Uploaded image for project: 'Keycloak'
  1. Keycloak
  2. KEYCLOAK-5211

Unexpected ForbiddenException on createClient with 3.2.0.Final

    Details

    • Docs QE Status:
      NEW
    • QE Status:
      NEW

      Description

      Since upgrading to 3.2.0.Final, my client is not able to create clients in a realm it just created. This was working before with 3.1.0.Final and earlier versions as well.

      I wrote a small program to demonstrate the problem.

      Before running the program, you'll need to add the "testClient" to the master realm,
      Protocol: openid-connect
      Access type: confidential

      You will need to modify the code to change the CLIENT_SECRET constant to match your environment.
      You'll also need to change the keycloak.version property in the pom.xml to match the version you're testing against.

      When running with 3.2.0.Final, we get the following:
      14:50:28,552 ERROR [org.jboss.resteasy.resteasy_jaxrs.i18n] (default task-48) RESTEASY002005: Failed executing POST /admin/realms/testRealm/clients: org.keycloak.services.ForbiddenException
      at org.keycloak.services.resources.admin.permissions.ClientPermissions.requireManage(ClientPermissions.java:248)
      at org.keycloak.services.resources.admin.ClientsResource.createClient(ClientsResource.java:164)

      With 3.1.0.Final, the "testClient" is created successfully in the new testRealm.

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                bill.burke Bill Burke
                Reporter:
                stephane.granger Stéphane Granger
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: