Copy realm on same server

Getting advice
1

Hello,

I have a realm on a server and I have configured this realm to my requirements. Now I want to copy this realm on the same server. I klick on “Export” and a JSON file is created. I change the realm name in the file and remove all ids in the file to not get duplicate key exception and then I Import the file again. It works.

My question:

Is there any easier way to export and import realms on the same server?

Is it ok to manipulate the JSON file manually. Are there any pitfalls? What else do I have to modify in the JSON file to not run into trouble?

Best regards
Tobias

2

Dear Tobias,

Have you tried user import, is it successful.?
Can you please provide the steps for users import.

Thanks

3

I did something like that editing the realm file.
Have to replace all the references to the realm name and remove all “ids” tags from the json

4

User import is possible with server startup not in the UI. See this as reference:
https://www.keycloak.org/docs/latest/server_admin/index.html#_export_import

5

I do the same and it works ok for me

6

It has been a while since there is no activity in this thread. But I am trying to follow the instructions above and keycloak gives me error “Could not create realm Conflict detected. See logs for details”.
I used the docker version and the problem is easy to replicate:

  1. Create a realm.
  2. Create a client.
  3. In Realm settings, do a partial export including everything.
  4. Edit the exported file to remove all Id’s (left empty).

Two variants from here:

  1. Create a new realm using the exported file. → gives the error above
  2. Create a new realm and do a “partial” import using the edited exported file → gives a 500 error

I just want to copy / paste the structure of a realm to do multitenancy with identical realms, having the same clients, groups, policies, roles, etc, but different users in each realm. But I can’t find how to do that.

7

Dont’t know if it helps I not only replace the ids with this regex:
“id”: “(.+?)”,
I also replace the internal id:
“internalId”: “(.+?)”,
This is the id of an exported IDP.
Also replace all occurences of the realm name

Best regards
Tobias

8

Thank you.
Managed to get it working for very simple realm templates. But as soon as I added client scopes or resources to a client, it failed.
I have not found a way to import complex realm structures with no users, that include roles, groups, clients, client scopes, client resources, policies, permissions, etc.
Since there is no problem to do it manually, I can always use RPA tools to automatise the creating of new realms, thought it would have been much nicer to do it from a template.

9

removing all id’s might cause problem, i wrote some script to edit id’s maybe it helps: GitHub - ihsanakcali/multitenant-realm-clone: Clones a realm in keycloak realm export to import with new name