[FIXED] Keycloak: how to programmatically add new subgroups with associated users?

Issue

In Keycloak 8.0.1 we have a Realm with a Group and Subgroups like this:

group -
    subgroup1
    subgroup2
    ...

We need to insert a batch of subgroups and users into group. The subgroup should have some attributes.

How can I do this?

I tried:

1. Using an exported realm-export.json file with newly added subgroups and "Overwrite" on the import. Now I don't see how to connect the new user with the subgroup. And I am also not sure if old users will not be removed this way.

2. Calling the Keycloak REST API. It doesn't seem possible to UPDATE a group and add subgroups. Documentation says:

   PUT /{realm}/groups/{id}
   Update group, ignores subgroups.

Now I am looking at using a UI testing tool to add the user programmatically, but this seems needlessly complex.

Is it possible to programmatically add new subgroups with users associated to that subgroup? Am I missing something with the REST API call or the import functionality? Is there maybe another way via for example the Java Admin Client?

Solution

You can create groups and subgroups under it , Here is the sample code to create subgroups using Admin Client. You can also associate users to those groups

 public void addSubgroups()  {
            RealmResource realm =keycloak.realm("myrealm");
            GroupRepresentation topGroup = new GroupRepresentation();
            topGroup.setName("group");
            topGroup = createGroup(realm, topGroup);

            createSubGroup(realm,topGroup.getId(),"subgroup1");
            createSubGroup(realm,topGroup.getId(),"subgroup2");
        }

       private void createSubGroup(RealmResource realm, String parentGroupId, String subGroupName) {
           GroupRepresentation subgroup = new GroupRepresentation();
             subgroup.setName(subGroupName);
           try (Response response = realm.groups().group(parentGroupId).subGroup(subgroup)){
                if (response.getStatusInfo().getFamily() == Family.SUCCESSFUL) {
                    System.out.println("Created Subgroup : " + subGroupName );
                } else {
                    logger.severe("Error Creating Subgroup : " + subGroupName + ", Error Message : " + getErrorMessage(response));
                }
            } 
       }

       private GroupRepresentation createGroup(RealmResource realm, GroupRepresentation group) {
            try (Response response = realm.groups().add(group)) {
                String groupId = getCreatedId(response);           
                group.setId(groupId);
                return group;
            }
        }    

Answered By - ravthiru
Answer Checked By - Pedro (JavaFixing Volunteer)