Overview
This is a REST API reference for the Keycloak Admin REST API.
Version information
Version: 1.0
Resources
Attack Detection
DELETE /admin/realms/{realm}/attack-detection/brute-force/users
Clear any user login failures for all users This can release temporary disabled users
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
DELETE /admin/realms/{realm}/attack-detection/brute-force/users/{userId}
Clear any user login failures for the user This can release temporary disabled user
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
userId |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/attack-detection/brute-force/users/{userId}
Get status of a username in brute force detection
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
userId |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
Map[<<>>] |
Authentication Management
GET /admin/realms/{realm}/authentication/authenticator-providers
Get authenticator providers Returns a stream of authenticator providers.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/authentication/client-authenticator-providers
Get client authenticator providers Returns a stream of client authenticator providers.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/authentication/config-description/{providerId}
Get authenticator provider’s configuration description
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
providerId |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/authentication/config/{id}
Delete authenticator configuration
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
Configuration id |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/authentication/config/{id}
Get authenticator configuration
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
Configuration id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/authentication/config/{id}
Update authenticator configuration
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
Configuration id |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
AuthenticatorConfigRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
POST /admin/realms/{realm}/authentication/config
Create new authenticator configuration
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
AuthenticatorConfigRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/authentication/executions/{executionId}/config/{id}
Get execution’s configuration
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
executionId |
Execution id |
null |
|
id |
Configuration id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
POST /admin/realms/{realm}/authentication/executions/{executionId}/config
Update execution with new configuration
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
executionId |
Execution id |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
AuthenticatorConfigRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
DELETE /admin/realms/{realm}/authentication/executions/{executionId}
Delete execution
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
executionId |
Execution id |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/authentication/executions/{executionId}
Get Single Execution
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
executionId |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
POST /admin/realms/{realm}/authentication/executions/{executionId}/lower-priority
Lower execution’s priority
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
executionId |
Execution id |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
201 |
Created |
<<>> |
POST /admin/realms/{realm}/authentication/executions/{executionId}/raise-priority
Raise execution’s priority
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
executionId |
Execution id |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
201 |
Created |
<<>> |
POST /admin/realms/{realm}/authentication/executions
Add new authentication execution
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
AuthenticationExecutionRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
POST /admin/realms/{realm}/authentication/flows/{flowAlias}/copy
Copy existing authentication flow under a new name The new name is given as 'newName' attribute of the passed JSON object
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
flowAlias |
name of the existing authentication flow |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
request_body |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
POST /admin/realms/{realm}/authentication/flows/{flowAlias}/executions/execution
Add new authentication execution to a flow
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
flowAlias |
Alias of parent flow |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
request_body |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
POST /admin/realms/{realm}/authentication/flows/{flowAlias}/executions/flow
Add new flow with new execution to existing flow
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
flowAlias |
Alias of parent authentication flow |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
request_body |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/authentication/flows/{flowAlias}/executions
Get authentication executions for a flow
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
flowAlias |
Flow alias |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
PUT /admin/realms/{realm}/authentication/flows/{flowAlias}/executions
Update authentication executions of a Flow
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
flowAlias |
Flow alias |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
AuthenticationExecutionInfoRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/authentication/flows
Get authentication flows Returns a stream of authentication flows.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/authentication/flows/{id}
Delete an authentication flow
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
Flow id |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/authentication/flows/{id}
Get authentication flow for id
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
Flow id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/authentication/flows/{id}
Update an authentication flow
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
AuthenticationFlowRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
POST /admin/realms/{realm}/authentication/flows
Create a new authentication flow
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
AuthenticationFlowRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/authentication/form-action-providers
Get form action providers Returns a stream of form action providers.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/authentication/form-providers
Get form providers Returns a stream of form providers.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/authentication/per-client-config-description
Get configuration descriptions for all clients
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
POST /admin/realms/{realm}/authentication/register-required-action
Register a new required actions
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
request_body |
Responses
| Code | Message | Datatype |
|---|---|---|
201 |
Created |
<<>> |
DELETE /admin/realms/{realm}/authentication/required-actions/{alias}
Delete required action
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
alias |
Alias of required action |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/authentication/required-actions/{alias}
