Overview
This is a REST API reference for the Keycloak Admin
Version information
Version: 1
URI scheme
Host: localhost:8080 BasePath: /auth Schemes: HTTP
Resources
Attack Detection
Clear any user login failures for all users This can release temporary disabled users
DELETE /admin/realms/{realm}/attack-detection/brute-force/users
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Get status of a username in brute force detection
GET /admin/realms/{realm}/attack-detection/brute-force/users/{userId}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Path |
userId |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
object |
Produces
-
application/json
Clear any user login failures for the user This can release temporary disabled user
DELETE /admin/realms/{realm}/attack-detection/brute-force/users/{userId}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Path |
userId |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Authentication Management
Get authenticator providers Returns a list of authenticator providers.
GET /admin/realms/{realm}/authentication/authenticator-providers
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< object > array |
Produces
-
application/json
Get client authenticator providers Returns a list of client authenticator providers.
GET /admin/realms/{realm}/authentication/client-authenticator-providers
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< object > array |
Produces
-
application/json
Get authenticator provider’s configuration description
GET /admin/realms/{realm}/authentication/config-description/{providerId}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
providerId |
string |
|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
Get authenticator configuration
GET /admin/realms/{realm}/authentication/config/{id}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
Configuration id |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
Update authenticator configuration
PUT /admin/realms/{realm}/authentication/config/{id}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
Configuration id |
string |
Path |
realm |
realm name (not id!) |
string |
Body |
rep |
JSON describing new state of authenticator configuration |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Consumes
-
application/json
Delete authenticator configuration
DELETE /admin/realms/{realm}/authentication/config/{id}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
Configuration id |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Add new authentication execution
POST /admin/realms/{realm}/authentication/executions
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Body |
execution |
JSON model describing authentication execution |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
application/json
Get Single Execution
GET /admin/realms/{realm}/authentication/executions/{executionId}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
executionId |
string |
|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
Delete execution
DELETE /admin/realms/{realm}/authentication/executions/{executionId}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
executionId |
Execution id |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Update execution with new configuration
POST /admin/realms/{realm}/authentication/executions/{executionId}/config
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
executionId |
Execution id |
string |
Path |
realm |
realm name (not id!) |
string |
Body |
json |
JSON with new configuration |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
application/json
Lower execution’s priority
POST /admin/realms/{realm}/authentication/executions/{executionId}/lower-priority
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
executionId |
Execution id |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Raise execution’s priority
POST /admin/realms/{realm}/authentication/executions/{executionId}/raise-priority
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
executionId |
Execution id |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Create a new authentication flow
POST /admin/realms/{realm}/authentication/flows
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Body |
flow |
Authentication flow representation |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
application/json
Get authentication flows Returns a list of authentication flows.
GET /admin/realms/{realm}/authentication/flows
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< AuthenticationFlowRepresentation > array |
Produces
-
application/json
Copy existing authentication flow under a new name The new name is given as 'newName' attribute of the passed JSON object
POST /admin/realms/{realm}/authentication/flows/{flowAlias}/copy
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
flowAlias |
Name of the existing authentication flow |
string |
Path |
realm |
realm name (not id!) |
string |
Body |
data |
JSON containing 'newName' attribute |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
application/json
Get authentication executions for a flow
GET /admin/realms/{realm}/authentication/flows/{flowAlias}/executions
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
flowAlias |
Flow alias |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
Update authentication executions of a flow
PUT /admin/realms/{realm}/authentication/flows/{flowAlias}/executions
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
flowAlias |
Flow alias |
string |
Path |
realm |
realm name (not id!) |
string |
Body |
rep |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Consumes
-
application/json
Add new authentication execution to a flow
POST /admin/realms/{realm}/authentication/flows/{flowAlias}/executions/execution
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
flowAlias |
Alias of parent flow |
string |
Path |
realm |
realm name (not id!) |
string |
Body |
data |
New execution JSON data containing 'provider' attribute |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
application/json
Add new flow with new execution to existing flow
POST /admin/realms/{realm}/authentication/flows/{flowAlias}/executions/flow
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
flowAlias |
Alias of parent authentication flow |
string |
Path |
realm |
realm name (not id!) |
string |
Body |
data |
New authentication flow / execution JSON data containing 'alias', 'type', 'provider', and 'description' attributes |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
application/json
Get authentication flow for id
GET /admin/realms/{realm}/authentication/flows/{id}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
Flow id |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
Update an authentication flow
PUT /admin/realms/{realm}/authentication/flows/{id}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
string |
|
Path |
realm |
realm name (not id!) |
string |
Body |
flow |
Authentication flow representation |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
application/json
Delete an authentication flow
DELETE /admin/realms/{realm}/authentication/flows/{id}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
Flow id |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Get form action providers Returns a list of form action providers.
GET /admin/realms/{realm}/authentication/form-action-providers
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< object > array |
Produces
-
application/json
Get form providers Returns a list of form providers.
GET /admin/realms/{realm}/authentication/form-providers
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< object > array |
Produces
-
application/json
Get configuration descriptions for all clients
GET /admin/realms/{realm}/authentication/per-client-config-description
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
object |
Produces
-
application/json
Register a new required actions
POST /admin/realms/{realm}/authentication/register-required-action
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Body |
data |
JSON containing 'providerId', and 'name' attributes. |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Consumes
-
application/json
Get required actions Returns a list of required actions.
GET /admin/realms/{realm}/authentication/required-actions
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< RequiredActionProviderRepresentation > array |
Produces
-
application/json
Get required action for alias
GET /admin/realms/{realm}/authentication/required-actions/{alias}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
alias |
Alias of required action |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
Update required action
PUT /admin/realms/{realm}/authentication/required-actions/{alias}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
alias |
Alias of required action |
string |
Path |
realm |
realm name (not id!) |
string |
Body |
rep |
JSON describing new state of required action |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Consumes
-
application/json
Delete required action
DELETE /admin/realms/{realm}/authentication/required-actions/{alias}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
alias |
Alias of required action |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Lower required action’s priority
POST /admin/realms/{realm}/authentication/required-actions/{alias}/lower-priority
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
alias |
Alias of required action |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Raise required action’s priority
POST /admin/realms/{realm}/authentication/required-actions/{alias}/raise-priority
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
alias |
Alias of required action |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Get unregistered required actions Returns a list of unregistered required actions.
GET /admin/realms/{realm}/authentication/unregistered-required-actions
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< object > array |
Produces
-
application/json
Client Attribute Certificate
Get key info
GET /admin/realms/{realm}/clients/{id}/certificates/{attr}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
attr |
string |
|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
Get a keystore file for the client, containing private key and public certificate
POST /admin/realms/{realm}/clients/{id}/certificates/{attr}/download
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
attr |
string |
|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Body |
config |
Keystore configuration as JSON |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< string(byte) > array |
Consumes
-
application/json
Produces
-
application/octet-stream
Generate a new certificate with new key pair
POST /admin/realms/{realm}/clients/{id}/certificates/{attr}/generate
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
attr |
string |
|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
Generate a new keypair and certificate, and get the private key file Generates a keypair and certificate and serves the private key in a specified keystore format.
POST /admin/realms/{realm}/clients/{id}/certificates/{attr}/generate-and-download
Description
Only generated public certificate is saved in Keycloak DB - the private key is not.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
attr |
string |
|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Body |
config |
Keystore configuration as JSON |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< string(byte) > array |
Consumes
-
application/json
Produces
-
application/octet-stream
Upload certificate and eventually private key
POST /admin/realms/{realm}/clients/{id}/certificates/{attr}/upload
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
attr |
string |
|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
FormData |
input |
file |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
multipart/form-data
Produces
-
application/json
Upload only certificate, not private key
POST /admin/realms/{realm}/clients/{id}/certificates/{attr}/upload-certificate
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
attr |
string |
|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
FormData |
input |
file |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
multipart/form-data
Produces
-
application/json
Client Initial Access
Create a new initial access token.
POST /admin/realms/{realm}/clients-initial-access
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Body |
config |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
application/json
Produces
-
application/json
GET /admin/realms/{realm}/clients-initial-access
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< ClientInitialAccessPresentation > array |
Produces
-
application/json
DELETE /admin/realms/{realm}/clients-initial-access/{id}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
string |
|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Client Registration Policy
Base path for retrieve providers with the configProperties properly filled
GET /admin/realms/{realm}/client-registration-policy/providers
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< ComponentTypeRepresentation > array |
Produces
-
application/json
Client Role Mappings
Add client-level roles to the user role mapping
POST /admin/realms/{realm}/groups/{id}/role-mappings/clients/{client}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
client |
string |
|
Path |
id |
string |
|
Path |
realm |
realm name (not id!) |
string |
Body |
roles |
< RoleRepresentation > array |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Consumes
-
application/json
Get client-level role mappings for the user, and the app
GET /admin/realms/{realm}/groups/{id}/role-mappings/clients/{client}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
client |
string |
|
Path |
id |
string |
|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< RoleRepresentation > array |
Produces
-
application/json
Delete client-level roles from user role mapping
DELETE /admin/realms/{realm}/groups/{id}/role-mappings/clients/{client}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
client |
string |
|
Path |
id |
string |
|
Path |
realm |
realm name (not id!) |
string |
Body |
roles |
< RoleRepresentation > array |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Consumes
-
application/json
Get available client-level roles that can be mapped to the user
GET /admin/realms/{realm}/groups/{id}/role-mappings/clients/{client}/available
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
client |
string |
|
Path |
id |
string |
|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< RoleRepresentation > array |
Produces
-
application/json
Get effective client-level role mappings This recurses any composite roles
GET /admin/realms/{realm}/groups/{id}/role-mappings/clients/{client}/composite
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
client |
string |
|
Path |
id |
string |
|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< RoleRepresentation > array |
Produces
-
application/json
Add client-level roles to the user role mapping
POST /admin/realms/{realm}/users/{id}/role-mappings/clients/{client}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
client |
string |
|
Path |
id |
User id |
string |
Path |
realm |
realm name (not id!) |
string |
Body |
roles |
< RoleRepresentation > array |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Consumes
-
application/json
Get client-level role mappings for the user, and the app
GET /admin/realms/{realm}/users/{id}/role-mappings/clients/{client}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
client |
string |
|
Path |
id |
User id |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< RoleRepresentation > array |
Produces
-
application/json
Delete client-level roles from user role mapping
DELETE /admin/realms/{realm}/users/{id}/role-mappings/clients/{client}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
client |
string |
|
Path |
id |
User id |
string |
Path |
realm |
realm name (not id!) |
string |
Body |
roles |
< RoleRepresentation > array |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Consumes
-
application/json
Get available client-level roles that can be mapped to the user
GET /admin/realms/{realm}/users/{id}/role-mappings/clients/{client}/available
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
client |
string |
|
Path |
id |
User id |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< RoleRepresentation > array |
Produces
-
application/json
Get effective client-level role mappings This recurses any composite roles
GET /admin/realms/{realm}/users/{id}/role-mappings/clients/{client}/composite
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
client |
string |
|
Path |
id |
User id |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< RoleRepresentation > array |
Produces
-
application/json
Client Scopes
Create a new client scope Client Scope’s name must be unique!
POST /admin/realms/{realm}/client-scopes
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Body |
rep |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
application/json
Get client scopes belonging to the realm Returns a list of client scopes belonging to the realm
GET /admin/realms/{realm}/client-scopes
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< ClientScopeRepresentation > array |
Produces
-
application/json
Get representation of the client scope
GET /admin/realms/{realm}/client-scopes/{id}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client scope (not name) |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
Update the client scope
PUT /admin/realms/{realm}/client-scopes/{id}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client scope (not name) |
string |
Path |
realm |
realm name (not id!) |
string |
Body |
rep |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
application/json
Delete the client scope
DELETE /admin/realms/{realm}/client-scopes/{id}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client scope (not name) |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Clients
Create a new client Client’s client_id must be unique!
POST /admin/realms/{realm}/clients
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Body |
rep |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
application/json
Get clients belonging to the realm Returns a list of clients belonging to the realm
GET /admin/realms/{realm}/clients
Parameters
Type | Name | Description | Schema | Default |
---|---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
|
Query |
clientId |
filter by clientId |
string |
|
Query |
viewableOnly |
filter clients that cannot be viewed in full by admin |
boolean |
|
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< ClientRepresentation > array |
Produces
-
application/json
Get representation of the client
GET /admin/realms/{realm}/clients/{id}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
Update the client
PUT /admin/realms/{realm}/clients/{id}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Body |
rep |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
application/json
Delete the client
DELETE /admin/realms/{realm}/clients/{id}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Generate a new secret for the client
POST /admin/realms/{realm}/clients/{id}/client-secret
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
application/json
Produces
-
application/json
Get the client secret
GET /admin/realms/{realm}/clients/{id}/client-secret
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
Get default client scopes.
GET /admin/realms/{realm}/clients/{id}/default-client-scopes
Description
Only name and ids are returned.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< ClientScopeRepresentation > array |
Produces
-
application/json
PUT /admin/realms/{realm}/clients/{id}/default-client-scopes/{clientScopeId}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
clientScopeId |
string |
|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
DELETE /admin/realms/{realm}/clients/{id}/default-client-scopes/{clientScopeId}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
clientScopeId |
string |
|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Create JSON with payload of example access token
GET /admin/realms/{realm}/clients/{id}/evaluate-scopes/generate-example-access-token
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Query |
scope |
string |
|
Query |
userId |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
Return list of all protocol mappers, which will be used when generating tokens issued for particular client.
GET /admin/realms/{realm}/clients/{id}/evaluate-scopes/protocol-mappers
Description
This means protocol mappers assigned to this client directly and protocol mappers assigned to all client scopes of this client.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Query |
scope |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< ClientScopeEvaluateResource-ProtocolMapperEvaluationRepresentation > array |
Produces
-
application/json
Get effective scope mapping of all roles of particular role container, which this client is defacto allowed to have in the accessToken issued for him.
GET /admin/realms/{realm}/clients/{id}/evaluate-scopes/scope-mappings/{roleContainerId}/granted
Description
This contains scope mappings, which this client has directly, as well as scope mappings, which are granted to all client scopes, which are linked with this client.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Path |
roleContainerId |
either realm name OR client UUID |
string |
Query |
scope |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< RoleRepresentation > array |
Produces
-
application/json
Get roles, which this client doesn’t have scope for and can’t have them in the accessToken issued for him.
GET /admin/realms/{realm}/clients/{id}/evaluate-scopes/scope-mappings/{roleContainerId}/not-granted
Description
Defacto all the other roles of particular role container, which are not in {@link #getGrantedScopeMappings()}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Path |
roleContainerId |
either realm name OR client UUID |
string |
Query |
scope |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< RoleRepresentation > array |
Produces
-
application/json
GET /admin/realms/{realm}/clients/{id}/installation/providers/{providerId}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
providerId |
string |
|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Return object stating whether client Authorization permissions have been initialized or not and a reference
GET /admin/realms/{realm}/clients/{id}/management/permissions
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
Return object stating whether client Authorization permissions have been initialized or not and a reference
PUT /admin/realms/{realm}/clients/{id}/management/permissions
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Body |
ref |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
application/json
Produces
-
application/json
Register a cluster node with the client Manually register cluster node to this client - usually it’s not needed to call this directly as adapter should handle by sending registration request to Keycloak
POST /admin/realms/{realm}/clients/{id}/nodes
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Body |
formParams |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Consumes
-
application/json
Unregister a cluster node from the client
DELETE /admin/realms/{realm}/clients/{id}/nodes/{node}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
node |
string |
|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Get application offline session count Returns a number of offline user sessions associated with this client { "count": number }
GET /admin/realms/{realm}/clients/{id}/offline-session-count
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
object |
Produces
-
application/json
Get offline sessions for client Returns a list of offline user sessions associated with this client
GET /admin/realms/{realm}/clients/{id}/offline-sessions
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Query |
first |
Paging offset |
integer(int32) |
Query |
max |
Maximum results size (defaults to 100) |
integer(int32) |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< UserSessionRepresentation > array |
Produces
-
application/json
Get optional client scopes.
GET /admin/realms/{realm}/clients/{id}/optional-client-scopes
Description
Only name and ids are returned.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< ClientScopeRepresentation > array |
Produces
-
application/json
PUT /admin/realms/{realm}/clients/{id}/optional-client-scopes/{clientScopeId}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
clientScopeId |
string |
|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
DELETE /admin/realms/{realm}/clients/{id}/optional-client-scopes/{clientScopeId}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
clientScopeId |
string |
|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Push the client’s revocation policy to its admin URL If the client has an admin URL, push revocation policy to it.
POST /admin/realms/{realm}/clients/{id}/push-revocation
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
Generate a new registration access token for the client
POST /admin/realms/{realm}/clients/{id}/registration-access-token
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
application/json
Produces
-
application/json
Get a user dedicated to the service account
GET /admin/realms/{realm}/clients/{id}/service-account-user
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
Get application session count Returns a number of user sessions associated with this client { "count": number }
GET /admin/realms/{realm}/clients/{id}/session-count
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
object |
Produces
-
application/json
Test if registered cluster nodes are available Tests availability by sending 'ping' request to all cluster nodes.
GET /admin/realms/{realm}/clients/{id}/test-nodes-available
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
Get user sessions for client Returns a list of user sessions associated with this client
GET /admin/realms/{realm}/clients/{id}/user-sessions
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Query |
first |
Paging offset |
integer(int32) |
Query |
max |
Maximum results size (defaults to 100) |
integer(int32) |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< UserSessionRepresentation > array |
Produces
-
application/json
Component
POST /admin/realms/{realm}/components
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Body |
rep |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
application/json
GET /admin/realms/{realm}/components
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Query |
name |
string |
|
Query |
parent |
string |
|
Query |
type |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< ComponentRepresentation > array |
Produces
-
application/json
GET /admin/realms/{realm}/components/{id}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
string |
|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
PUT /admin/realms/{realm}/components/{id}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
string |
|
Path |
realm |
realm name (not id!) |
string |
Body |
rep |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
application/json
DELETE /admin/realms/{realm}/components/{id}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
string |
|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
List of subcomponent types that are available to configure for a particular parent component.
GET /admin/realms/{realm}/components/{id}/sub-component-types
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
string |
|
Path |
realm |
realm name (not id!) |
string |
Query |
type |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< ComponentTypeRepresentation > array |
Produces
-
application/json
Groups
create or add a top level realm groupSet or create child.
POST /admin/realms/{realm}/groups
Description
This will update the group and set the parent if it exists. Create it and set the parent if the group doesn’t exist.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Body |
rep |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
application/json
Get group hierarchy.
GET /admin/realms/{realm}/groups
Description
Only name and ids are returned.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Query |
first |
integer(int32) |
|
Query |
max |
integer(int32) |
|
Query |
search |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< GroupRepresentation > array |
Produces
-
application/json
Returns the groups counts.
GET /admin/realms/{realm}/groups/count
Parameters
Type | Name | Description | Schema | Default |
---|---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
|
Query |
search |
string |
||
Query |
top |
boolean |
|
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
object |
Produces
-
application/json
GET /admin/realms/{realm}/groups/{id}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
string |
|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
Update group, ignores subgroups.
PUT /admin/realms/{realm}/groups/{id}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
string |
|
Path |
realm |
realm name (not id!) |
string |
Body |
rep |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Consumes
-
application/json
DELETE /admin/realms/{realm}/groups/{id}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
string |
|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Set or create child.
POST /admin/realms/{realm}/groups/{id}/children
Description
This will just set the parent if it exists. Create it and set the parent if the group doesn’t exist.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
string |
|
Path |
realm |
realm name (not id!) |
string |
Body |
rep |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
application/json
Produces
-
application/json
Return object stating whether client Authorization permissions have been initialized or not and a reference
GET /admin/realms/{realm}/groups/{id}/management/permissions
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
string |
|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
Return object stating whether client Authorization permissions have been initialized or not and a reference
PUT /admin/realms/{realm}/groups/{id}/management/permissions
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
string |
|
Path |
realm |
realm name (not id!) |
string |
Body |
ref |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
application/json
Produces
-
application/json
Get users Returns a list of users, filtered according to query parameters
GET /admin/realms/{realm}/groups/{id}/members
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
string |
|
Path |
realm |
realm name (not id!) |
string |
Query |
first |
Pagination offset |
integer(int32) |
Query |
max |
Maximum results size (defaults to 100) |
integer(int32) |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< UserRepresentation > array |
Produces
-
application/json
Identity Providers
Import identity provider from uploaded JSON file
POST /admin/realms/{realm}/identity-provider/import-config
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
FormData |
input |
file |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
object |
Consumes
-
multipart/form-data
Produces
-
application/json
Create a new identity provider
POST /admin/realms/{realm}/identity-provider/instances
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Body |
representation |
JSON body |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
application/json
Get identity providers
GET /admin/realms/{realm}/identity-provider/instances
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< IdentityProviderRepresentation > array |
Produces
-
application/json
Get the identity provider
GET /admin/realms/{realm}/identity-provider/instances/{alias}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
alias |
string |
|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
Update the identity provider
PUT /admin/realms/{realm}/identity-provider/instances/{alias}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
alias |
string |
|
Path |
realm |
realm name (not id!) |
string |
Body |
providerRep |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
application/json
Delete the identity provider
DELETE /admin/realms/{realm}/identity-provider/instances/{alias}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
alias |
string |
|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Export public broker configuration for identity provider
GET /admin/realms/{realm}/identity-provider/instances/{alias}/export
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
alias |
string |
|
Path |
realm |
realm name (not id!) |
string |
Query |
format |
Format to use |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Return object stating whether client Authorization permissions have been initialized or not and a reference
GET /admin/realms/{realm}/identity-provider/instances/{alias}/management/permissions
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
alias |
string |
|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
Return object stating whether client Authorization permissions have been initialized or not and a reference
PUT /admin/realms/{realm}/identity-provider/instances/{alias}/management/permissions
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
alias |
string |
|
Path |
realm |
realm name (not id!) |
string |
Body |
ref |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
application/json
Produces
-
application/json
Get mapper types for identity provider
GET /admin/realms/{realm}/identity-provider/instances/{alias}/mapper-types
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
alias |
string |
|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
object |
Add a mapper to identity provider
POST /admin/realms/{realm}/identity-provider/instances/{alias}/mappers
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
alias |
string |
|
Path |
realm |
realm name (not id!) |
string |
Body |
mapper |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
application/json
Get mappers for identity provider
GET /admin/realms/{realm}/identity-provider/instances/{alias}/mappers
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
alias |
string |
|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< IdentityProviderMapperRepresentation > array |
Produces
-
application/json
Get mapper by id for the identity provider
GET /admin/realms/{realm}/identity-provider/instances/{alias}/mappers/{id}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
alias |
string |
|
Path |
id |
string |
|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
Update a mapper for the identity provider
PUT /admin/realms/{realm}/identity-provider/instances/{alias}/mappers/{id}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
alias |
string |
|
Path |
id |
Mapper id |
string |
Path |
realm |
realm name (not id!) |
string |
Body |
rep |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Consumes
-
application/json
Delete a mapper for the identity provider
DELETE /admin/realms/{realm}/identity-provider/instances/{alias}/mappers/{id}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
alias |
string |
|
Path |
id |
Mapper id |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Get identity providers
GET /admin/realms/{realm}/identity-provider/providers/{provider_id}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
provider_id |
Provider id |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
Key
GET /admin/realms/{realm}/keys
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
Protocol Mappers
Create multiple mappers
POST /admin/realms/{realm}/client-scopes/{id}/protocol-mappers/add-models
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client scope (not name) |
string |
Path |
realm |
realm name (not id!) |
string |
Body |
reps |
< ProtocolMapperRepresentation > array |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Consumes
-
application/json
Create a mapper
POST /admin/realms/{realm}/client-scopes/{id}/protocol-mappers/models
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client scope (not name) |
string |
Path |
realm |
realm name (not id!) |
string |
Body |
rep |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
application/json
Get mappers
GET /admin/realms/{realm}/client-scopes/{id}/protocol-mappers/models
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client scope (not name) |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< ProtocolMapperRepresentation > array |
Produces
-
application/json
Get mapper by id
GET /admin/realms/{realm}/client-scopes/{id}/protocol-mappers/models/{id}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
Mapper id |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
Update the mapper
PUT /admin/realms/{realm}/client-scopes/{id}/protocol-mappers/models/{id}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
Mapper id |
string |
Path |
realm |
realm name (not id!) |
string |
Body |
rep |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Consumes
-
application/json
Delete the mapper
DELETE /admin/realms/{realm}/client-scopes/{id}/protocol-mappers/models/{id}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
Mapper id |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Get mappers by name for a specific protocol
GET /admin/realms/{realm}/client-scopes/{id}/protocol-mappers/protocol/{protocol}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client scope (not name) |
string |
Path |
protocol |
string |
|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< ProtocolMapperRepresentation > array |
Produces
-
application/json
Create multiple mappers
POST /admin/realms/{realm}/clients/{id}/protocol-mappers/add-models
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Body |
reps |
< ProtocolMapperRepresentation > array |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Consumes
-
application/json
Create a mapper
POST /admin/realms/{realm}/clients/{id}/protocol-mappers/models
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Body |
rep |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
application/json
Get mappers
GET /admin/realms/{realm}/clients/{id}/protocol-mappers/models
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< ProtocolMapperRepresentation > array |
Produces
-
application/json
Get mapper by id
GET /admin/realms/{realm}/clients/{id}/protocol-mappers/models/{id}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
Mapper id |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
Update the mapper
PUT /admin/realms/{realm}/clients/{id}/protocol-mappers/models/{id}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
Mapper id |
string |
Path |
realm |
realm name (not id!) |
string |
Body |
rep |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Consumes
-
application/json
Delete the mapper
DELETE /admin/realms/{realm}/clients/{id}/protocol-mappers/models/{id}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
Mapper id |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Get mappers by name for a specific protocol
GET /admin/realms/{realm}/clients/{id}/protocol-mappers/protocol/{protocol}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
protocol |
string |
|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< ProtocolMapperRepresentation > array |
Produces
-
application/json
Realms Admin
Import a realm Imports a realm from a full representation of that realm.
POST /admin/realms
Description
Realm name must be unique.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Body |
rep |
JSON representation of the realm |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
application/json
Get accessible realms Returns a list of accessible realms.
GET /admin/realms
Description
The list is filtered based on what realms the caller is allowed to view.
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< RealmRepresentation > array |
Produces
-
application/json
Get the top-level representation of the realm It will not include nested information like User and Client representations.
GET /admin/realms/{realm}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
Update the top-level information of the realm Any user, roles or client information in the representation will be ignored.
