keycloak-config-cli
keycloak-config-cli copied to clipboard
Published
20 hours ago •
adorsys
adorsys
User update without groups deletes previously set groups from user
Current Behavior
When I include an existing user in my import file and don't list any groups, the CLI removes all of the previously set groups for that user.
Expected Behavior
For lower levels as well, the CLI should only update and delete resources or attributes if a certain key is set at all. I.e., if no groups key is set on a user, the import should leave the existing user's groups untouched.
(This assumption according to the behavior listed in docs/MANAGED.md )
Steps To Reproduce
1. Create a user `[email protected]`.
2. Add the user to the import file, leave out groups key
3. Run import
4. Groups will be deleted even though no groups key was present:
Environment
- Keycloak Version: 25.0.2
- keycloak-config-cli Version: v6.1.5
- Java Version: 21
Anything else?
Example user yaml without groups:
- username: [email protected]
enabled: true
emailVerified: true
firstName: User
lastName: Example
email: [email protected]
realmRoles:
- ...
Example log statements showing deletion of previously assigned group:
No need to update user '[email protected]' in realm 'realm'
Remove groups [/xyz] from user '[email protected]' in realm 'realm'
