I use this curl command to get a token:
curl \
-d "client_id=admin-cli" \
-d "username=admin" \
-d "password=admin_password" \
-d "grant_type=password" \
"https://example.com/auth/realms/master/protocol/openid-connect/token"
Then I use this curl command to get the list of users for my Development realm:
curl \
-H "Authorization: bearer token" \
"https://example.com/auth/admin/realms/Development/users"
And it returns a list of users. This is the response JSON for a sample user:
{
"id": "9ca4216f-d13e-49f9-8c35-36e60916c6a9",
"createdTimestamp": 1631337976997,
"username": "admin#example.com",
"enabled": true,
"totp": false,
"emailVerified": false,
"email": "admin#example.com",
"disableableCredentialTypes": [],
"requiredActions": [],
"notBefore": 0,
"access": {
"manageGroupMembership": true,
"view": true,
"mapRoles": true,
"impersonate": true,
"manage": true
}
}
Where is the first name and last name? How can I get that data?
The easiest reason for them to not show is if those attributes don't exist or aren't populated. Can you confirm that you have a first and last name for that user?
Related
I have a Keycloak deployed locally with the following Docker command:
docker run -p 8080:8080 -e KEYCLOAK_ADMIN=admin -e
KEYCLOAK_ADMIN_PASSWORD=admin quay.io/keycloak/keycloak:20.0.1
start-dev
I get a token from Keycloak. Example:
eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJMZjRfWHJjWkpTaVJYWlFLS254VS1NdU9FTHA4d3NaaHlLMDQ0UjRIRjdnIn0.eyJleHAiOjE2NzAwODc1MDgsImlhdCI6MTY3MDA4NzIwOCwiYXV0aF90aW1lIjoxNjcwMDg2NDcwLCJqdGkiOiIyYWQxODQ5ZC0xMjI0LTQ4YjYtYWZjYy01ZmFjMWZjODY3ZjQiLCJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjgwODAvcmVhbG1zL2RpYWxvZy1mZWF0IiwiYXVkIjoiYWNjb3VudCIsInN1YiI6IjRkYjdiNjg1LTRkYTAtNGZjMy1iNjI1LTgyZmM1MTdjNjA3NiIsInR5cCI6IkJlYXJlciIsImF6cCI6InNvbWV4NSIsIm5vbmNlIjoiR0tNb1JWRTVDajZSVjJMcFQ1Mjg5eVQ3RUdWeFMzZk4iLCJzZXNzaW9uX3N0YXRlIjoiMTY4Y2JmZGQtMmFmYS00Mjk5LWI4YmUtMmExM2FjMjI2NzJiIiwiYWNyIjoiMCIsInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJvZmZsaW5lX2FjY2VzcyIsInVtYV9hdXRob3JpemF0aW9uIiwiZGVmYXVsdC1yb2xlcy1kaWFsb2ctZmVhdCJdfSwicmVzb3VyY2VfYWNjZXNzIjp7ImFjY291bnQiOnsicm9sZXMiOlsibWFuYWdlLWFjY291bnQiLCJtYW5hZ2UtYWNjb3VudC1saW5rcyIsInZpZXctcHJvZmlsZSJdfX0sInNjb3BlIjoib3BlbmlkIHByb2ZpbGUgZW1haWwiLCJzaWQiOiIxNjhjYmZkZC0yYWZhLTQyOTktYjhiZS0yYTEzYWMyMjY3MmIiLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwibmFtZSI6IkpvaG4gU25vdyIsInByZWZlcnJlZF91c2VybmFtZSI6ImpvaG4uc25vdyIsImdpdmVuX25hbWUiOiJKb2huIiwiZmFtaWx5X25hbWUiOiJTbm93IiwiZW1haWwiOiJqb2huLnNub3dAeDUucnUifQ.j_rFqVxICtj7NR-myEsWhSkwBeCABplFrmlBuRMAhF4N8HzdOOtExdmw_mXdx60snKTaE5GJHPofjllpM353lY8H9NGxaczUgL20GjVmMhwtihGGBLpiw7TXyGQGkfdBXdweCuS0W1avegXrhRYvCYlFGJMoxsdmskYkDt4DjuESlTkMEOndVjv5LBp3rLB6lRopq0Qg3Abp_rv57KvlVeeul24OKoisFohnZ4VfsiDPAuVW1u1xaYmjCRDlBwIcGosdwasL_WNAgvJkaKdVtvu7NU-ghPa1vQkWJkMZrVIZDsCc5LKZqwspw3U2iOcUc5EDC6FumBWdfvWCx8cszw