PUT /admin/realms/{realm}
Description
This will only update top-level attributes of the realm.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Body |
rep |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
application/json
Delete the realm
DELETE /admin/realms/{realm}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Get admin events Returns all admin events, or filters events based on URL query parameters listed here
GET /admin/realms/{realm}/admin-events
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Query |
authClient |
string |
|
Query |
authIpAddress |
string |
|
Query |
authRealm |
string |
|
Query |
authUser |
user id |
string |
Query |
dateFrom |
string |
|
Query |
dateTo |
string |
|
Query |
first |
integer(int32) |
|
Query |
max |
Maximum results size (defaults to 100) |
integer(int32) |
Query |
operationTypes |
< string > array(csv) |
|
Query |
resourcePath |
string |
|
Query |
resourceTypes |
< string > array(csv) |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< AdminEventRepresentation > array |
Produces
-
application/json
Delete all admin events
DELETE /admin/realms/{realm}/admin-events
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Clear cache of external public keys (Public keys of clients or Identity providers)
POST /admin/realms/{realm}/clear-keys-cache
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Clear realm cache
POST /admin/realms/{realm}/clear-realm-cache
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Clear user cache
POST /admin/realms/{realm}/clear-user-cache
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Base path for importing clients under this realm.
POST /admin/realms/{realm}/client-description-converter
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Body |
description |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
application/json
-
application/xml
-
text/plain
Produces
-
application/json
Get client session stats Returns a JSON map.
GET /admin/realms/{realm}/client-session-stats
Description
The key is the client id, the value is the number of sessions that currently are active with that client. Only clients that actually have a session associated with them will be in this map.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< object > array |
Produces
-
application/json
Get realm default client scopes.
GET /admin/realms/{realm}/default-default-client-scopes
Description
Only name and ids are returned.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< ClientScopeRepresentation > array |
Produces
-
application/json
PUT /admin/realms/{realm}/default-default-client-scopes/{clientScopeId}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
clientScopeId |
string |
|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
DELETE /admin/realms/{realm}/default-default-client-scopes/{clientScopeId}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
clientScopeId |
string |
|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Get group hierarchy.
GET /admin/realms/{realm}/default-groups
Description
Only name and ids are returned.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< GroupRepresentation > array |
Produces
-
application/json
PUT /admin/realms/{realm}/default-groups/{groupId}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
groupId |
string |
|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
DELETE /admin/realms/{realm}/default-groups/{groupId}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
groupId |
string |
|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Get realm optional client scopes.
GET /admin/realms/{realm}/default-optional-client-scopes
Description
Only name and ids are returned.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< ClientScopeRepresentation > array |
Produces
-
application/json
PUT /admin/realms/{realm}/default-optional-client-scopes/{clientScopeId}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
clientScopeId |
string |
|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
DELETE /admin/realms/{realm}/default-optional-client-scopes/{clientScopeId}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
clientScopeId |
string |
|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Get events Returns all events, or filters them based on URL query parameters listed here
GET /admin/realms/{realm}/events
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Query |
client |
App or oauth client name |
string |
Query |
dateFrom |
From date |
string |
Query |
dateTo |
To date |
string |
Query |
first |
Paging offset |
integer(int32) |
Query |
ipAddress |
IP address |
string |
Query |
max |
Maximum results size (defaults to 100) |
integer(int32) |
Query |
type |
The types of events to return |
< string > array(csv) |
Query |
user |
User id |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< EventRepresentation > array |
Produces
-
application/json
Delete all events
DELETE /admin/realms/{realm}/events
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Get the events provider configuration Returns JSON object with events provider configuration
GET /admin/realms/{realm}/events/config
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
Update the events provider Change the events provider and/or its configuration
PUT /admin/realms/{realm}/events/config
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Body |
rep |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Consumes
-
application/json
GET /admin/realms/{realm}/group-by-path/{path}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
path |
string |
|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
Removes all user sessions.
POST /admin/realms/{realm}/logout-all
Description
Any client that has an admin url will also be told to invalidate any sessions they have.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Partial export of existing realm into a JSON file.
POST /admin/realms/{realm}/partial-export
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Query |
exportClients |
boolean |
|
Query |
exportGroupsAndRoles |
boolean |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
Partial import from a JSON file to an existing realm.
POST /admin/realms/{realm}/partialImport
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Body |
rep |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
application/json
Push the realm’s revocation policy to any client that has an admin url associated with it.
POST /admin/realms/{realm}/push-revocation
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Remove a specific user session.
DELETE /admin/realms/{realm}/sessions/{session}
Description
Any client that has an admin url will also be told to invalidate this particular session.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Path |
session |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Test LDAP connection
POST /admin/realms/{realm}/testLDAPConnection
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
FormData |
action |
string |
|
FormData |
bindCredential |
string |
|
FormData |
bindDn |
string |
|
FormData |
componentId |
string |
|
FormData |
connectionTimeout |
string |
|
FormData |
connectionUrl |
string |
|
FormData |
useTruststoreSpi |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Test SMTP connection with current logged in user
POST /admin/realms/{realm}/testSMTPConnection/{config}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
config |
SMTP server configuration |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
GET /admin/realms/{realm}/users-management-permissions
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
PUT /admin/realms/{realm}/users-management-permissions
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Body |
ref |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
application/json
Produces
-
application/json
Role Mapper
Get role mappings
GET /admin/realms/{realm}/groups/{id}/role-mappings
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
string |
|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
Add realm-level role mappings to the user
POST /admin/realms/{realm}/groups/{id}/role-mappings/realm
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
string |
|
Path |
realm |
realm name (not id!) |
string |
Body |
roles |
Roles to add |
< RoleRepresentation > array |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Consumes
-
application/json
Get realm-level role mappings
GET /admin/realms/{realm}/groups/{id}/role-mappings/realm
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
string |
|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< RoleRepresentation > array |
Produces
-
application/json
Delete realm-level role mappings
DELETE /admin/realms/{realm}/groups/{id}/role-mappings/realm
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
string |
|
Path |
realm |
realm name (not id!) |
string |
Body |
roles |
< RoleRepresentation > array |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Consumes
-
application/json
Get realm-level roles that can be mapped
GET /admin/realms/{realm}/groups/{id}/role-mappings/realm/available
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
string |
|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< RoleRepresentation > array |
Produces
-
application/json
Get effective realm-level role mappings This will recurse all composite roles to get the result.
GET /admin/realms/{realm}/groups/{id}/role-mappings/realm/composite
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
string |
|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< RoleRepresentation > array |
Produces
-
application/json
Get role mappings
GET /admin/realms/{realm}/users/{id}/role-mappings
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
User id |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
Add realm-level role mappings to the user
POST /admin/realms/{realm}/users/{id}/role-mappings/realm
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
User id |
string |
Path |
realm |
realm name (not id!) |
string |
Body |
roles |
Roles to add |
< RoleRepresentation > array |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Consumes
-
application/json
Get realm-level role mappings
GET /admin/realms/{realm}/users/{id}/role-mappings/realm
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
User id |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< RoleRepresentation > array |
Produces
-
application/json
Delete realm-level role mappings
DELETE /admin/realms/{realm}/users/{id}/role-mappings/realm
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
User id |
string |
Path |
realm |
realm name (not id!) |
string |
Body |
roles |
< RoleRepresentation > array |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Consumes
-
application/json
Get realm-level roles that can be mapped
GET /admin/realms/{realm}/users/{id}/role-mappings/realm/available
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
User id |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< RoleRepresentation > array |
Produces
-
application/json
Get effective realm-level role mappings This will recurse all composite roles to get the result.
