I hava springboot java application in which I am trying to get all users, that have a specific role. For that I am using following code:
RoleResource roleResource = keycloak.realm(realmId).roles().get(userId);
Set<UserRepresentation> users = roleResource.getRoleUserMembers();
But in the line with the roleResource.getRoleUserMembers(); part, I am getting
Caused by: javax.ws.rs.ForbiddenException: HTTP 403 Forbidden
I would gess my Keycloak client needs more roles to do this, but I dont know which ones.
Has anybody an idea on this?
Thank you :)
Little update on this. I got a 403 error because my client was missing the correct rights. In Keycloak you have to go to your client, under "Scope" and "Service Account Roles" you have to set under realm-management the roles query-clients, query-users, query-groups, view-clients, view-users and view-realm. Now the 403 error is gone.