Browse Source

Enable Keycloak Admin for Non-master Realms

Allow the 'KeycloakAdmin' class to instantiate against non-master realms using
an Authorization header for a non-admin user that is granted permissions to
inspect or manage Keycloak admin resources.

Example:

kca = KeycloakAdmin(
        'https://auth.keycloak.local/auth/',
        realm_name='my-realm',
        client_id='admin',
        custom_headers=auth_headers
      )
pull/244/head
Ryan Gard 3 years ago
parent
commit
7ee625d063
  1. 4
      keycloak/keycloak_admin.py

4
keycloak/keycloak_admin.py

@ -1885,12 +1885,16 @@ class KeycloakAdmin:
if self.user_realm_name: if self.user_realm_name:
self.realm_name = self.user_realm_name self.realm_name = self.user_realm_name
if self.username and self.password:
self._token = self.keycloak_openid.token(self.username, self.password, grant_type=grant_type) self._token = self.keycloak_openid.token(self.username, self.password, grant_type=grant_type)
headers = { headers = {
'Authorization': 'Bearer ' + self.token.get('access_token'), 'Authorization': 'Bearer ' + self.token.get('access_token'),
'Content-Type': 'application/json' 'Content-Type': 'application/json'
} }
else:
self._token = None
headers = {}
if self.custom_headers is not None: if self.custom_headers is not None:
# merge custom headers to main headers # merge custom headers to main headers

Loading…
Cancel
Save