GET /admin/realms/{realm}/users/{id}/role-mappings/realm/composite
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
User id |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< RoleRepresentation > array |
Produces
-
application/json
Roles
Create a new role for the realm or client
POST /admin/realms/{realm}/clients/{id}/roles
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Body |
rep |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
application/json
Get all roles for the realm or client
GET /admin/realms/{realm}/clients/{id}/roles
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< RoleRepresentation > array |
Produces
-
application/json
Get a role by name
GET /admin/realms/{realm}/clients/{id}/roles/{role-name}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Path |
role-name |
role’s name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
Update a role by name
PUT /admin/realms/{realm}/clients/{id}/roles/{role-name}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Path |
role-name |
role’s name (not id!) |
string |
Body |
rep |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
application/json
Delete a role by name
DELETE /admin/realms/{realm}/clients/{id}/roles/{role-name}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Path |
role-name |
role’s name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Add a composite to the role
POST /admin/realms/{realm}/clients/{id}/roles/{role-name}/composites
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Path |
role-name |
role’s name (not id!) |
string |
Body |
roles |
< RoleRepresentation > array |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Consumes
-
application/json
Get composites of the role
GET /admin/realms/{realm}/clients/{id}/roles/{role-name}/composites
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Path |
role-name |
role’s name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< RoleRepresentation > array |
Produces
-
application/json
Remove roles from the role’s composite
DELETE /admin/realms/{realm}/clients/{id}/roles/{role-name}/composites
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Path |
role-name |
role’s name (not id!) |
string |
Body |
roles |
roles to remove |
< RoleRepresentation > array |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Consumes
-
application/json
An app-level roles for the specified app for the role’s composite
GET /admin/realms/{realm}/clients/{id}/roles/{role-name}/composites/clients/{client}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
client |
string |
|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Path |
role-name |
role’s name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< RoleRepresentation > array |
Produces
-
application/json
Get realm-level roles of the role’s composite
GET /admin/realms/{realm}/clients/{id}/roles/{role-name}/composites/realm
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Path |
role-name |
role’s name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< RoleRepresentation > array |
Produces
-
application/json
Return object stating whether role Authoirzation permissions have been initialized or not and a reference
GET /admin/realms/{realm}/clients/{id}/roles/{role-name}/management/permissions
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Path |
role-name |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
Return object stating whether role Authoirzation permissions have been initialized or not and a reference
PUT /admin/realms/{realm}/clients/{id}/roles/{role-name}/management/permissions
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Path |
role-name |
string |
|
Body |
ref |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
application/json
Produces
-
application/json
Return List of Users that have the specified role name
GET /admin/realms/{realm}/clients/{id}/roles/{role-name}/users
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Path |
role-name |
string |
|
Query |
first |
integer(int32) |
|
Query |
max |
integer(int32) |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< UserRepresentation > array |
Produces
-
application/json
Create a new role for the realm or client
POST /admin/realms/{realm}/roles
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Body |
rep |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
application/json
Get all roles for the realm or client
GET /admin/realms/{realm}/roles
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< RoleRepresentation > array |
Produces
-
application/json
Get a role by name
GET /admin/realms/{realm}/roles/{role-name}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Path |
role-name |
role’s name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
Update a role by name
PUT /admin/realms/{realm}/roles/{role-name}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Path |
role-name |
role’s name (not id!) |
string |
Body |
rep |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
application/json
Delete a role by name
DELETE /admin/realms/{realm}/roles/{role-name}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Path |
role-name |
role’s name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Add a composite to the role
POST /admin/realms/{realm}/roles/{role-name}/composites
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Path |
role-name |
role’s name (not id!) |
string |
Body |
roles |
< RoleRepresentation > array |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Consumes
-
application/json
Get composites of the role
GET /admin/realms/{realm}/roles/{role-name}/composites
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Path |
role-name |
role’s name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< RoleRepresentation > array |
Produces
-
application/json
Remove roles from the role’s composite
DELETE /admin/realms/{realm}/roles/{role-name}/composites
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Path |
role-name |
role’s name (not id!) |
string |
Body |
roles |
roles to remove |
< RoleRepresentation > array |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Consumes
-
application/json
An app-level roles for the specified app for the role’s composite
GET /admin/realms/{realm}/roles/{role-name}/composites/clients/{client}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
client |
string |
|
Path |
realm |
realm name (not id!) |
string |
Path |
role-name |
role’s name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< RoleRepresentation > array |
Produces
-
application/json
Get realm-level roles of the role’s composite
GET /admin/realms/{realm}/roles/{role-name}/composites/realm
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Path |
role-name |
role’s name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< RoleRepresentation > array |
Produces
-
application/json
Return object stating whether role Authoirzation permissions have been initialized or not and a reference
GET /admin/realms/{realm}/roles/{role-name}/management/permissions
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Path |
role-name |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
Return object stating whether role Authoirzation permissions have been initialized or not and a reference
PUT /admin/realms/{realm}/roles/{role-name}/management/permissions
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Path |
role-name |
string |
|
Body |
ref |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
application/json
Produces
-
application/json
Return List of Users that have the specified role name
GET /admin/realms/{realm}/roles/{role-name}/users
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Path |
role-name |
string |
|
Query |
first |
integer(int32) |
|
Query |
max |
integer(int32) |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< UserRepresentation > array |
Produces
-
application/json
Roles (by ID)
Get a specific role’s representation
GET /admin/realms/{realm}/roles-by-id/{role-id}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Path |
role-id |
id of role |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
Update the role
PUT /admin/realms/{realm}/roles-by-id/{role-id}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Path |
role-id |
id of role |
string |
Body |
rep |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Consumes
-
application/json
Delete the role
DELETE /admin/realms/{realm}/roles-by-id/{role-id}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Path |
role-id |
id of role |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Make the role a composite role by associating some child roles
POST /admin/realms/{realm}/roles-by-id/{role-id}/composites
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Path |
role-id |
string |
|
Body |
roles |
< RoleRepresentation > array |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Consumes
-
application/json
Get role’s children Returns a set of role’s children provided the role is a composite.
GET /admin/realms/{realm}/roles-by-id/{role-id}/composites
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Path |
role-id |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< RoleRepresentation > array |
Produces
-
application/json
Remove a set of roles from the role’s composite
DELETE /admin/realms/{realm}/roles-by-id/{role-id}/composites
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Path |
role-id |
Role id |
string |
Body |
roles |
A set of roles to be removed |
< RoleRepresentation > array |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Consumes
-
application/json
Get client-level roles for the client that are in the role’s composite
GET /admin/realms/{realm}/roles-by-id/{role-id}/composites/clients/{client}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
client |
string |
|
Path |
realm |
realm name (not id!) |
string |
Path |
role-id |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< RoleRepresentation > array |
Produces
-
application/json
Get realm-level roles that are in the role’s composite
GET /admin/realms/{realm}/roles-by-id/{role-id}/composites/realm
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Path |
role-id |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< RoleRepresentation > array |
Produces
-
application/json
Return object stating whether role Authoirzation permissions have been initialized or not and a reference
GET /admin/realms/{realm}/roles-by-id/{role-id}/management/permissions
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Path |
role-id |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
Return object stating whether role Authoirzation permissions have been initialized or not and a reference
PUT /admin/realms/{realm}/roles-by-id/{role-id}/management/permissions
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Path |
role-id |
string |
|
Body |
ref |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
application/json
Produces
-
application/json
Scope Mappings
Get all scope mappings for the client
GET /admin/realms/{realm}/client-scopes/{id}/scope-mappings
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client scope (not name) |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
Add client-level roles to the client’s scope
POST /admin/realms/{realm}/client-scopes/{id}/scope-mappings/clients/{client}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
client |
string |
|
Path |
id |
id of client scope (not name) |
string |
Path |
realm |
realm name (not id!) |
string |
Body |
roles |
< RoleRepresentation > array |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Consumes
-
application/json
Get the roles associated with a client’s scope Returns roles for the client.
GET /admin/realms/{realm}/client-scopes/{id}/scope-mappings/clients/{client}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
client |
string |
|
Path |
id |
id of client scope (not name) |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< RoleRepresentation > array |
Produces
-
application/json
Remove client-level roles from the client’s scope.
DELETE /admin/realms/{realm}/client-scopes/{id}/scope-mappings/clients/{client}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
client |
string |
|
Path |
id |
id of client scope (not name) |
string |
Path |
realm |
realm name (not id!) |
string |
Body |
roles |
< RoleRepresentation > array |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Consumes
-
application/json
The available client-level roles Returns the roles for the client that can be associated with the client’s scope
GET /admin/realms/{realm}/client-scopes/{id}/scope-mappings/clients/{client}/available
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
client |
string |
|
Path |
id |
id of client scope (not name) |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< RoleRepresentation > array |
Produces
-
application/json
Get effective client roles Returns the roles for the client that are associated with the client’s scope.
GET /admin/realms/{realm}/client-scopes/{id}/scope-mappings/clients/{client}/composite
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
client |
string |
|
Path |
id |
id of client scope (not name) |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< RoleRepresentation > array |
Produces
-
application/json
Add a set of realm-level roles to the client’s scope
POST /admin/realms/{realm}/client-scopes/{id}/scope-mappings/realm
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client scope (not name) |
string |
Path |
realm |
realm name (not id!) |
string |
Body |
roles |
< RoleRepresentation > array |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Consumes
-
application/json
Get realm-level roles associated with the client’s scope
GET /admin/realms/{realm}/client-scopes/{id}/scope-mappings/realm
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client scope (not name) |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< RoleRepresentation > array |
Produces
-
application/json
Remove a set of realm-level roles from the client’s scope
DELETE /admin/realms/{realm}/client-scopes/{id}/scope-mappings/realm
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client scope (not name) |
string |
Path |
realm |
realm name (not id!) |
string |
Body |
roles |
< RoleRepresentation > array |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Consumes
-
application/json
Get realm-level roles that are available to attach to this client’s scope
GET /admin/realms/{realm}/client-scopes/{id}/scope-mappings/realm/available
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client scope (not name) |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< RoleRepresentation > array |
Produces
-
application/json
Get effective realm-level roles associated with the client’s scope What this does is recurse any composite roles associated with the client’s scope and adds the roles to this lists.
GET /admin/realms/{realm}/client-scopes/{id}/scope-mappings/realm/composite
Description
The method is really to show a comprehensive total view of realm-level roles associated with the client.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client scope (not name) |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< RoleRepresentation > array |
Produces
-
application/json
Get all scope mappings for the client
GET /admin/realms/{realm}/clients/{id}/scope-mappings
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
Add client-level roles to the client’s scope
POST /admin/realms/{realm}/clients/{id}/scope-mappings/clients/{client}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
client |
string |
|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Body |
roles |
< RoleRepresentation > array |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Consumes
-
application/json
Get the roles associated with a client’s scope Returns roles for the client.
GET /admin/realms/{realm}/clients/{id}/scope-mappings/clients/{client}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
client |
string |
|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< RoleRepresentation > array |
Produces
-
application/json
Remove client-level roles from the client’s scope.