Get required action for alias
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
alias |
Alias of required action |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
POST /admin/realms/{realm}/authentication/required-actions/{alias}/lower-priority
Lower required action’s priority
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
alias |
Alias of required action |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
201 |
Created |
<<>> |
PUT /admin/realms/{realm}/authentication/required-actions/{alias}
Update required action
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
alias |
Alias of required action |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
RequiredActionProviderRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
POST /admin/realms/{realm}/authentication/required-actions/{alias}/raise-priority
Raise required action’s priority
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
alias |
Alias of required action |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
201 |
Created |
<<>> |
GET /admin/realms/{realm}/authentication/required-actions
Get required actions Returns a stream of required actions.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/authentication/unregistered-required-actions
Get unregistered required actions Returns a stream of unregistered required actions.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
Client Attribute Certificate
POST /admin/realms/{realm}/clients/{id}/certificates/{attr}/download
Get a keystore file for the client, containing private key and public certificate
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
attr |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
KeyStoreConfig |
Content Type
-
application/octet-stream
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
POST /admin/realms/{realm}/clients/{id}/certificates/{attr}/generate-and-download
Generate a new keypair and certificate, and get the private key file Generates a keypair and certificate and serves the private key in a specified keystore format. Only generated public certificate is saved in Keycloak DB - the private key is not.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
attr |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
KeyStoreConfig |
Content Type
-
application/octet-stream
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
POST /admin/realms/{realm}/clients/{id}/certificates/{attr}/generate
Generate a new certificate with new key pair
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
attr |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/clients/{id}/certificates/{attr}
Get key info
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
attr |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
POST /admin/realms/{realm}/clients/{id}/certificates/{attr}/upload-certificate
Upload only certificate, not private key
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
attr |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
POST /admin/realms/{realm}/clients/{id}/certificates/{attr}/upload
Upload certificate and eventually private key
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
attr |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
Client Initial Access
GET /admin/realms/{realm}/clients-initial-access
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/clients-initial-access/{id}
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
POST /admin/realms/{realm}/clients-initial-access
Create a new initial access token.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
ClientInitialAccessCreatePresentation |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
Client Registration Policy
GET /admin/realms/{realm}/client-registration-policy/providers
Base path for retrieve providers with the configProperties properly filled
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
Client Role Mappings
GET /admin/realms/{realm}/groups/{id}/role-mappings/clients/{client}/available
Get available client-level roles that can be mapped to the user
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
client |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/groups/{id}/role-mappings/clients/{client}/composite
Get effective client-level role mappings This recurses any composite roles
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
client |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
briefRepresentation |
if false, return roles with their attributes |
true |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/groups/{id}/role-mappings/clients/{client}
Delete client-level roles from user role mapping
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
client |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
RoleRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/groups/{id}/role-mappings/clients/{client}
Get client-level role mappings for the user, and the app
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
client |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
POST /admin/realms/{realm}/groups/{id}/role-mappings/clients/{client}
Add client-level roles to the user role mapping
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
client |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
RoleRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
201 |
Created |
<<>> |
GET /admin/realms/{realm}/users/{id}/role-mappings/clients/{client}/available
Get available client-level roles that can be mapped to the user
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
client |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/users/{id}/role-mappings/clients/{client}/composite
Get effective client-level role mappings This recurses any composite roles
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
client |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
briefRepresentation |
if false, return roles with their attributes |
true |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/users/{id}/role-mappings/clients/{client}
Delete client-level roles from user role mapping
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
client |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
RoleRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/users/{id}/role-mappings/clients/{client}
Get client-level role mappings for the user, and the app
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
client |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
POST /admin/realms/{realm}/users/{id}/role-mappings/clients/{client}
Add client-level roles to the user role mapping
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
client |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
RoleRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
201 |
Created |
<<>> |
Client Scopes
GET /admin/realms/{realm}/client-scopes
Get client scopes belonging to the realm Returns a list of client scopes belonging to the realm
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/client-scopes/{id}
Delete the client scope
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/client-scopes/{id}
Get representation of the client scope
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/client-scopes/{id}
Update the client scope
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
ClientScopeRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
POST /admin/realms/{realm}/client-scopes
Create a new client scope Client Scope’s name must be unique!
