name" : "email",
    "displayName" : "${email}",
    "validations" : {
      "email" : { },
      "length" : {
        "max" : 255
      }
    },
    "required" : {
      "roles" : [ "user" ]
    },
    "permissions" : {
      "view" : [ "admin", "user" ],
      "edit" : [ "admin", "user" ]
    },
    "multivalued" : false
  }, {
    "name" : "firstName",
    "displayName" : "${firstName}",
    "validations" : {
      "length" : {
        "max" : 255
      },
      "person-name-prohibited-characters" : { }
    },
    "required" : {
      "roles" : [ "user" ]
    },
    "permissions" : {
      "view" : [ "admin", "user" ],
      "edit" : [ "admin", "user" ]
    },
    "multivalued" : false
  }, {
    "name" : "lastName",
    "displayName" : "${lastName}",
    "validations" : {
      "length" : {
        "max" : 255
      },
      "person-name-prohibited-characters" : { }
    },
    "required" : {
      "roles" : [ "user" ]
    },
    "permissions" : {
      "view" : [ "admin", "user" ],
      "edit" : [ "admin", "user" ]
    },
    "multivalued" : false
  } ],
  "groups" : [ {
    "name" : "user-metadata",
    "displayHeader" : "User metadata",
    "displayDescription" : "Attributes, which refer to user metadata"
  } ]
}

The goal is to add another attribute to all users in that realm, for instance:

  {
    "name" : "new_attribute",
    "displayName" : "${new_attribute}",
    "validations" : {
      "options" : {
        "options" : [ "option1", "option12" ]
      }
    },
    "annotations" : {
      "inputType" : "select"
    },
    "required" : {
      "roles" : [ "admin", "user" ]
    },
    "permissions" : {
      "view" : [ "admin" ],
      "edit" : [ "admin" ]
    },
    "multivalued" : false
  }

Any suggestion?

collections #community_general #keycloak

softyeducation · July 10, 2024, 12:22pm

Im having the same issue, did you find a solution ?

Topic		Replies	Views
How to manage things like connectionstrings? Get Help galaxy-ng	1	139	April 8, 2024
Authenticate User with Keycloak Access Token to use the Rest API Get Help awx	4	590	November 13, 2023
Keyclaok integration and permission questions Get Help awx	3	314	March 2, 2024
Changing the dictionary key names but not values of items in a loop Get Help role , jmespath , loop , variables	9	557	January 28, 2024
How to modify json file on remote node? Get Help playbook	9	797	January 6, 2024

How to modify the realm user profile attributes using a keycloak module?

Related topics