blocks|key|1461249|text|使用邮递员和三个条件应该支持它。#1“测试-用户”需要一个“视图-客户端”角色。它来自“领域管理”客户端。|type|unstyled|depth|inlineStyleRanges|entityRanges|data|1461250|📷|atomic|offset|length|1461251|​|1461252|#2使用"admin-cli“客户端并使用”机密“更改访问类型，并打开”授权启用“是"+on”。|1461253|1461254|1461255|#3使用“admin-cli”的秘密为邮递员令牌呼叫。|1461256|1461257|1461258|使用#3的秘密和#1的用户证书(用户名和密码)获取令牌。|1461259|1461260|令牌"expires_in“非常短，需要通过UI使其更长。它是admin-cli的高级设置(仅用于测试目的)+|unordered-list-item|1461261|。|1461262|1461263|1461264|1461265|#5您需要保存一个用于调用客户机/角色API的令牌|1461266|，|1461267|，它是邮递员测试标签上的#4的API。|1461268|1461269|1461270|1461271|使用#5的令牌调用列表客户机/角色API。|1461272|1461273|1461274|1461275|1461276|1461277|#7从#6中查找“定制客户端”id。|1461278|1461279|1461280|8使用#7+id调用自定义的角色API。|1461281|1461282|它应该与UI的角色匹配。|1461283|1461284|1461285|祝好运!|1461286|entityMap|0|IMAGE|mutability|IMMUTABLE|imageUrl|https://developer.qcloudimg.com/http-save/yehe-900000/58ad0de9d87f71f6099abbf9c05964e7.png|imageAlt|1|https://developer.qcloudimg.com/http-save/yehe-900000/955bf58b54b25d9bfd3061bf5aa1b0ab.png|2|https://developer.qcloudimg.com/http-save/yehe-900000/50968129d0ef2e44cd97c941d2d2c1e6.png|3|https://developer.qcloudimg.com/http-save/yehe-900000/97153113fbdc191db070d82c6fdaf702.png|4|https://developer.qcloudimg.com/http-save/yehe-900000/5384178c237f42c782e8149a8d09a1b7.png|5|https://developer.qcloudimg.com/http-save/yehe-900000/166627efbb6e2629c4dae353debb9bd0.png|6|https://developer.qcloudimg.com/http-save/yehe-900000/53e08dcb17400a7407a0613a69c94aff.png|7|https://developer.qcloudimg.com/http-save/yehe-900000/648338fead8d8c23884e5ca6d36f20e0.png|8|https://developer.qcloudimg.com/http-save/yehe-900000/9797ba3983db26d5457284aff22a1ec6.png|9|https://developer.qcloudimg.com/http-save/yehe-900000/b9a307a77b0a12e6ea9e484b3f469c0a.png|10|https://developer.qcloudimg.com/http-save/yehe-900000/57261dc0d6f5b641c58bdadc07169163.png^0|0|0|1|0|0|0|0|0|1|1|0|0|0|0|1|2|0|0|0|0|0|0|0|1|3|0|0|1|4|0|0|0|0|0|0|0|1|5|0|0|0|0|1|6|0|0|0|0|1|7|0|0|0|0|1|8|0|0|0|0|1|9|0|0|0|1|A|0|0|0^^$0|@$1|2|3|4|5|6|7|2N|8|@]|9|@]|A|$]]|$1|B|3|C|5|D|7|2O|8|@]|9|@$E|2P|F|2Q|1|2R]]|A|$]]|$1|G|3|H|5|6|7|2S|8|@]|9|@]|A|$]]|$1|I|3|J|5|6|7|2T|8|@]|9|@]|A|$]]|$1|K|3|C|5|D|7|2U|8|@]|9|@$E|2V|F|2W|1|2X]]|A|$]]|$1|L|3|H|5|6|7|2Y|8|@]|9|@]|A|$]]|$1|M|3|N|5|6|7|2Z|8|@]|9|@]|A|$]]|$1|O|3|C|5|D|7|30|8|@]|9|@$E|31|F|32|1|33]]|A|$]]|$1|P|3|H|5|6|7|34|8|@]|9|@]|A|$]]|$1|Q|3|R|5|6|7|35|8|@]|9|@]|A|$]]|$1|S|3|-4|5|6|7|36|8|@]|9|@]|A|$]]|$1|T|3|U|5|V|7|37|8|@]|9|@]|A|$]]|$1|W|3|X|5|6|7|38|8|@]|9|@]|A|$]]|$1|Y|3|C|5|D|7|39|8|@]|9|@$E|3A|F|3B|1|3C]]|A|$]]|$1|Z|3|C|5|D|7|3D|8|@]|9|@$E|3E|F|3F|1|3G]]|A|$]]|$1|10|3|H|5|6|7|3H|8|@]|9|@]|A|$]]|$1|11|3|12|5|6|7|3I|8|@]|9|@]|A|$]]|$1|13|3|14|5|6|7|3J|8|@]|9|@]|A|$]]|$1|15|3|16|5|V|7|3K|8|@]|9|@]|A|$]]|$1|17|3|-4|5|6|7|3L|8|@]|9|@]|A|$]]|$1|18|3|C|5|D|7|3M|8|@]|9|@$E|3N|F|3O|1|3P]]|A|$]]|$1|19|3|H|5|6|7|3Q|8|@]|9|@]|A|$]]|$1|1A|3|1B|5|6|7|3R|8|@]|9|@]|A|$]]|$1|1C|3|C|5|D|7|3S|8|@]|9|@$E|3T|F|3U|1|3V]]|A|$]]|$1|1D|3|H|5|6|7|3W|8|@]|9|@]|A|$]]|$1|1E|3|H|5|6|7|3X|8|@]|9|@]|A|$]]|$1|1F|3|C|5|D|7|3Y|8|@]|9|@$E|3Z|F|40|1|41]]|A|$]]|$1|1G|3|H|5|6|7|42|8|@]|9|@]|A|$]]|$1|1H|3|1I|5|6|7|43|8|@]|9|@]|A|$]]|$1|1J|3|C|5|D|7|44|8|@]|9|@$E|45|F|46|1|47]]|A|$]]|$1|1K|3|H|5|6|7|48|8|@]|9|@]|A|$]]|$1|1L|3|1M|5|6|7|49|8|@]|9|@]|A|$]]|$1|1N|3|C|5|D|7|4A|8|@]|9|@$E|4B|F|4C|1|4D]]|A|$]]|$1|1O|3|1P|5|6|7|4E|8|@]|9|@]|A|$]]|$1|1Q|3|C|5|D|7|4F|8|@]|9|@$E|4G|F|4H|1|4I]]|A|$]]|$1|1R|3|H|5|6|7|4J|8|@]|9|@]|A|$]]|$1|1S|3|1T|5|6|7|4K|8|@]|9|@]|A|$]]|$1|1U|3|-4|5|6|7|4L|8|@]|9|@]|A|$]]]|1V|$1W|$5|1X|1Y|1Z|A|$20|21|22|-4]]|23|$5|1X|1Y|1Z|A|$20|24|22|-4]]|25|$5|1X|1Y|1Z|A|$20|26|22|-4]]|27|$5|1X|1Y|1Z|A|$20|28|22|-4]]|29|$5|1X|1Y|1Z|A|$20|2A|22|-4]]|2B|$5|1X|1Y|1Z|A|$20|2C|22|-4]]|2D|$5|1X|1Y|1Z|A|$20|2E|22|-4]]|2F|$5|1X|1Y|1Z|A|$20|2G|22|-4]]|2H|$5|1X|1Y|1Z|A|$20|2I|22|-4]]|2J|$5|1X|1Y|1Z|A|$20|2K|22|-4]]|2L|$5|1X|1Y|1Z|A|$20|2M|22|-4]]]]