DELETE /admin/realms/{realm}/clients/{id}/scope-mappings/clients/{client}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
client |
string |
|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Body |
roles |
< RoleRepresentation > array |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Consumes
-
application/json
The available client-level roles Returns the roles for the client that can be associated with the client’s scope
GET /admin/realms/{realm}/clients/{id}/scope-mappings/clients/{client}/available
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
client |
string |
|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< RoleRepresentation > array |
Produces
-
application/json
Get effective client roles Returns the roles for the client that are associated with the client’s scope.
GET /admin/realms/{realm}/clients/{id}/scope-mappings/clients/{client}/composite
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
client |
string |
|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< RoleRepresentation > array |
Produces
-
application/json
Add a set of realm-level roles to the client’s scope
POST /admin/realms/{realm}/clients/{id}/scope-mappings/realm
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Body |
roles |
< RoleRepresentation > array |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Consumes
-
application/json
Get realm-level roles associated with the client’s scope
GET /admin/realms/{realm}/clients/{id}/scope-mappings/realm
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< RoleRepresentation > array |
Produces
-
application/json
Remove a set of realm-level roles from the client’s scope
DELETE /admin/realms/{realm}/clients/{id}/scope-mappings/realm
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Body |
roles |
< RoleRepresentation > array |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Consumes
-
application/json
Get realm-level roles that are available to attach to this client’s scope
GET /admin/realms/{realm}/clients/{id}/scope-mappings/realm/available
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< RoleRepresentation > array |
Produces
-
application/json
Get effective realm-level roles associated with the client’s scope What this does is recurse any composite roles associated with the client’s scope and adds the roles to this lists.
GET /admin/realms/{realm}/clients/{id}/scope-mappings/realm/composite
Description
The method is really to show a comprehensive total view of realm-level roles associated with the client.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id of client (not client-id) |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< RoleRepresentation > array |
Produces
-
application/json
Server Info
Get themes, social providers, auth providers, and event listeners available on this server
GET /admin/serverinfo
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
User Storage Provider
Need this for admin console to display simple name of provider when displaying user detail KEYCLOAK-4328
GET /admin/realms/{realm}/user-storage/{id}/name
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
string |
|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
object |
Produces
-
application/json
Remove imported users
POST /admin/realms/{realm}/user-storage/{id}/remove-imported-users
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
string |
|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Trigger sync of users Action can be "triggerFullSync" or "triggerChangedUsersSync"
POST /admin/realms/{realm}/user-storage/{id}/sync
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
string |
|
Path |
realm |
realm name (not id!) |
string |
Query |
action |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
Unlink imported users from a storage provider
POST /admin/realms/{realm}/user-storage/{id}/unlink-users
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
string |
|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Trigger sync of mapper data related to ldap mapper (roles, groups, …) direction is "fedToKeycloak" or "keycloakToFed"
POST /admin/realms/{realm}/user-storage/{parentId}/mappers/{id}/sync
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
string |
|
Path |
parentId |
string |
|
Path |
realm |
realm name (not id!) |
string |
Query |
direction |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
Need this for admin console to display simple name of provider when displaying client detail KEYCLOAK-4328
GET /{id}/name
Parameters
Type | Name | Schema |
---|---|---|
Path |
id |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
object |
Produces
-
application/json
Users
Create a new user Username must be unique.
POST /admin/realms/{realm}/users
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Body |
rep |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
application/json
Get users Returns a list of users, filtered according to query parameters
GET /admin/realms/{realm}/users
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Query |
email |
string |
|
Query |
first |
integer(int32) |
|
Query |
firstName |
string |
|
Query |
lastName |
string |
|
Query |
max |
Maximum results size (defaults to 100) |
integer(int32) |
Query |
search |
A String contained in username, first or last name, or email |
string |
Query |
username |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< UserRepresentation > array |
Produces
-
application/json
GET /admin/realms/{realm}/users/count
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
integer(int32) |
Produces
-
application/json
Get representation of the user
GET /admin/realms/{realm}/users/{id}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
User id |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Produces
-
application/json
Update the user
PUT /admin/realms/{realm}/users/{id}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
User id |
string |
Path |
realm |
realm name (not id!) |
string |
Body |
rep |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
application/json
Delete the user
DELETE /admin/realms/{realm}/users/{id}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
User id |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Get consents granted by the user
GET /admin/realms/{realm}/users/{id}/consents
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
User id |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< object > array |
Produces
-
application/json
Revoke consent and offline tokens for particular client from user
DELETE /admin/realms/{realm}/users/{id}/consents/{client}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
client |
Client id |
string |
Path |
id |
User id |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Disable all credentials for a user of a specific type
PUT /admin/realms/{realm}/users/{id}/disable-credential-types
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
User id |
string |
Path |
realm |
realm name (not id!) |
string |
Body |
credentialTypes |
< string > array |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Consumes
-
application/json
Send a update account email to the user An email contains a link the user can click to perform a set of required actions.
PUT /admin/realms/{realm}/users/{id}/execute-actions-email
Description
The redirectUri and clientId parameters are optional. If no redirect is given, then there will be no link back to click after actions have completed. Redirect uri must be a valid uri for the particular clientId.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
User id |
string |
Path |
realm |
realm name (not id!) |
string |
Query |
client_id |
Client id |
string |
Query |
lifespan |
Number of seconds after which the generated token expires |
integer(int32) |
Query |
redirect_uri |
Redirect uri |
string |
Body |
actions |
required actions the user needs to complete |
< string > array |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
application/json
Get social logins associated with the user
GET /admin/realms/{realm}/users/{id}/federated-identity
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
User id |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< FederatedIdentityRepresentation > array |
Produces
-
application/json
Add a social login provider to the user
POST /admin/realms/{realm}/users/{id}/federated-identity/{provider}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
User id |
string |
Path |
provider |
Social login provider id |
string |
Path |
realm |
realm name (not id!) |
string |
Body |
rep |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Remove a social login provider from user
DELETE /admin/realms/{realm}/users/{id}/federated-identity/{provider}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
User id |
string |
Path |
provider |
Social login provider id |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
GET /admin/realms/{realm}/users/{id}/groups
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
User id |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< GroupRepresentation > array |
Produces
-
application/json
PUT /admin/realms/{realm}/users/{id}/groups/{groupId}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
groupId |
string |
|
Path |
id |
User id |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
DELETE /admin/realms/{realm}/users/{id}/groups/{groupId}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
groupId |
string |
|
Path |
id |
User id |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Impersonate the user
POST /admin/realms/{realm}/users/{id}/impersonation
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
User id |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
object |
Produces
-
application/json
Remove all user sessions associated with the user Also send notification to all clients that have an admin URL to invalidate the sessions for the particular user.
POST /admin/realms/{realm}/users/{id}/logout
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
User id |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Get offline sessions associated with the user and client
GET /admin/realms/{realm}/users/{id}/offline-sessions/{clientId}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
clientId |
string |
|
Path |
id |
User id |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< UserSessionRepresentation > array |
Produces
-
application/json
Remove TOTP from the user
PUT /admin/realms/{realm}/users/{id}/remove-totp
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
User id |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Consumes
-
application/json
Set up a temporary password for the user User will have to reset the temporary password next time they log in.
PUT /admin/realms/{realm}/users/{id}/reset-password
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
User id |
string |
Path |
realm |
realm name (not id!) |
string |
Body |
pass |
A Temporary password |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
No Content |
Consumes
-
application/json
Send an email-verification email to the user An email contains a link the user can click to verify their email address.
PUT /admin/realms/{realm}/users/{id}/send-verify-email
Description
The redirectUri and clientId parameters are optional. The default for the redirect is the account client.
