Replies: 3 comments
-
|
Here's a description of the current expectation: https://www.keycloak.org/docs/latest/upgrading/index.html#the-serverinfo-endpoint-only-returns-the-system-info-for-administrators-in-the-administrator-realm My reading of that and https://github.com/keycloak/keycloak/pull/42859/changes#diff-a670c50697a8bc5b3b7da8df073359040beb3749067920e9d27cba124bf404f9R122-R123 is that if the if the service account had "view-realm" in the master realm, that should be sufficient as it's in the admin realm roles: Using any other realm requires view-system. cc @rmartinc |
Beta Was this translation helpful? Give feedback.
-
|
Thank you for the response. I am unsure of how to add the "view-realm" role to my service account in the master realm. The UI does not list my service-account as a client in the master realm. In my non-master realm, if I try to add realm-management client's view-system role to my service account, I receive a 403 error. |
Beta Was this translation helpful? Give feedback.
-
|
There were some changes to the |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
I wrote a script to run diagnostic checks on my Keycloak instance in my deployment. I was surprised by the fact that the Keycloak version is so guarded by default. I found the /admin/serverinfo endpoint, but it won't tell me the version number. I had to add "manage-realm" role to my service-account to be able to see the version number. Why does "view-realm" not work? Is there not a read-only style role that can see the Keycloak version number?
Beta Was this translation helpful? Give feedback.
All reactions