Its payload:
{
"exp": 1670087508,
"iat": 1670087208,
"auth_time": 1670086470,
"jti": "2ad1849d-1224-48b6-afcc-5fac1fc867f4",
"iss": "http://localhost:8080/realms/dialog-feat",
"aud": "account",
"sub": "4db7b685-4da0-4fc3-b625-82fc517c6076",
"typ": "Bearer",
"azp": "somex5",
"nonce": "GKMoRVE5Cj6RV2LpT5289yT7EGVxS3fN",
"session_state": "168cbfdd-2afa-4299-b8be-2a13ac22672b",
"acr": "0",
"realm_access": {
"roles": [
"offline_access",
"uma_authorization",
"default-roles-dialog-feat"
]
},
"resource_access": {
"account": {
"roles": [
"manage-account",
"manage-account-links",
"view-profile"
]
}
},
"scope": "openid profile email",
"sid": "168cbfdd-2afa-4299-b8be-2a13ac22672b",
"email_verified": true,
"name": "John Snow",
"preferred_username": "john.snow",
"given_name": "John",
"family_name": "Snow",
"email": "john.snow#x5.ru"
}
It seems valid. Then I'm making a request to http://127.0.0.1:8080/realms/dialog-feat/protocol/openid-connect/userinfo with the token:
curl --location --request GET
'http://127.0.0.1:8080/realms/dialog-feat/protocol/openid-connect/userinfo'
--header 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJMZjRfWHJjWkpTaVJYWlFLS254VS1NdU9FTHA4d3NaaHlLMDQ0UjRIRjdnIn0.eyJleHAiOjE2NzAwODc1MDgsImlhdCI6MTY3MDA4NzIwOCwiYXV0aF90aW1lIjoxNjcwMDg2NDcwLCJqdGkiOiIyYWQxODQ5ZC0xMjI0LTQ4YjYtYWZjYy01ZmFjMWZjODY3ZjQiLCJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjgwODAvcmVhbG1zL2RpYWxvZy1mZWF0IiwiYXVkIjoiYWNjb3VudCIsInN1YiI6IjRkYjdiNjg1LTRkYTAtNGZjMy1iNjI1LTgyZmM1MTdjNjA3NiIsInR5cCI6IkJlYXJlciIsImF6cCI6InNvbWV4NSIsIm5vbmNlIjoiR0tNb1JWRTVDajZSVjJMcFQ1Mjg5eVQ3RUdWeFMzZk4iLCJzZXNzaW9uX3N0YXRlIjoiMTY4Y2JmZGQtMmFmYS00Mjk5LWI4YmUtMmExM2FjMjI2NzJiIiwiYWNyIjoiMCIsInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJvZmZsaW5lX2FjY2VzcyIsInVtYV9hdXRob3JpemF0aW9uIiwiZGVmYXVsdC1yb2xlcy1kaWFsb2ctZmVhdCJdfSwicmVzb3VyY2VfYWNjZXNzIjp7ImFjY291bnQiOnsicm9sZXMiOlsibWFuYWdlLWFjY291bnQiLCJtYW5hZ2UtYWNjb3VudC1saW5rcyIsInZpZXctcHJvZmlsZSJdfX0sInNjb3BlIjoib3BlbmlkIHByb2ZpbGUgZW1haWwiLCJzaWQiOiIxNjhjYmZkZC0yYWZhLTQyOTktYjhiZS0yYTEzYWMyMjY3MmIiLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwibmFtZSI6IkpvaG4gU25vdyIsInByZWZlcnJlZF91c2VybmFtZSI6ImpvaG4uc25vdyIsImdpdmVuX25hbWUiOiJKb2huIiwiZmFtaWx5X25hbWUiOiJTbm93IiwiZW1haWwiOiJqb2huLnNub3dAeDUucnUifQ.j_rFqVxICtj7NR-myEsWhSkwBeCABplFrmlBuRMAhF4N8HzdOOtExdmw_mXdx60snKTaE5GJHPofjllpM353lY8H9NGxaczUgL20GjVmMhwtihGGBLpiw7TXyGQGkfdBXdweCuS0W1avegXrhRYvCYlFGJMoxsdmskYkDt4DjuESlTkMEOndVjv5LBp3rLB6lRopq0Qg3Abp_rv57KvlVeeul24OKoisFohnZ4VfsiDPAuVW1u1xaYmjCRDlBwIcGosdwasL_WNAgvJkaKdVtvu7NU-ghPa1vQkWJkMZrVIZDsCc5LKZqwspw3U2iOcUc5EDC6FumBWdfvWCx8cszw'
But I get a 401 status code returned. For example:
type=USER_INFO_REQUEST_ERROR, realmId=(...), clientId=null, userId=null, ipAddress=(...), error=access_denied, auth_method=validate_access_token
How to fix this?
My Keycloak settings:
The problem seems to be a mismatch between the issuer of the access token sent to the userinfo endpoint (i.e., "iss": "http://localhost:8080/realms/dialog-feat") and the issuer that the access token validator triggered by the userinfo endpoint is expecting.
Instead of:
Then I'm making a request to
http://127.0.0.1:8080/realms/dialog-feat/protocol/openid-connect/userinfo
with the token (...):
Use the same hostname in the userinfo endpoint has the one that you have used to acquire the access token, for instance:
curl http://localhost:8080/realms/dialog-feat/protocol/openid-connect/userinfo -H "Authorization: Bearer (..<your access token..)"
If the problem still persistes then you also facing the issues related with the Keycloak endpoint implementation described in UserInfo endpoint not fully standards compliant.
In short in your request for a the access token explicitly add the parameter scope=openid. An example:
curl --request POST \
--url "http://localhost:8080/realms/dialog-feat/protocol/openid-connect/token" \
--data client_id=somex5 \
--data username=john.snow \
--data password=...<the password..> \
--data grant_type=password \
--data scope=openid
I want to create a user and assign a client role with it in a single API in Keycloak I have attached the details.
I have this API
http://testkeycloak.com:8085/auth/admin/realms/engineer/users
{
"enabled":true,
"username":"joshbiden",
"email":"email#gmail.com",
"firstName":"Josh",
"lastName":"biden",
"attributes":
{
"Mobile Number":"3333332332"
},
"clientRoles":
{
"name": "DEVELOPER"
},
"credentials":
[
{
"type":"password",
"value":"rollback",
"temporary":false
}
]
}
CLIENT ROLE - DETAILS
{
"id": "32e432da-d0c0-45f8-a67d-f3146b7a24b4",
"name": "DEVELOPER",
"composite": false,
"clientRole": true,
"containerId": "343434-7631-4187-ac76-ad78de119b90"
}
How can I assign two clients' roles to the USER, I have tried to add users but facing an unknown error. Let me know any solution for the same
I want to create a user and assign a client role with it in a single
API in Keycloak I have attached the details.
Unfortunately, it is impossible to do that with a single API call, even though the Keycloak Admin rest API documentation infers otherwise. This can be confirmed by looking at this GitHub issue. Quoting the reply from that thread (from the Keycloak Project Leader Stian Thorgersen):
So, unfortunately, the answer from #Devendra Mahajan is simply not correct.
The solution is to perform two calls, namely:
one to create the user
another to assign the roles
First create the user using the endpoint POST /{realm}/users and with the following data (without the role):
{
"username": "joshbiden",
"enabled": true,
"firstName": "Josh",
"lastName": "biden",
"email": "email#gmail.com",
"attributes": {
"Mobile Number": [
"3333332332"
]
},
"credentials": [{
"type":"password",
"value":"rollback",
"temporary":false
}]
}
Second, you assign the role using the endpoint :
POST /{realm}/users/{id}/role-mappings/clients/{id of client}
with the data:
[{
"id": "32e432da-d0c0-45f8-a67d-f3146b7a24b4",
"name": "DEVELOPER",
"composite": false,
"clientRole": true,
"containerId": "343434-7631-4187-ac76-ad78de119b90"
}]
Step-by-Step
Warning: The /auth path was removed starting with Keycloak 17 Quarkus distribution. So you might need to remove the /auth from the endpoint calls presented on this answer.