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
User id |
string |
Path |
realm |
realm name (not id!) |
string |
Query |
client_id |
Client id |
string |
Query |
redirect_uri |
Redirect uri |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
Consumes
-
application/json
Get sessions associated with the user
GET /admin/realms/{realm}/users/{id}/sessions
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
User id |
string |
Path |
realm |
realm name (not id!) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
default |
success |
< UserSessionRepresentation > array |
Produces
-
application/json
Root
Definitions
AccessToken
Name | Schema |
---|---|
acr |
string |
address |
|
allowed-origins |
< string > array |
at_hash |
string |
auth_time |
integer(int32) |
authorization |
|
azp |
string |
birthdate |
string |
c_hash |
string |
claims_locales |
string |
cnf |
|
email |
string |
email_verified |
boolean |
exp |
integer(int32) |
family_name |
string |
gender |
string |
given_name |
string |
iat |
integer(int32) |
iss |
string |
jti |
string |
locale |
string |
middle_name |
string |
name |
string |
nickname |
string |
nonce |
string |
otherClaims |
object |
phone_number |
string |
phone_number_verified |
boolean |
picture |
string |
preferred_username |
string |
profile |
string |
realm_access |
|
s_hash |
string |
scope |
string |
session_state |
string |
sub |
string |
trusted-certs |
< string > array |
typ |
string |
updated_at |
integer(int64) |
website |
string |
zoneinfo |
string |
AccessToken-Access
Name | Schema |
---|---|
roles |
< string > array |
verify_caller |
boolean |
AccessToken-Authorization
Name | Schema |
---|---|
permissions |
< Permission > array |
AccessToken-CertConf
Name | Schema |
---|---|
x5t#S256 |
string |
AddressClaimSet
Name | Schema |
---|---|
country |
string |
formatted |
string |
locality |
string |
postal_code |
string |
region |
string |
street_address |
string |
AdminEventRepresentation
Name | Schema |
---|---|
authDetails |
|
error |
string |
operationType |
string |
realmId |
string |
representation |
string |
resourcePath |
string |
resourceType |
string |
time |
integer(int64) |
AuthDetailsRepresentation
Name | Schema |
---|---|
clientId |
string |
ipAddress |
string |
realmId |
string |
userId |
string |
AuthenticationExecutionExportRepresentation
Name | Schema |
---|---|
authenticator |
string |
authenticatorConfig |
string |
authenticatorFlow |
boolean |
autheticatorFlow |
boolean |
flowAlias |
string |
priority |
integer(int32) |
requirement |
string |
userSetupAllowed |
boolean |
AuthenticationExecutionInfoRepresentation
Name | Schema |
---|---|
alias |
string |
authenticationConfig |
string |
authenticationFlow |
boolean |
configurable |
boolean |
displayName |
string |
flowId |
string |
id |
string |
index |
integer(int32) |
level |
integer(int32) |
providerId |
string |
requirement |
string |
requirementChoices |
< string > array |
AuthenticationExecutionRepresentation
Name | Schema |
---|---|
authenticator |
string |
authenticatorConfig |
string |
authenticatorFlow |
boolean |
autheticatorFlow |
boolean |
flowId |
string |
id |
string |
parentFlow |
string |
priority |
integer(int32) |
requirement |
string |
AuthenticationFlowRepresentation
Name | Schema |
---|---|
alias |
string |
authenticationExecutions |
|
builtIn |
boolean |
description |
string |
id |
string |
providerId |
string |
topLevel |
boolean |
AuthenticatorConfigInfoRepresentation
Name | Schema |
---|---|
helpText |
string |
name |
string |
properties |
< ConfigPropertyRepresentation > array |
providerId |
string |
AuthenticatorConfigRepresentation
Name | Schema |
---|---|
alias |
string |
config |
object |
id |
string |
CertificateRepresentation
Name | Schema |
---|---|
certificate |
string |
kid |
string |
privateKey |
string |
publicKey |
string |
ClientInitialAccessCreatePresentation
Name | Schema |
---|---|
count |
integer(int32) |
expiration |
integer(int32) |
ClientInitialAccessPresentation
Name | Schema |
---|---|
count |
integer(int32) |
expiration |
integer(int32) |
id |
string |
remainingCount |
integer(int32) |
timestamp |
integer(int32) |
token |
string |
ClientMappingsRepresentation
Name | Schema |
---|---|
client |
string |
id |
string |
mappings |
< RoleRepresentation > array |
ClientRepresentation
Name | Schema |
---|---|
access |
object |
adminUrl |
string |
attributes |
object |
authenticationFlowBindingOverrides |
object |
authorizationServicesEnabled |
boolean |
authorizationSettings |
|
baseUrl |
string |
bearerOnly |
boolean |
clientAuthenticatorType |
string |
clientId |
string |
consentRequired |
boolean |
defaultClientScopes |
< string > array |
defaultRoles |
< string > array |
description |
string |
directAccessGrantsEnabled |
boolean |
enabled |
boolean |
frontchannelLogout |
boolean |
fullScopeAllowed |
boolean |
id |
string |
implicitFlowEnabled |
boolean |
name |
string |
nodeReRegistrationTimeout |
integer(int32) |
notBefore |
integer(int32) |
optionalClientScopes |
< string > array |
origin |
string |
protocol |
string |
protocolMappers |
< ProtocolMapperRepresentation > array |
publicClient |
boolean |
redirectUris |
< string > array |
registeredNodes |
object |
registrationAccessToken |
string |
rootUrl |
string |
secret |
string |
serviceAccountsEnabled |
boolean |
standardFlowEnabled |
boolean |
surrogateAuthRequired |
boolean |
webOrigins |
< string > array |
ClientScopeEvaluateResource-ProtocolMapperEvaluationRepresentation
Name | Schema |
---|---|
containerId |
string |
containerName |
string |
containerType |
string |
mapperId |
string |
mapperName |
string |
protocolMapper |
string |
ClientScopeRepresentation
Name | Schema |
---|---|
attributes |
object |
description |
string |
id |
string |
name |
string |
protocol |
string |
protocolMappers |
< ProtocolMapperRepresentation > array |
ComponentExportRepresentation
Name | Schema |
---|---|
config |
|
id |
string |
name |
string |
providerId |
string |
subComponents |
|
subType |
string |
ComponentRepresentation
Name | Schema |
---|---|
config |
|
id |
string |
name |
string |
parentId |
string |
providerId |
string |
providerType |
string |
subType |
string |
ComponentTypeRepresentation
Name | Schema |
---|---|
helpText |
string |
id |
string |
metadata |
object |
properties |
< ConfigPropertyRepresentation > array |
ConfigPropertyRepresentation
Name | Schema |
---|---|
defaultValue |
|
helpText |
string |
label |
string |
name |
string |
options |
< string > array |
secret |
boolean |
type |
string |
CredentialRepresentation
Name | Schema |
---|---|
algorithm |
string |
config |
|
counter |
integer(int32) |
createdDate |
integer(int64) |
device |
string |
digits |
integer(int32) |
hashIterations |
integer(int32) |
hashedSaltedValue |
string |
period |
integer(int32) |
salt |
string |
temporary |
boolean |
type |
string |
value |
string |
EventRepresentation
Name | Schema |
---|---|
clientId |
string |
details |
object |
error |
string |
ipAddress |
string |
realmId |
string |
sessionId |
string |
time |
integer(int64) |
type |
string |
userId |
string |
FederatedIdentityRepresentation
Name | Schema |
---|---|
identityProvider |
string |
userId |
string |
userName |
string |
GlobalRequestResult
Name | Schema |
---|---|
failedRequests |
< string > array |
successRequests |
< string > array |
GroupRepresentation
Name | Schema |
---|---|
access |
object |
attributes |
object |
clientRoles |
object |
id |
string |
name |
string |
path |
string |
realmRoles |
< string > array |
subGroups |
< GroupRepresentation > array |
IdentityProviderMapperRepresentation
Name | Schema |
---|---|
config |
object |
id |
string |
identityProviderAlias |
string |
identityProviderMapper |
string |
name |
string |
IdentityProviderRepresentation
Name | Schema |
---|---|
addReadTokenRoleOnCreate |
boolean |
alias |
string |
config |
object |
displayName |
string |
enabled |
boolean |
firstBrokerLoginFlowAlias |
string |
internalId |
string |
linkOnly |
boolean |
postBrokerLoginFlowAlias |
string |
providerId |
string |
storeToken |
boolean |
trustEmail |
boolean |
KeyStoreConfig
Name | Schema |
---|---|
format |
string |
keyAlias |
string |
keyPassword |
string |
realmAlias |
string |
realmCertificate |
boolean |
storePassword |
string |
KeysMetadataRepresentation
Name | Schema |
---|---|
active |
object |
keys |
< KeysMetadataRepresentation-KeyMetadataRepresentation > array |
KeysMetadataRepresentation-KeyMetadataRepresentation
Name | Schema |
---|---|
algorithms |
< string > array |
certificate |
string |
kid |
string |
providerId |
string |
providerPriority |
integer(int64) |
publicKey |
string |
status |
string |
type |
string |
ManagementPermissionReference
Name | Schema |
---|---|
enabled |
boolean |
resource |
string |
scopePermissions |
object |
MappingsRepresentation
Name | Schema |
---|---|
clientMappings |
object |
realmMappings |
< RoleRepresentation > array |
MemoryInfoRepresentation
Name | Schema |
---|---|
free |
integer(int64) |
freeFormated |
string |
freePercentage |
integer(int64) |
total |
integer(int64) |
totalFormated |
string |
used |
integer(int64) |
usedFormated |
string |
MultivaluedHashMap
Name | Schema |
---|---|
empty |
boolean |
loadFactor |
number(float) |
threshold |
integer(int32) |
PartialImportRepresentation
Name | Schema |
---|---|
clients |
< ClientRepresentation > array |
groups |
< GroupRepresentation > array |
identityProviders |
< IdentityProviderRepresentation > array |
ifResourceExists |
string |
policy |
enum (SKIP, OVERWRITE, FAIL) |
roles |
|
users |
< UserRepresentation > array |
PasswordPolicyTypeRepresentation
Name | Schema |
---|---|
configType |
string |
defaultValue |
string |
displayName |
string |
id |
string |
multipleSupported |
boolean |
Permission
Name | Schema |
---|---|
claims |
object |
rsid |
string |
rsname |
string |
scopes |
< string > array |
PolicyRepresentation
Name | Schema |
---|---|
config |
object |
decisionStrategy |
enum (AFFIRMATIVE, UNANIMOUS, CONSENSUS) |
description |
string |
id |
string |
logic |
enum (POSITIVE, NEGATIVE) |
name |
string |
owner |
string |
policies |
< string > array |
resources |
< string > array |
scopes |
< string > array |
type |
string |
ProfileInfoRepresentation
Name | Schema |
---|---|
disabledFeatures |
< string > array |
name |
string |
ProtocolMapperRepresentation
Name | Schema |
---|---|
config |
object |
id |
string |
name |
string |
protocol |
string |
protocolMapper |
string |
ProviderRepresentation
Name | Schema |
---|---|
operationalInfo |
object |
order |
integer(int32) |
RealmEventsConfigRepresentation
Name | Schema |
---|---|
adminEventsDetailsEnabled |
boolean |
adminEventsEnabled |
boolean |
enabledEventTypes |
< string > array |
eventsEnabled |
boolean |
eventsExpiration |
integer(int64) |
eventsListeners |
< string > array |
RealmRepresentation
Name | Schema |
---|---|
accessCodeLifespan |
integer(int32) |
accessCodeLifespanLogin |
integer(int32) |
accessCodeLifespanUserAction |
integer(int32) |
accessTokenLifespan |
integer(int32) |
accessTokenLifespanForImplicitFlow |
integer(int32) |
accountTheme |
string |
actionTokenGeneratedByAdminLifespan |
integer(int32) |
actionTokenGeneratedByUserLifespan |
integer(int32) |
adminEventsDetailsEnabled |
boolean |
adminEventsEnabled |
boolean |
adminTheme |
string |
attributes |
object |
authenticationFlows |
< AuthenticationFlowRepresentation > array |
authenticatorConfig |
< AuthenticatorConfigRepresentation > array |
browserFlow |
string |
browserSecurityHeaders |
object |
bruteForceProtected |
boolean |
clientAuthenticationFlow |
string |
clientScopeMappings |
object |
clientScopes |
< ClientScopeRepresentation > array |
clients |
< ClientRepresentation > array |
components |
|
defaultDefaultClientScopes |
< string > array |
defaultGroups |
< string > array |
defaultLocale |
string |
defaultOptionalClientScopes |
< string > array |
defaultRoles |
< string > array |
directGrantFlow |
string |
displayName |
string |
displayNameHtml |
string |
dockerAuthenticationFlow |
string |
duplicateEmailsAllowed |
boolean |
editUsernameAllowed |
boolean |
emailTheme |
string |
enabled |
boolean |
enabledEventTypes |
< string > array |
eventsEnabled |
boolean |
eventsExpiration |
integer(int64) |
eventsListeners |
< string > array |
failureFactor |
integer(int32) |
federatedUsers |
< UserRepresentation > array |
groups |
< GroupRepresentation > array |
id |
string |
identityProviderMappers |
< IdentityProviderMapperRepresentation > array |
identityProviders |
< IdentityProviderRepresentation > array |
internationalizationEnabled |
boolean |
keycloakVersion |
string |
loginTheme |
string |
loginWithEmailAllowed |
boolean |
maxDeltaTimeSeconds |
integer(int32) |
maxFailureWaitSeconds |
integer(int32) |
minimumQuickLoginWaitSeconds |
integer(int32) |
notBefore |
integer(int32) |
offlineSessionIdleTimeout |
integer(int32) |
offlineSessionMaxLifespan |
integer(int32) |
offlineSessionMaxLifespanEnabled |
boolean |
otpPolicyAlgorithm |
string |
otpPolicyDigits |
integer(int32) |
otpPolicyInitialCounter |
integer(int32) |
otpPolicyLookAheadWindow |
integer(int32) |
otpPolicyPeriod |
integer(int32) |
otpPolicyType |
string |
otpSupportedApplications |
< string > array |
passwordPolicy |
string |
permanentLockout |
boolean |
protocolMappers |
< ProtocolMapperRepresentation > array |
quickLoginCheckMilliSeconds |
integer(int64) |
realm |
string |
refreshTokenMaxReuse |
integer(int32) |
registrationAllowed |
boolean |
registrationEmailAsUsername |
boolean |
registrationFlow |
string |
rememberMe |
boolean |
requiredActions |
< RequiredActionProviderRepresentation > array |
resetCredentialsFlow |
string |
resetPasswordAllowed |
boolean |
revokeRefreshToken |
boolean |
roles |
|
scopeMappings |
< ScopeMappingRepresentation > array |
smtpServer |
object |
sslRequired |
string |
ssoSessionIdleTimeout |
integer(int32) |
ssoSessionMaxLifespan |
integer(int32) |
supportedLocales |
< string > array |
userFederationMappers |
< UserFederationMapperRepresentation > array |
userFederationProviders |
< UserFederationProviderRepresentation > array |
userManagedAccessAllowed |
boolean |
users |
< UserRepresentation > array |
verifyEmail |
boolean |
waitIncrementSeconds |
integer(int32) |
RequiredActionProviderRepresentation
Name | Schema |
---|---|
alias |
string |
config |
object |
defaultAction |
boolean |
enabled |
boolean |
name |
string |
priority |
integer(int32) |
providerId |
string |
ResourceRepresentation
Name | Schema |
---|---|
id |
string |
attributes |
object |
displayName |
string |
icon_uri |
string |
name |
string |
ownerManagedAccess |
boolean |
scopes |
< ScopeRepresentation > array |
type |
string |
uris |
< string > array |
ResourceServerRepresentation
Name | Schema |
---|---|
allowRemoteResourceManagement |
boolean |
clientId |
string |
id |
string |
name |
string |
policies |
< PolicyRepresentation > array |
policyEnforcementMode |
enum (ENFORCING, PERMISSIVE, DISABLED) |
resources |
< ResourceRepresentation > array |
scopes |
< ScopeRepresentation > array |
RoleRepresentation
Name | Schema |
---|---|
clientRole |
boolean |
composite |
boolean |
composites |
|
containerId |
string |
description |
string |
id |
string |
name |
string |
RoleRepresentation-Composites
Name | Schema |
---|---|
client |
object |
realm |
< string > array |
RolesRepresentation
Name | Schema |
---|---|
client |
object |
realm |
< RoleRepresentation > array |
ScopeMappingRepresentation
Name | Schema |
---|---|
client |
string |
clientScope |
string |
roles |
< string > array |
self |
string |
ScopeRepresentation
Name | Schema |
---|---|
displayName |
string |
iconUri |
string |
id |
string |
name |
string |
policies |
< PolicyRepresentation > array |
resources |
< ResourceRepresentation > array |
ServerInfoRepresentation
Name | Schema |
---|---|
builtinProtocolMappers |
object |
clientImporters |
< object > array |
clientInstallations |
object |
componentTypes |
object |
enums |
object |
identityProviders |
< object > array |
memoryInfo |
|
passwordPolicies |
< PasswordPolicyTypeRepresentation > array |
profileInfo |
|
protocolMapperTypes |
object |
providers |
object |
socialProviders |
< object > array |
systemInfo |
|
themes |
object |
SpiInfoRepresentation
Name | Schema |
---|---|
internal |
boolean |
providers |
object |
SynchronizationResult
Name | Schema |
---|---|
added |
integer(int32) |
failed |
integer(int32) |
ignored |
boolean |
removed |
integer(int32) |
status |
string |
updated |
integer(int32) |
SystemInfoRepresentation
Name | Schema |
---|---|
fileEncoding |
string |
javaHome |
string |
javaRuntime |
string |
javaVendor |
string |
javaVersion |
string |
javaVm |
string |
javaVmVersion |
string |
osArchitecture |
string |
osName |
string |
osVersion |
string |
serverTime |
string |
uptime |
string |
uptimeMillis |
integer(int64) |
userDir |
string |
userLocale |
string |
userName |
string |
userTimezone |
string |
version |
string |
UserConsentRepresentation
Name | Schema |
---|---|
clientId |
string |
createdDate |
integer(int64) |
grantedClientScopes |
< string > array |
lastUpdatedDate |
integer(int64) |
UserFederationMapperRepresentation
Name | Schema |
---|---|
config |
object |
federationMapperType |
string |
federationProviderDisplayName |
string |
id |
string |
name |
string |
UserFederationProviderRepresentation
Name | Schema |
---|---|
changedSyncPeriod |
integer(int32) |
config |
object |
displayName |
string |
fullSyncPeriod |
integer(int32) |
id |
string |
lastSync |
integer(int32) |
priority |
integer(int32) |
providerName |
string |
UserRepresentation
Name | Schema |
---|---|
access |
object |
attributes |
object |
clientConsents |
< UserConsentRepresentation > array |
clientRoles |
object |
createdTimestamp |
integer(int64) |
credentials |
< CredentialRepresentation > array |
disableableCredentialTypes |
< string > array |
email |
string |
emailVerified |
boolean |
enabled |
boolean |
federatedIdentities |
< FederatedIdentityRepresentation > array |
federationLink |
string |
firstName |
string |
groups |
< string > array |
id |
string |
lastName |
string |
notBefore |
integer(int32) |
origin |
string |
realmRoles |
< string > array |
requiredActions |
< string > array |
self |
string |
serviceAccountClientId |
string |
username |
string |
UserSessionRepresentation
Name | Schema |
---|---|
clients |
object |
id |
string |
ipAddress |
string |
lastAccess |
integer(int64) |
start |
integer(int64) |
userId |
string |
username |
string |