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
ClientScopeRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/client-templates
Get client scopes belonging to the realm Returns a list of client scopes belonging to the realm
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/client-templates/{id}
Delete the client scope
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/client-templates/{id}
Get representation of the client scope
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/client-templates/{id}
Update the client scope
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
ClientScopeRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
POST /admin/realms/{realm}/client-templates
Create a new client scope Client Scope’s name must be unique!
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
ClientScopeRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
Clients
GET /admin/realms/{realm}/clients
Get clients belonging to the realm.
Description
If a client can’t be retrieved from the storage due to a problem with the underlying storage, it is silently removed from the returned list. This ensures that concurrent modifications to the list don’t prevent callers from retrieving this list.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
clientId |
filter by clientId |
null |
|
first |
the first result |
null |
|
max |
the max results to return |
null |
|
q |
null |
||
search |
whether this is a search query or a getClientById query |
false |
|
viewableOnly |
filter clients that cannot be viewed in full by admin |
false |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/clients/{id}/client-secret
Get the client secret
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
POST /admin/realms/{realm}/clients/{id}/client-secret
Generate a new secret for the client
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/clients/{id}/client-secret/rotated
Invalidate the rotated secret for the client
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/clients/{id}/client-secret/rotated
Get the rotated client secret
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/clients/{id}/default-client-scopes/{clientScopeId}
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
clientScopeId |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
PUT /admin/realms/{realm}/clients/{id}/default-client-scopes/{clientScopeId}
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
clientScopeId |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/clients/{id}/default-client-scopes
Get default client scopes. Only name and ids are returned.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/clients/{id}
Delete the client
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/clients/{id}/evaluate-scopes/generate-example-access-token
Create JSON with payload of example access token
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
scope |
null |
||
userId |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/clients/{id}/evaluate-scopes/generate-example-id-token
Create JSON with payload of example id token
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
scope |
null |
||
userId |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/clients/{id}/evaluate-scopes/generate-example-userinfo
Create JSON with payload of example user info
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
scope |
null |
||
userId |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
Map[<<>>] |
GET /admin/realms/{realm}/clients/{id}/evaluate-scopes/protocol-mappers
Return list of all protocol mappers, which will be used when generating tokens issued for particular client.
Description
This means protocol mappers assigned to this client directly and protocol mappers assigned to all client scopes of this client.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
scope |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/clients/{id}/evaluate-scopes/scope-mappings/{roleContainerId}/granted
Get effective scope mapping of all roles of particular role container, which this client is defacto allowed to have in the accessToken issued for him.
Description
This contains scope mappings, which this client has directly, as well as scope mappings, which are granted to all client scopes, which are linked with this client.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
roleContainerId |
either realm name OR client UUID |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
scope |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/clients/{id}/evaluate-scopes/scope-mappings/{roleContainerId}/not-granted
Get roles, which this client doesn’t have scope for and can’t have them in the accessToken issued for him.
Description
Defacto all the other roles of particular role container, which are not in {@link #getGrantedScopeMappings()}
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
roleContainerId |
either realm name OR client UUID |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
scope |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/clients/{id}
Get representation of the client
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/clients/{id}/installation/providers/{providerId}
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
providerId |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/clients/{id}/management/permissions
Return object stating whether client Authorization permissions have been initialized or not and a reference
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/clients/{id}/management/permissions
Return object stating whether client Authorization permissions have been initialized or not and a reference
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
ManagementPermissionReference |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/clients/{id}/nodes/{node}
Unregister a cluster node from the client
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
node |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
POST /admin/realms/{realm}/clients/{id}/nodes
Register a cluster node with the client Manually register cluster node to this client - usually it’s not needed to call this directly as adapter should handle by sending registration request to Keycloak
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
request_body |
Responses
| Code | Message | Datatype |
|---|---|---|
201 |
Created |
<<>> |
GET /admin/realms/{realm}/clients/{id}/offline-session-count
Get application offline session count Returns a number of offline user sessions associated with this client { \"count\": number }
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
Map[[long]] |
GET /admin/realms/{realm}/clients/{id}/offline-sessions
Get offline sessions for client Returns a list of offline user sessions associated with this client
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
first |
Paging offset |
null |
|
max |
Maximum results size (defaults to 100) |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/clients/{id}/optional-client-scopes/{clientScopeId}
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
clientScopeId |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
PUT /admin/realms/{realm}/clients/{id}/optional-client-scopes/{clientScopeId}
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
clientScopeId |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/clients/{id}/optional-client-scopes
Get optional client scopes. Only name and ids are returned.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
POST /admin/realms/{realm}/clients/{id}/push-revocation
Push the client’s revocation policy to its admin URL If the client has an admin URL, push revocation policy to it.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/clients/{id}
Update the client
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
ClientRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
POST /admin/realms/{realm}/clients/{id}/registration-access-token
Generate a new registration access token for the client
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/clients/{id}/service-account-user
Get a user dedicated to the service account
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/clients/{id}/session-count
Get application session count Returns a number of user sessions associated with this client { \"count\": number }
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
Map[[long]] |
GET /admin/realms/{realm}/clients/{id}/test-nodes-available
Test if registered cluster nodes are available Tests availability by sending 'ping' request to all cluster nodes.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/clients/{id}/user-sessions
Get user sessions for client Returns a list of user sessions associated with this client
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
first |
Paging offset |
null |
|
max |
Maximum results size (defaults to 100) |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
POST /admin/realms/{realm}/clients
Create a new client Client’s client_id must be unique!