Using Postman and three conditions should support it.
#1 &quot;test-user&quot; needs a &quot;view-clients&quot; role. It comes from &quot;realm-management&quot; client.
<a href="https://i.stack.imgur.com/k7CH5.png" rel="noreferrer"><img src="https://i.stack.imgur.com/k7CH5.png" alt="enter image description here" /></a>
#2 Using &quot;admin-cli&quot; client and Change Access Type with &quot;confidential&quot; and turn on &quot;Authorization Enabled&quot; is &quot;ON&quot;
<a href="https://i.stack.imgur.com/yVdZL.png" rel="noreferrer"><img src="https://i.stack.imgur.com/yVdZL.png" alt="enter image description here" /></a>
#3 using &quot;admin-cli&quot;'s secret for Postman token call.
<a href="https://i.stack.imgur.com/7Nqi6.png" rel="noreferrer"><img src="https://i.stack.imgur.com/7Nqi6.png" alt="enter image description here" /></a>
#4 get token with #3's secret and #1 user's credential(username and password)
<ul>
<li>the token &quot;expires_in&quot; is very short, you need to makes a longer by UI.
it is admin-cli's advanced settings(for just testing purpose)
<a href="https://i.stack.imgur.com/x1ASC.png" rel="noreferrer"><img src="https://i.stack.imgur.com/x1ASC.png" alt="enter image description here" /></a>
<a href="https://i.stack.imgur.com/5Wcct.png" rel="noreferrer"><img src="https://i.stack.imgur.com/5Wcct.png" alt="enter image description here" /></a></li>
</ul>
#5 you needs to save a token for calling client/role API
<ul>
<li>it is same #4's API on Tests Tab of Postman.
<a href="https://i.stack.imgur.com/eF3Sg.png" rel="noreferrer"><img src="https://i.stack.imgur.com/eF3Sg.png" alt="enter image description here" /></a></li>
</ul>
#6 Call list client/role API with #5's token.
<a href="https://i.stack.imgur.com/mWMCZ.png" rel="noreferrer"><img src="https://i.stack.imgur.com/mWMCZ.png" alt="enter image description here" /></a>
<a href="https://i.stack.imgur.com/zI9Ic.png" rel="noreferrer"><img src="https://i.stack.imgur.com/zI9Ic.png" alt="enter image description here" /></a>
#7 find &quot;custom-client&quot; id from #6
<a href="https://i.stack.imgur.com/a2V2H.png" rel="noreferrer"><img src="https://i.stack.imgur.com/a2V2H.png" alt="enter image description here" /></a>
#8 call custom role API using #7 id.
<a href="https://i.stack.imgur.com/5Ne1J.png" rel="noreferrer"><img src="https://i.stack.imgur.com/5Ne1J.png" alt="enter image description here" /></a>
it should be match with UI's roles.
<a href="https://i.stack.imgur.com/TQVEV.png" rel="noreferrer"><img src="https://i.stack.imgur.com/TQVEV.png" alt="enter image description here" /></a>
Good Luck!

To get roles in a custom client I know I need to do two APIs. One is to get an access token and one is to get the roles. My doubt is, should I get accessToken by sending admin-CLI details in headers or because I want roles of the custom client I have created? Because, im getting unknown_error when trying to fetch roles.
To get accessToken:
<pre><code>curl -X POST \
 http://localhost:8080/auth/realms/test-keycloak-example/protocol/openid-connect/token \
 -H 'cache-control: no-cache' \
 -H 'content-type: application/x-www-form-urlencoded' \
 -d 'grant_type=client_credentials&amp;client_id=test-keycloak-example&amp;client_secret=shhh'
</code></pre>
To get roles:
<pre><code>curl -X GET \
 http://localhost:8080/auth/admin/realms/test-keycloak-example/clients/cb11fd17-46df-419a-9c67-4a69d1be66ae/roles \
 -H 'authorization: Bearer &lt;token received from previous call&gt; \
 -H 'cache-control: no-cache' \
 -H 'postman-token: 248fef6b-9c24-3aa3-91ae-a6f11e01e55c'
</code></pre>
The response is:
<pre><code>{
 &quot;error&quot;: &quot;unknown_error&quot;
}
</code></pre>

How to get roles from custom client in keycloak?

翻译质量差，导致语言生硬或混乱。

没有提供实际的解决方法或示例。

解答不清晰，无法理解或解决问题。

页面排版不美观，阅读体验差。

文章

问答

视频

学习中心

腾讯云实验室

直播

竞赛

腾讯云代码分析专区

腾讯iOA零信任安全管理系统专区

腾讯云架构师技术同盟交流圈

腾讯云数据库专区

腾讯云顾问专区

腾讯云原生专区

腾讯混元专区

腾讯云TCE专区

腾讯云Lighthouse专区

腾讯云HAI专区

腾讯云Edgeone专区

腾讯云存储专区

腾讯云智能专区

腾讯轻联专区 

腾讯云开发专区

TAPD专区

腾讯轻量云游戏服专区

腾讯云最具价值专家

腾讯云架构师技术同盟

腾讯云创作之星

腾讯云开发者先锋

腾讯云代码助手

云原生构建

TAPD 敏捷项目管理

Cloud Studio

SDK中心

API中心

命令行工具

涵盖代码开发、场景应用、自动测试全流程，助你从零构建专属AI助手

一站式MCP教程库，解锁AI应用新玩法

要在自定义客户端中获得角色，我知道我需要执行两个API。一个是获取访问令牌，另一个是获取角色。我的疑问是，我应该通过在标头中发送admin细节来获得accessToken，还是因为我想要我创建的自定义客户端的角色？因为，当我试图获取角色时，我得到了unknown_error。要获得accessToken：curl -X POST \  http://localhost:8080/auth/real

如何从自定义客户端获得角色？-腾讯云开发者社区-腾讯云

问如何从自定义客户端获得角色？
EN

回答 1

Stack Overflow用户

社区

活动

圈层

关于

腾讯云开发者

热门产品

热门推荐

更多推荐

问如何从自定义客户端获得角色？EN