To use Keycloak Admin REST API you need an access token from a user with the proper permissions. I will be using the admin user from the master realm:
curl "https://${KEYCLOAK_HOST}/auth/realms/master/protocol/openid-connect/token" \
-d "client_id=admin-cli" \
-d "username=$ADMIN_NAME" \
-d "password=$ADMIN_PASSWORD" \
-d "grant_type=password"
You will get a JSON with the admin's token. Extract the value of property access_token from that response. Let us save it in the variable $ACCESS_TOKEN for later reference.
To create the user in your realm $REALM_NAME:
curl -X POST "https://${KEYCLOAK_HOST}/auth/admin/realms/${REALM_NAME}/users"
-H "Content-Type: application/json" \
-H "Authorization: bearer $ACCESS_TOKEN" \
-d "${USER_JSON_DATA}"
For those that need you can also have a look at my scripts to automatize the user creation on GitHub, namely this or this.
To assign the client role to the user you need the know beforehand the following fields:
id of the user
id of the client
client role representation
To get the user id from your realm $REALM_NAME:
curl -X GET "https://${KEYCLOAK_HOST}/auth/admin/realms/${REALM_NAME}/users/?username=${USERNAME}" \
-H "Content-Type: application/json" \
-H "Authorization: bearer $ACCESS_TOKEN"
From the response extract the user id for example as follows
jq -r ".[] | select(.username==\"$USERNAME\")" | jq -r id
and save it in the variable ${USER_ID}.
To get the client id call the endpoint get clients with the parameter clientID:
curl -X GET "${KEYCLOAK_HOST}/auth/admin/realms/${REALM_NAME}/clients?clientId=${CLIENT_ID}" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer ${ACCESS_TOKEN}"
Extract id from the response (e.g., jq -r .[0].id) and save it in variable ${ID_OF_CLIENT}.
With the previous id you can get the client role as follows:
curl -X GET "http://${KEYCLOAK_HOST}/auth/admin/realms/${REALM_NAME}/clients/${ID_OF_CLIENT}/roles/${ROLE_NAME}" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer ${ACCESS_TOKEN}"
Save the json response in ${CLIENT_ROLE}, and assign the role to the user as follows:
curl -X POST "http://${KEYCLOAK_HOST}/auth/admin/realms/${REALM_NAME}/users/${USER_ID}/role-mappings/clients/${ID_OF_CLIENT}" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer ${ACCESS_TOKEN}" \
-d "${CLIENT_ROLE}"
I have created scripts for the aforementioned steps that can be accessed here and executed using the script getClientRoleByName.sh.
Try This,
{
"enabled": true,
"username": "joshbiden",
"email": "email#gmail.com",
"firstName": "Josh",
"lastName": "biden",
"attributes": {
"Mobile Number": "3333332332"
},
"clientRoles": {
"<name-of-the-client-in-realm>": ["DEVELOPER"]
},
"credentials": [
{
"type": "password",
"value": "rollback",
"temporary": false
}
]
}
This can be achieved using the partial import API
POST /{realm}/partialImport
With this API you can also import multiple users in one call.
This is not a solution for update though.
Body sample:
{
"users": [
{
"username": "user1",
"enabled": true,
"totp": false,
"emailVerified": true,
"firstName": "First name",
"lastName": "Last name",
"disableableCredentialTypes": [],
"requiredActions": [],
"notBefore": 0,
"access": {
"manageGroupMembership": true,
"view": true,
"mapRoles": true,
"impersonate": true,
"manage": true
},
"groups": [
],
"realmRoles": [
]
},
{
"username": "user2",
"enabled": true,
"totp": false,
"emailVerified": true,
"firstName": "User 2",
"lastName": "Last name",
"disableableCredentialTypes": [],
"requiredActions": [],
"notBefore": 0,
"access": {
"manageGroupMembership": true,
"view": true,
"mapRoles": true,
"impersonate": true,
"manage": true
},
"groups": [
],
"realmRoles": [
"some realm role"
],
"clientRoles": {
"some client": [
"some client role"
]
}
}
]
}
I want to add a record to a MongoDB collection with the new MongoDB Data API. It works perfectly with Postman or curl with this code:
curl --location --request POST 'https://data.mongodb-api.com/app/<Data API App ID>/endpoint/data/beta/action/insertOne' \
--header 'Content-Type: application/json' \
--header 'Access-Control-Request-Headers: *' \
--header 'api-key: <Data API Key>' \
--data-raw '{
"dataSource": "<cluster name>",
"database": "<database name>",
"collection": "<collection name>",
"document": {
"firstname": "John",
"lastname": "Doe",
"email": "john#doe.com"
}
}'
but fails when I use fetch:
function addUser(event){
event.preventDefault();
fetch('https://data.mongodb-api.com/app/<Data API App ID>/endpoint/data/beta/action/insertOne', {
method:'POST',
mode: 'no-cors',
headers: {
'Content-type':'application/json',
'Access-Control-Request-Headers': '*',
'api-key': '<Data API Key>',
},
body:
{
"dataSource": "<cluster name>",
"database": "<database name>",
"collection": "<collection name>",
"document":
{
"firstname": "John",
"lastname": "Doe",
"email": "john#doe.com"
}
}
})
res.render('homepage')
}
Error in MongoDB log: Error:
"no authentication methods were specified"
Where is the error in my code?
I am a beginner with fetch to MongoDB Data API
Thank you very much!
Problem solved! Had to add this on top of my routes:
router.use(express.json());
Hope this might help for someone else too :)
In Keycloak dynamic client registration works fine:
curl --request POST \
--url http://localhost:8080/auth/realms/myrealm/clients-registrations/default \
--header 'content-type: application/json' \
--data '{"clientId": "myclient"}'
As a response I receive the client representation with especially the registrationAccessToken:
{
"id": "4c6c36d0-6a53-41d9-be37-46bd0d67ebd2",
"clientId": "myclient",
"surrogateAuthRequired": false,
"enabled": true,
"clientAuthenticatorType": "client-secret",
"secret": "1f85aa4e-6cdc-4f6c-83ba-f3c67d4561f2",
"registrationAccessToken": "eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI2YWIyYTVjZC0xNjgwLTQ5MTYtYmUzYi0wZmFmMjVmZDczMzQifQ.eyJqdGkiOiI3YjVlMjE5Ny0yZjA5LTQwNTgtYmU0ZC02MDM1M2QzMGFkNWIiLCJleHAiOjAsIm5iZiI6MCwiaWF0IjoxNTg0NTQxNTY5LCJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjgwODAvYXV0aC9yZWFsbXMvOTQ5IiwiYXVkIjoiaHR0cDovL2xvY2FsaG9zdDo4MDgwL2F1dGgvcmVhbG1zLzk0OSIsInR5cCI6IlJlZ2lzdHJhdGlvbkFjY2Vzc1Rva2VuIiwicmVnaXN0cmF0aW9uX2F1dGgiOiJhbm9ueW1vdXMifQ.NCqZ6yJrKz9t3vs65kwM88PNvsZMmxig3vqOmc_iLyE",
"redirectUris": [],
"webOrigins": [],
"notBefore": 0,
"bearerOnly": false,
"consentRequired": false,
"standardFlowEnabled": true,
"implicitFlowEnabled": false,
"directAccessGrantsEnabled": false,
"serviceAccountsEnabled": false,
"publicClient": false,
"frontchannelLogout": false,
"protocol": "openid-connect",
"attributes": {},
"authenticationFlowBindingOverrides": {},
"fullScopeAllowed": true,
"nodeReRegistrationTimeout": -1,
"defaultClientScopes": [
"web-origins",
"role_list",
"profile",
"roles",
"email"
],
"optionalClientScopes": [
"address",
"phone",
"offline_access",
"microprofile-jwt"
]
}
According the documentation one should be able to read, update and delete the client with the registrationAccessToken:
It will return a Client Representation that also includes the registration access token. You should save the registration access token somewhere if you want to retrieve the config, update or delete the client later.
However, when trying to read the just created client, I receive a 401 Unothorized when using the registrationAccessToken received from registration.
curl --request GET \
--url http://localhost:8080/auth/realms/myrealm/clients-registrations/default/4c6c36d0-6a53-41d9-be37-46bd0d67ebd2 \
--header 'authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI2YWIyYTVjZC0xNjgwLTQ5MTYtYmUzYi0wZmFmMjVmZDczMzQifQ.eyJqdGkiOiI3YjVlMjE5Ny0yZjA5LTQwNTgtYmU0ZC02MDM1M2QzMGFkNWIiLCJleHAiOjAsIm5iZiI6MCwiaWF0IjoxNTg0NTQxNTY5LCJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjgwODAvYXV0aC9yZWFsbXMvOTQ5IiwiYXVkIjoiaHR0cDovL2xvY2FsaG9zdDo4MDgwL2F1dGgvcmVhbG1zLzk0OSIsInR5cCI6IlJlZ2lzdHJhdGlvbkFjY2Vzc1Rva2VuIiwicmVnaXN0cmF0aW9uX2F1dGgiOiJhbm9ueW1vdXMifQ.NCqZ6yJrKz9t3vs65kwM88PNvsZMmxig3vqOmc_iLyE'
< HTTP/1.1 401 Unauthorized
{
"error": "invalid_token",
"error_description": "Not authorized to view client. Not valid token or client credentials provided."
}
Any idea what I am missing?
Try changing from:
--url http://localhost:8080/auth/realms/myrealm/clients-registrations/default/4c6c36d0-6a53-41d9-be37-46bd0d67ebd2 \
to:
--url http://localhost:8080/auth/realms/myrealm/clients-registrations/default/myclient \
we are testing the subscription functionality using the APIv2. We are following the guidelines described in http://telefonicaid.github.io/fiware-orion/api/v2/ . We are able to create a correct subscription but the format of the notification messages that we received is not what we expected. The format of these messages is like the APIv1 version. Is this the expected behavior?
We are using the Docker image from https://hub.docker.com/r/fiware/orion/.
Version information about the build:
{
"orion" : {
"version" : "1.0.0-next",
"uptime" : "0 d, 1 h, 28 m, 47 s",
"git_hash" : "a729812c45d2749fffbc19add17631b2fffc8797",
"compile_time" : "Fri Apr 8 10:05:55 UTC 2016",
"compiled_by" : "root",
"compiled_in" : "838a42ae8431"
}
}
Steps to reproduce:
Create an entity:
(curl -X POST http://<cb_url>:<cb_port>/v2/entities?options=keyValues -s -S --header 'Content-Type: application/json' \
--header 'Accept: application/json' -d #- | python -mjson.tool) <<EOF
{
"type":"Room",
"id": "test",
"humidity":40
}
EOF
Create a subscription:
(curl -X POST http://<cb_url>:<cb_port>/v2/subscriptions -s -S --header 'Content-Type: application/json' \
--header 'Accept: application/json' -d #- | python -mjson.tool) <<EOF
{
"description": "One subscription to rule them all",
"subject": {
"entities": [
{
"idPattern": ".*",
"type": "Room"
}
],
"condition": {
"attributes": [
"humidity"
],
"expression": {
"q": "humidity>40"
}
}
},
"notification": {
"callback": "http://192.168.99.1:5000",
"attributes": [
"humidity"
],
"throttling": 5
},
"expires": "2016-05-05T14:00:00.00Z"
}
EOF
Update attribute.:
(curl -X PUT <cb_url>:<cb_port>/v2/entities/test/attrs/humidity/value -s -S --header 'Content-Type: application/json' \
--header 'Accept: application/json' -d #- | python -mjson.tool) <<EOF
{
"value": 50
}
EOF
We get the notification with the following format:
{u'contextResponses': [
{u'contextElement': {
u'attributes': [{
u'name': u'humidity',
u'type': u'none',
u'value': {u'value': 50}
}],
u'id': u'test',
u'isPattern': u'false',
u'type': u'Room'
},
u'statusCode': {
u'code': u'200',
u'reasonPhrase': u'OK'
}}],
u'originator': u'localhost',
u'subscriptionId': u'5707b72882fc213130f4e5b9'}
NGSIv2 notification formats have not been yet implemented (at Orion 1.0.0). Note that NGSIv2 is yet in beta status and sometimes the specification (where the new notification format has been defined) is a step forward the implementation.
There is a github issue about this, to which you can subscribe in order to know when this feature gets implemented.
EDIT: NGSIv2 notification formats have been implemented in Orion 1.1.0.