How to get users from Keycloak REST API?

You need two steps

  • first get an access token from the admin-cli client of the master realm

  • second call the admin rest api with the access token, set Bearer as prefix in the Authorization header.

# get an access token
curl -X POST \
  https://<HOST>/auth/realms/master/protocol/openid-connect/token \
  -H 'Accept: application/json' \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  -H 'cache-control: no-cache' \
  -d 'grant_type=password&username=<USERNAME>l&password=<PASSWORD>&client_id=admin-cli'

# get all users of gateway realm, use the token from above and use Bearer as prefix
curl -X GET \
  https://<HOST>/auth/admin/realms/gateway/users \
  -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkI...' \
  -H 'cache-control: no-cache'

403 = probably you don't have permission to view users. You need to define Client Roles for used user and assign view-users role:

enter image description here

Tags:

Keycloak