How to delete Keycloak realm via REST API - keycloak

I'm not able to delete realm via REST API on Keycloak 8.0.2.
My Keycloak runs on localhost:38080. I followed this documentation https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_realms_admin_resource, see "Delete the realm" paragraph. First, I got token for admin user at http://localhost:38080/auth/realms/master/protocol/openid-connect/token
curl --location --request POST 'localhost:38080/auth/realms/master/protocol/openid-connect/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'username=admin' \
--data-urlencode 'password=admin' \
--data-urlencode 'client_id=vga_tests' \
--data-urlencode 'grant_type=password'
Then I used the token and tried to delete the example realm by this call
curl --location --request DELETE 'localhost:38080/auth/Example' \
--header 'Authorization: Bearer <TOKEN HERE>' \
--header 'Content-Type: application/json' \
--data-raw ''
(Note: curl commands are exported Postman calls)
I got this 404 response
{
"error": "RESTEASY003210: Could not find resource for full path: http://localhost:38080/auth/Example"
}
What am I doing wrong?

The documentation is incorrect, the address I needed to send the DELETE request to is localhost:38080/auth/admin/realms/example
curl command:
curl --location --request DELETE 'localhost:38080/auth/admin/realms/example' \
--header 'Authorization: Bearer <TOKEN HERE>' \
--header 'Content-Type: application/x-www-form-urlencoded'

Alternatively, using the CLI interface (search for "deleting a realm"),
you can do:
$ kcadm.sh delete realms/example

Related

ifttt webhook returns 403 (it works with curl)

I want to automatize a task, and the last step is to trigger a webhook on github. I am using ifttt "Make a web request"
This request works with curl
curl --location --request POST 'https://api.github.com/repos/wiso/TemperaturaUfficio/dispatches?event_type=webhook' \
--header 'Accept: application/vnd.github+json' \
--header 'Authorization: Bearer XXXXXXXXXXXXXXXXXXXXXXXXXXX' \
--header 'Content-Type: application/json' \
--data-raw '{
"event_type": "test_webhook"
}'
I am trying to do the same with ifttt:
I get:
Your server returned a 403. Unable to make web request to https://api.github.com/repos/wiso/TemperaturaUfficio/dispatches?event_type=webhook

Validate the user session via Keycloak by username

I'm trying to validate the user session via Keycloak.
In the below curl command, I can get the token of the user.
curl --data "grant_type=password&client_id=test-client&username=test&password=test&client_secret={clientSecret}" localhost:8080/realms/Test/protocol/openid-connect/token
Is there a curl command that I can check if the user has already a session in the Keycloak realm? (I don't need to pass the password in that command)
There are no API for find specific session by username
But client's a session user list API exist.
You can search a specific username's session from that response list.
GET /{realm}/clients/{id}/user-sessions
https://www.keycloak.org/docs-api/18.0/rest-api/index.html
Demo by curl
curl --location --request GET 'http://localhost:8080/auth/admin/realms/Test/clients/2e8ec9da-0236-47ad-aa8f-906a724d4ccd/user-sessions' --header 'Authorization: Bearer '"$MASTER_TOKEN" | jq
I can get the master token by this commands
MASTER_TOKEN_URL=$(curl --location --request GET 'http://localhost:8080/auth/realms/master/.well-known/openid-configuration' | jq -r '.token_endpoint')
echo $MASTER_TOKEN_URL
MASTER_TOKEN=$(curl --location --request POST "$MASTER_TOKEN_URL" \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'client_id=admin-cli' \
--data-urlencode 'username=admin' \
--data-urlencode 'password=admin' \
--data-urlencode 'grant_type=password' | jq -r '.access_token')
echo $MASTER_TOKEN

Unable to access github API getting bad credentials error

I am trying to add a custom code check for a PR. After doing some research I found out that it can be done using the API mentioned below.
POST /repos/{owner}/{repo}/check-runs
Initially, it was giving me this error:
{
"message": "You must authenticate via a GitHub App.",
"documentation_url": "https://docs.github.com/rest/reference/checks#create-a-check-run"
}
I followed the guideline provided in this link.
I created a GitHub app.
Gave it required permission.
Generated a private key.
Generated a JWT token using the private key.
Installed the Github app in the repo too
I created a curl request:
curl --location --request POST 'https://api.github.com/repos/X/X-app/check-runs' \
--header 'Accept: application/vnd.github.v3+json' \
--header 'Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.X.X-X-SAFvDnSkaJDjMI2T_BAC2iLlRZ7uNyFSe-X-UgFBFjoFrwsbcYFKfDM8f3FNPYpA6afhr18DLZ6rzu35klA' \
--header 'Content-Type: application/json' \
--data-raw '{
"name": "loremipsum"
}'
But, now I am getting this error
{
"message": "Bad credentials",
"documentation_url": "https://docs.github.com/rest"
}
I am not sure what I am missing here.
I figured this out. The GH documentation is a bit unclear/misleading. Here are the steps to make this work:
with the JWT bearer token, list your installations and note the installation id for your app
$ curl -i \
-H "Authorization: Bearer YOUR_JWT" \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/app/installations
then get an installation access token for the above id
$ curl -i -X POST \
-H "Authorization: Bearer YOUR_JWT" \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/app/installations/:installation_id/access_tokens
then with that token create the check run but use "Authorization: token" header
curl -i -H "Authorization: token YOUR_INSTALLATION_ACCESS_TOKEN"

Unable to update couchbase document using POST REST API

I want to update a couchbase document with REST API
ilceabcd1233.corp.abcd.com:8091/pools/default/buckets/{bucketName}/docs/{documentId}
When I hit below CURL command in postman, I receive 200 OK response Code with response as blank json Array: []
CURL:
curl --location --request POST 'ilceabcd1233.corp.abcd.com:8091/pools/default/buckets/{bucketName}/docs/{documentId}' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--header 'Authorization: Basic QWRtaW5pc3RyYXRvcjpBZG1pbmlzdHJhdG9yff' \
--data-raw '{"name": "Nisarg", "age": 50}'
When I retrieve this document by below CURL:
curl --location --request GET 'ilceabcd1233.corp.abcd.com:8091/pools/default/buckets/{bucketName}/docs/{documentId}' \
--header 'Accept: application/json' \
--header 'Authorization: Basic QWRtaW5pc3RyYXRvcjpBZG1pbmlzdHJhdG9yff'
it responds:
{
"meta": {
"id": "112176152456",
"rev": "4-1637ac65ed7900000000000002000006",
"att_reason": "invalid_json",
"expiration": 0,
"flags": 33554438
},
"base64": "",
"xattrs": {}
}
On Couchbase web console I see message:
"Binary document. Base64 not available"
Can any one please help, what I am doing wrong ?
The trick here is that this API doesn't actually accept JSON. It's looking for application/x-www-form-urlencoded. Otherwise it will assume you are storing a binary document. You actually need a form value, which itself contains JSON. For example:
curl --location --request POST 'http://localhost:8091/pools/default/buckets/demo/docs/doc1' \
--header 'Accept: application/json, text/plain, */*' \
--header 'Content-Type: application/x-www-form-urlencoded; charset=UTF-8' \
--header 'Authorization: Basic QWRtaW5pc3RyYXRvcjpwYXNzd29yZA==' \
--data-urlencode 'value={"foo": "bar"}'
And just to echo my comment, this is an undocumented, unsupported endpoint that's really meant for internal use only. It's recommended instead to use an SDK (like the Couchbase Java SDK, for instance) to read/write documents. The REST API is intended for Cluster management, not for CRUD.

Request to VSTS REST API only works on Postman

I'm trying to run this request
curl -X POST \
'https://*****.visualstudio.com/DefaultCollection/_apis/wit/wiql?=&api-version=1.0' \
-H 'authorization: Basic *****' \
-H 'cache-control: no-cache' \
-H 'content-type: application/json' \
-H 'postman-token: *****' \
-d '{
"query": "SELECT [System.Id] FROM WorkItems"
}'
but I keep getting this error
{"count":1,"value":{"Message":"A value is required but was not present in the request.\r\n"}}
It works as expected on Postman, so I think the request and the server are OK.
I'm trying to follow the first example shown here: https://www.visualstudio.com/en-us/docs/integrate/api/wit/wiql
Am I missing something?
The URL is wrong, remove =& from the REST API url and the url will be like this:
https://*****.visualstudio.com/DefaultCollection/_apis/wit/wiql?api-version=1.