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
ClientRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
Component
GET /admin/realms/{realm}/components
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
name |
null |
||
parent |
null |
||
type |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/components/{id}
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/components/{id}
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/components/{id}
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
ComponentRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/components/{id}/sub-component-types
List of subcomponent types that are available to configure for a particular parent component.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
type |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
POST /admin/realms/{realm}/components
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
ComponentRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
Groups
GET /admin/realms/{realm}/groups/count
Returns the groups counts.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
search |
null |
||
top |
false |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
Map[[long]] |
GET /admin/realms/{realm}/groups
Get group hierarchy. Only name and ids are returned.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
briefRepresentation |
true |
||
exact |
false |
||
first |
null |
||
max |
null |
||
populateHierarchy |
true |
||
q |
null |
||
search |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
POST /admin/realms/{realm}/groups/{id}/children
Set or create child.
Description
This will just set the parent if it exists. Create it and set the parent if the group doesn’t exist.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
GroupRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
DELETE /admin/realms/{realm}/groups/{id}
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/groups/{id}
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/groups/{id}/management/permissions
Return object stating whether client Authorization permissions have been initialized or not and a reference
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/groups/{id}/management/permissions
Return object stating whether client Authorization permissions have been initialized or not and a reference
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
ManagementPermissionReference |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/groups/{id}/members
Get users Returns a stream of users, filtered according to query parameters
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
briefRepresentation |
Only return basic information (only guaranteed to return id, username, created, first and last name, email, enabled state, email verification state, federation link, and access. Note that it means that namely user attributes, required actions, and not before are not returned.) |
null |
|
first |
Pagination offset |
null |
|
max |
Maximum results size (defaults to 100) |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/groups/{id}
Update group, ignores subgroups.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
GroupRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
POST /admin/realms/{realm}/groups
create or add a top level realm groupSet or create child.
Description
This will update the group and set the parent if it exists. Create it and set the parent if the group doesn’t exist.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
GroupRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
Identity Providers
POST /admin/realms/{realm}/identity-provider/import-config
Import identity provider from JSON body
Description
Import identity provider from uploaded JSON file
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
request_body |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
Map[[string]] |
DELETE /admin/realms/{realm}/identity-provider/instances/{alias}
Delete the identity provider
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
alias |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/identity-provider/instances/{alias}/export
Export public broker configuration for identity provider
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
alias |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
format |
Format to use |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/identity-provider/instances/{alias}
Get the identity provider
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
alias |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/identity-provider/instances/{alias}/management/permissions
Return object stating whether client Authorization permissions have been initialized or not and a reference
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
alias |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/identity-provider/instances/{alias}/management/permissions
Return object stating whether client Authorization permissions have been initialized or not and a reference
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
alias |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
ManagementPermissionReference |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/identity-provider/instances/{alias}/mapper-types
Get mapper types for identity provider
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
alias |
null |
Content Type
-
*/*
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/identity-provider/instances/{alias}/mappers
Get mappers for identity provider
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
alias |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/identity-provider/instances/{alias}/mappers/{id}
Delete a mapper for the identity provider
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
alias |
null |
||
id |
Mapper id |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/identity-provider/instances/{alias}/mappers/{id}
Get mapper by id for the identity provider
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
alias |
null |
||
id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/identity-provider/instances/{alias}/mappers/{id}
Update a mapper for the identity provider
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
alias |
null |
||
id |
Mapper id |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
IdentityProviderMapperRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
POST /admin/realms/{realm}/identity-provider/instances/{alias}/mappers
Add a mapper to identity provider
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
alias |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
IdentityProviderMapperRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
PUT /admin/realms/{realm}/identity-provider/instances/{alias}
Update the identity provider
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
alias |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
IdentityProviderRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/identity-provider/instances
Get identity providers
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
POST /admin/realms/{realm}/identity-provider/instances
Create a new identity provider
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
IdentityProviderRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/identity-provider/providers/{provider_id}
Get identity providers
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
provider_id |
Provider id |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
Key
GET /admin/realms/{realm}/keys
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
Protocol Mappers
POST /admin/realms/{realm}/client-scopes/{id}/protocol-mappers/add-models
Create multiple mappers
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
ProtocolMapperRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
201 |
Created |
<<>> |
GET /admin/realms/{realm}/client-scopes/{id}/protocol-mappers/models
Get mappers
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/client-scopes/{id}/protocol-mappers/models/{id}
Delete the mapper
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
Mapper id |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/client-scopes/{id}/protocol-mappers/models/{id}
Get mapper by id
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
Mapper id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/client-scopes/{id}/protocol-mappers/models/{id}
Update the mapper
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
Mapper id |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
ProtocolMapperRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
POST /admin/realms/{realm}/client-scopes/{id}/protocol-mappers/models
Create a mapper
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
ProtocolMapperRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/client-scopes/{id}/protocol-mappers/protocol/{protocol}
Get mappers by name for a specific protocol
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
protocol |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
POST /admin/realms/{realm}/client-templates/{id}/protocol-mappers/add-models
Create multiple mappers
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
ProtocolMapperRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
201 |
Created |
<<>> |
GET /admin/realms/{realm}/client-templates/{id}/protocol-mappers/models
Get mappers
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/client-templates/{id}/protocol-mappers/models/{id}
Delete the mapper
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
Mapper id |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/client-templates/{id}/protocol-mappers/models/{id}
Get mapper by id
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
Mapper id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/client-templates/{id}/protocol-mappers/models/{id}
Update the mapper
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
Mapper id |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
ProtocolMapperRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
POST /admin/realms/{realm}/client-templates/{id}/protocol-mappers/models
Create a mapper
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
ProtocolMapperRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/client-templates/{id}/protocol-mappers/protocol/{protocol}
Get mappers by name for a specific protocol
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
protocol |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
POST /admin/realms/{realm}/clients/{id}/protocol-mappers/add-models
Create multiple mappers
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
ProtocolMapperRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
201 |
Created |
<<>> |
GET /admin/realms/{realm}/clients/{id}/protocol-mappers/models
Get mappers
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/clients/{id}/protocol-mappers/models/{id}
Delete the mapper
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
Mapper id |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/clients/{id}/protocol-mappers/models/{id}
Get mapper by id
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
Mapper id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/clients/{id}/protocol-mappers/models/{id}
Update the mapper
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
Mapper id |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
ProtocolMapperRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
POST /admin/realms/{realm}/clients/{id}/protocol-mappers/models
Create a mapper
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
ProtocolMapperRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/clients/{id}/protocol-mappers/protocol/{protocol}
Get mappers by name for a specific protocol
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
protocol |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
Realms Admin
GET /admin/realms
Get accessible realms Returns a list of accessible realms. The list is filtered based on what realms the caller is allowed to view.
Parameters
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
briefRepresentation |
false |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
POST /admin/realms
Import a realm. Imports a realm from a full representation of that realm.
Description
Realm name must be unique.
Parameters
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
body |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
DELETE /admin/realms/{realm}/admin-events
Delete all admin events
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/admin-events
Get admin events Returns all admin events, or filters events based on URL query parameters listed here
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
authClient |
null |
||
authIpAddress |
null |
||
authRealm |
null |
||
authUser |
user id |
null |
|
dateFrom |
null |
||
dateTo |
null |
||
first |
null |
||
max |
Maximum results size (defaults to 100) |
null |
|
operationTypes |
null |
||
resourcePath |
null |
||
resourceTypes |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
POST /admin/realms/{realm}/client-description-converter
Base path for importing clients under this realm.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
body |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/client-policies/policies
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/client-policies/policies
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
ClientPoliciesRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/client-policies/profiles
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
include-global-profiles |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/client-policies/profiles
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
ClientProfilesRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/client-session-stats
Get client session stats Returns a JSON map.
Description
The key is the client id, the value is the number of sessions that currently are active with that client. Only clients that actually have a session associated with them will be in this map.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/credential-registrators
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/default-default-client-scopes/{clientScopeId}
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
clientScopeId |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
PUT /admin/realms/{realm}/default-default-client-scopes/{clientScopeId}
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
clientScopeId |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/default-default-client-scopes
Get realm default client scopes. Only name and ids are returned.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/default-groups
Get group hierarchy. Only name and ids are returned.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/default-groups/{groupId}
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
groupId |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
PUT /admin/realms/{realm}/default-groups/{groupId}
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
groupId |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
DELETE /admin/realms/{realm}/default-optional-client-scopes/{clientScopeId}
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
clientScopeId |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
PUT /admin/realms/{realm}/default-optional-client-scopes/{clientScopeId}
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
clientScopeId |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/default-optional-client-scopes
Get realm optional client scopes. Only name and ids are returned.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}
Delete the realm
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/events/config
Get the events provider configuration Returns JSON object with events provider configuration
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/events/config
Description
Update the events provider Change the events provider and/or its configuration
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
RealmEventsConfigRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
DELETE /admin/realms/{realm}/events
Delete all events
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/events
Get events Returns all events, or filters them based on URL query parameters listed here
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
client |
App or oauth client name |
null |
|
dateFrom |
From date |
null |
|
dateTo |
To date |
null |
|
first |
Paging offset |
null |
|
ipAddress |
IP Address |
null |
|
max |
Maximum results size (defaults to 100) |
null |
|
type |
The types of events to return [String] |
null |
|
user |
User id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}
Get the top-level representation of the realm It will not include nested information like User and Client representations.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/group-by-path/{path}
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
path |
null |
/.*/ |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/localization
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/localization/{locale}
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
locale |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/localization/{locale}
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
locale |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
useRealmDefaultLocaleFallback |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
Map[[string]] |
DELETE /admin/realms/{realm}/localization/{locale}/{key}
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
key |
null |
||
locale |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/localization/{locale}/{key}
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
key |
null |
||
locale |
null |
Content Type
-
text/plain
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/localization/{locale}/{key}
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
key |
null |
||
locale |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
body |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
POST /admin/realms/{realm}/localization/{locale}
Import localization from uploaded JSON file
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
locale |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
request_body |
Responses
| Code | Message | Datatype |
|---|---|---|
201 |
Created |
<<>> |
POST /admin/realms/{realm}/logout-all
Removes all user sessions.
Description
Any client that has an admin url will also be told to invalidate any sessions they have.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
POST /admin/realms/{realm}/partial-export
Partial export of existing realm into a JSON file.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
exportClients |
null |
||
exportGroupsAndRoles |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
POST /admin/realms/{realm}/partialImport
Partial import from a JSON file to an existing realm.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
body |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
POST /admin/realms/{realm}/push-revocation
Push the realm’s revocation policy to any client that has an admin url associated with it.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
PUT /admin/realms/{realm}
Update the top-level information of the realm Any user, roles or client information in the representation will be ignored.
Description
This will only update top-level attributes of the realm.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
RealmRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
DELETE /admin/realms/{realm}/sessions/{session}
Remove a specific user session.
