Package org.keycloak.services.resources.admin

Class ClientResource

  • public class ClientResource
extends Object
    Base resource class for managing one particular client of a realm.
    Version:
    $Revision: 1 $
    Author:
    Bill Burke

    • Method Detail

      • update

        @PUT
@Consumes("application/json")
public javax.ws.rs.core.Response update​(ClientRepresentation rep)
        Update the client
        Parameters:
        rep -
        Returns:

      • getClient

        @GET
@Produces("application/json")
public ClientRepresentation getClient()
        Get representation of the client
        Returns:

      • getCertficateResource

        @Path("certificates/{attr}")
public ClientAttributeCertificateResource getCertficateResource​(@PathParam("attr")
                                                                String attributePrefix)
        Get representation of certificate resource
        Parameters:
        attributePrefix -
        Returns:

      • getInstallationProvider

        @GET
@Path("installation/providers/{providerId}")
public javax.ws.rs.core.Response getInstallationProvider​(@PathParam("providerId")
                                                         String providerId)

      • deleteClient

        @DELETE
public void deleteClient()
        Delete the client

      • regenerateSecret

        @Path("client-secret")
@POST
@Produces("application/json")
@Consumes("application/json")
public CredentialRepresentation regenerateSecret()
        Generate a new secret for the client
        Returns:

      • regenerateRegistrationAccessToken

        @Path("registration-access-token")
@POST
@Produces("application/json")
@Consumes("application/json")
public ClientRepresentation regenerateRegistrationAccessToken()
        Generate a new registration access token for the client
        Returns:

      • getClientSecret

        @Path("client-secret")
@GET
@Produces("application/json")
public CredentialRepresentation getClientSecret()
        Get the client secret
        Returns:

      • getScopeMappedResource

        @Path("scope-mappings")
public ScopeMappedResource getScopeMappedResource()
        Base path for managing the scope mappings for the client
        Returns:

      • getDefaultClientScopes

        @GET
@Produces("application/json")
@Path("default-client-scopes")
public Stream<ClientScopeRepresentation> getDefaultClientScopes()
        Get default client scopes. Only name and ids are returned.
        Returns:

      • addDefaultClientScope

        @PUT
@Path("default-client-scopes/{clientScopeId}")
public void addDefaultClientScope​(@PathParam("clientScopeId")
                                  String clientScopeId)

      • removeDefaultClientScope

        @DELETE
@Path("default-client-scopes/{clientScopeId}")
public void removeDefaultClientScope​(@PathParam("clientScopeId")
                                     String clientScopeId)

      • getOptionalClientScopes

        @GET
@Produces("application/json")
@Path("optional-client-scopes")
public Stream<ClientScopeRepresentation> getOptionalClientScopes()
        Get optional client scopes. Only name and ids are returned.
        Returns:

      • addOptionalClientScope

        @PUT
@Path("optional-client-scopes/{clientScopeId}")
public void addOptionalClientScope​(@PathParam("clientScopeId")
                                   String clientScopeId)

      • removeOptionalClientScope

        @DELETE
@Path("optional-client-scopes/{clientScopeId}")
public void removeOptionalClientScope​(@PathParam("clientScopeId")
                                      String clientScopeId)

      • getServiceAccountUser

        @Path("service-account-user")
@GET
@Produces("application/json")
public UserRepresentation getServiceAccountUser()
        Get a user dedicated to the service account
        Returns:

      • pushRevocation

        @Path("push-revocation")
@POST
@Produces("application/json")
public GlobalRequestResult pushRevocation()
        Push the client's revocation policy to its admin URL If the client has an admin URL, push revocation policy to it.

      • getApplicationSessionCount

        @Path("session-count")
@GET
@Produces("application/json")
public Map<String,​Long> getApplicationSessionCount()
        Get application session count Returns a number of user sessions associated with this client { "count": number }
        Returns:

      • getUserSessions

        @Path("user-sessions")
@GET
@Produces("application/json")
public Stream<UserSessionRepresentation> getUserSessions​(@QueryParam("first")
                                                         Integer firstResult,
                                                         @QueryParam("max")
                                                         Integer maxResults)
        Get user sessions for client Returns a list of user sessions associated with this client
        Parameters:
        firstResult - Paging offset
        maxResults - Maximum results size (defaults to 100)
        Returns:

      • getOfflineSessionCount

        @Path("offline-session-count")
@GET
@Produces("application/json")
public Map<String,​Long> getOfflineSessionCount()
        Get application offline session count Returns a number of offline user sessions associated with this client { "count": number }
        Returns:

      • getOfflineUserSessions

        @Path("offline-sessions")
@GET
@Produces("application/json")
public Stream<UserSessionRepresentation> getOfflineUserSessions​(@QueryParam("first")
                                                                Integer firstResult,
                                                                @QueryParam("max")
                                                                Integer maxResults)
        Get offline sessions for client Returns a list of offline user sessions associated with this client
        Parameters:
        firstResult - Paging offset
        maxResults - Maximum results size (defaults to 100)
        Returns:

      • registerNode

        @Path("nodes")
@POST
@Consumes("application/json")
public void registerNode​(Map<String,​String> formParams)
        Register a cluster node with the client Manually register cluster node to this client - usually it's not needed to call this directly as adapter should handle by sending registration request to Keycloak
        Parameters:
        formParams -

      • unregisterNode

        @Path("nodes/{node}")
@DELETE
public void unregisterNode​(@PathParam("node")
                           String node)
        Unregister a cluster node from the client
        Parameters:
        node -

      • testNodesAvailable

        @Path("test-nodes-available")
@GET
@Produces("application/json")
public GlobalRequestResult testNodesAvailable()
        Test if registered cluster nodes are available Tests availability by sending 'ping' request to all cluster nodes.
        Returns:

      • getManagementPermissions

        @Path("management/permissions")
@GET
@Produces("application/json")
public ManagementPermissionReference getManagementPermissions()
        Return object stating whether client Authorization permissions have been initialized or not and a reference
        Returns:

      • setManagementPermissionsEnabled

        @Path("management/permissions")
@PUT
@Produces("application/json")
@Consumes("application/json")
public ManagementPermissionReference setManagementPermissionsEnabled​(ManagementPermissionReference ref)
        Return object stating whether client Authorization permissions have been initialized or not and a reference
        Returns:
        initialized manage permissions reference

      • invalidateRotatedSecret

        @Path("client-secret/rotated")
@DELETE
@Produces("application/json")
@Consumes("application/json")
public javax.ws.rs.core.Response invalidateRotatedSecret()
        Invalidate the rotated secret for the client
        Returns:

      • getClientRotatedSecret

        @Path("client-secret/rotated")
@GET
@Produces("application/json")
public CredentialRepresentation getClientRotatedSecret()
        Get the rotated client secret
        Returns: