keycloak-config-cli
keycloak-config-cli copied to clipboard
adorsys
Changing a username while keeping the email unchanged leads to 409 conflict
Current Behavior
- Create a realm.yaml that contains a user with a name and an email address
- Run
keycloak-config-clito apply the realm.yaml - Change the realm.yaml so that the user's email stays the same but the username is changed
- Rerun
keycloak-config-cli--> error, 409 Conflict
Expected Behavior
A new user with the new name should be created, the old user should disappear
Steps To Reproduce
No response
Environment
- Keycloak Version: 16.0.1
- keycloak-config-cli Version: latest
- Java Version: 11
Anything else?
No response
Deleting users is currently not implemented in keycloak-config-cli, only create and update.
Thats why keycloak-config-cli will not delete the old user and the new user has a conflict with the existing user.
I understand, thanks for the quick reply! Happy to provide a PR if you point me in the right direction.
For deleting users, a remote state needs to be implement. Otherwise, Keycloak-config-cli is going to delete all users which is a major incident.
More informations here: https://github.com/adorsys/keycloak-config-cli/blob/main/docs/MANAGED.md
Take a look, how Realm Roles are handled on deletion.
https://github.com/adorsys/keycloak-config-cli/blob/1a22b22462b95ac96a5ea14cd3d4ea1f801d5568/src/main/java/de/adorsys/keycloak/config/service/RoleImportService.java#L243-L269
This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