Description
Any client that has an admin url will also be told to invalidate this particular session.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
session |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
POST /admin/realms/{realm}/testSMTPConnection
Test SMTP connection with current logged in user
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
request_body |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/users-management-permissions
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/users-management-permissions
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
ManagementPermissionReference |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
Role Mapper
GET /admin/realms/{realm}/groups/{id}/role-mappings
Get role mappings
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/groups/{id}/role-mappings/realm/available
Get realm-level roles that can be mapped
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/groups/{id}/role-mappings/realm/composite
Get effective realm-level role mappings This will recurse all composite roles to get the result.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
briefRepresentation |
if false, return roles with their attributes |
true |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/groups/{id}/role-mappings/realm
Delete realm-level role mappings
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
RoleRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/groups/{id}/role-mappings/realm
Get realm-level role mappings
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
POST /admin/realms/{realm}/groups/{id}/role-mappings/realm
Add realm-level role mappings to the user
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
RoleRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
201 |
Created |
<<>> |
GET /admin/realms/{realm}/users/{id}/role-mappings
Get role mappings
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/users/{id}/role-mappings/realm/available
Get realm-level roles that can be mapped
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/users/{id}/role-mappings/realm/composite
Get effective realm-level role mappings This will recurse all composite roles to get the result.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
briefRepresentation |
if false, return roles with their attributes |
true |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/users/{id}/role-mappings/realm
Delete realm-level role mappings
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
RoleRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/users/{id}/role-mappings/realm
Get realm-level role mappings
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
POST /admin/realms/{realm}/users/{id}/role-mappings/realm
Add realm-level role mappings to the user
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
RoleRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
201 |
Created |
<<>> |
Roles
GET /admin/realms/{realm}/clients/{id}/roles
Get all roles for the realm or client
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
briefRepresentation |
true |
||
first |
null |
||
max |
null |
||
search |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
POST /admin/realms/{realm}/clients/{id}/roles
Create a new role for the realm or client
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
RoleRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/clients/{id}/roles/{role-name}/composites/clients/{clientUuid}
Get client-level roles for the client that are in the role’s composite
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
clientUuid |
null |
||
role-name |
role's name (not id!) |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/clients/{id}/roles/{role-name}/composites
Remove roles from the role’s composite
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
role-name |
role's name (not id!) |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
RoleRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/clients/{id}/roles/{role-name}/composites
Get composites of the role
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
role-name |
role's name (not id!) |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
POST /admin/realms/{realm}/clients/{id}/roles/{role-name}/composites
Add a composite to the role
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
role-name |
role's name (not id!) |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
RoleRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
201 |
Created |
<<>> |
GET /admin/realms/{realm}/clients/{id}/roles/{role-name}/composites/realm
Get realm-level roles of the role’s composite
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
role-name |
role's name (not id!) |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/clients/{id}/roles/{role-name}
Delete a role by name
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
role-name |
role's name (not id!) |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/clients/{id}/roles/{role-name}
Get a role by name
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
role-name |
role's name (not id!) |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/clients/{id}/roles/{role-name}/groups
Returns a stream of groups that have the specified role name
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
role-name |
the role name. |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
briefRepresentation |
if false, return a full representation of the {@code GroupRepresentation} objects. |
true |
|
first |
first result to return. Ignored if negative or {@code null}. |
null |
|
max |
maximum number of results to return. Ignored if negative or {@code null}. |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/clients/{id}/roles/{role-name}/management/permissions
Return object stating whether role Authorization permissions have been initialized or not and a reference
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
role-name |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/clients/{id}/roles/{role-name}/management/permissions
Return object stating whether role Authorization permissions have been initialized or not and a reference
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
role-name |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
ManagementPermissionReference |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/clients/{id}/roles/{role-name}
Update a role by name
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
role-name |
role's name (not id!) |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
RoleRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/clients/{id}/roles/{role-name}/users
Returns a stream of users that have the specified role name.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
role-name |
the role name. |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
first |
first result to return. Ignored if negative or {@code null}. |
null |
|
max |
maximum number of results to return. Ignored if negative or {@code null}. |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/roles
Get all roles for the realm or client
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
briefRepresentation |
true |
||
first |
null |
||
max |
null |
||
search |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
POST /admin/realms/{realm}/roles
Create a new role for the realm or client
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
RoleRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/roles/{role-name}/composites/clients/{clientUuid}
Get client-level roles for the client that are in the role’s composite
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
clientUuid |
null |
||
role-name |
role's name (not id!) |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/roles/{role-name}/composites
Remove roles from the role’s composite
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
role-name |
role's name (not id!) |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
RoleRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/roles/{role-name}/composites
Get composites of the role
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
role-name |
role's name (not id!) |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
POST /admin/realms/{realm}/roles/{role-name}/composites
Add a composite to the role
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
role-name |
role's name (not id!) |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
RoleRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
201 |
Created |
<<>> |
GET /admin/realms/{realm}/roles/{role-name}/composites/realm
Get realm-level roles of the role’s composite
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
role-name |
role's name (not id!) |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/roles/{role-name}
Delete a role by name
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
role-name |
role's name (not id!) |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/roles/{role-name}
Get a role by name
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
role-name |
role's name (not id!) |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/roles/{role-name}/groups
Returns a stream of groups that have the specified role name
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
role-name |
the role name. |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
briefRepresentation |
if false, return a full representation of the {@code GroupRepresentation} objects. |
true |
|
first |
first result to return. Ignored if negative or {@code null}. |
null |
|
max |
maximum number of results to return. Ignored if negative or {@code null}. |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/roles/{role-name}/management/permissions
Return object stating whether role Authorization permissions have been initialized or not and a reference
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
role-name |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/roles/{role-name}/management/permissions
Return object stating whether role Authorization permissions have been initialized or not and a reference
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
role-name |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
ManagementPermissionReference |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/roles/{role-name}
Update a role by name
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
role-name |
role's name (not id!) |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
RoleRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/roles/{role-name}/users
Returns a stream of users that have the specified role name.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
role-name |
the role name. |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
first |
first result to return. Ignored if negative or {@code null}. |
null |
|
max |
maximum number of results to return. Ignored if negative or {@code null}. |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
Roles (by ID)
GET /admin/realms/{realm}/roles-by-id/{role-id}/composites/clients/{clientUuid}
Get client-level roles for the client that are in the role’s composite
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
clientUuid |
null |
||
role-id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/roles-by-id/{role-id}/composites
Remove a set of roles from the role’s composite
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
role-id |
Role id |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
RoleRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/roles-by-id/{role-id}/composites
Get role’s children Returns a set of role’s children provided the role is a composite.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
role-id |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
first |
null |
||
max |
null |
||
search |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
POST /admin/realms/{realm}/roles-by-id/{role-id}/composites
Make the role a composite role by associating some child roles
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
role-id |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
RoleRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
201 |
Created |
<<>> |
GET /admin/realms/{realm}/roles-by-id/{role-id}/composites/realm
Get realm-level roles that are in the role’s composite
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
role-id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/roles-by-id/{role-id}
Delete the role
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
role-id |
id of role |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/roles-by-id/{role-id}
Get a specific role’s representation
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
role-id |
id of role |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/roles-by-id/{role-id}/management/permissions
Return object stating whether role Authorization permissions have been initialized or not and a reference
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
role-id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/roles-by-id/{role-id}/management/permissions
Return object stating whether role Authorization permissions have been initialized or not and a reference
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
role-id |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
ManagementPermissionReference |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/roles-by-id/{role-id}
Update the role
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
role-id |
id of role |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
RoleRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
Scope Mappings
GET /admin/realms/{realm}/client-scopes/{id}/scope-mappings/clients/{client}/available
The available client-level roles Returns the roles for the client that can be associated with the client’s scope
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
client |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/client-scopes/{id}/scope-mappings/clients/{client}/composite
Get effective client roles Returns the roles for the client that are associated with the client’s scope.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
client |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
briefRepresentation |
if false, return roles with their attributes |
true |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/client-scopes/{id}/scope-mappings/clients/{client}
Remove client-level roles from the client’s scope.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
client |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
RoleRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/client-scopes/{id}/scope-mappings/clients/{client}
Get the roles associated with a client’s scope Returns roles for the client.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
client |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
POST /admin/realms/{realm}/client-scopes/{id}/scope-mappings/clients/{client}
Add client-level roles to the client’s scope
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
client |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
RoleRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
201 |
Created |
<<>> |
GET /admin/realms/{realm}/client-scopes/{id}/scope-mappings
Get all scope mappings for the client
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/client-scopes/{id}/scope-mappings/realm/available
Get realm-level roles that are available to attach to this client’s scope
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/client-scopes/{id}/scope-mappings/realm/composite
Get effective realm-level roles associated with the client’s scope What this does is recurse any composite roles associated with the client’s scope and adds the roles to this lists.
Description
The method is really to show a comprehensive total view of realm-level roles associated with the client.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
briefRepresentation |
if false, return roles with their attributes |
true |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/client-scopes/{id}/scope-mappings/realm
Remove a set of realm-level roles from the client’s scope
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
RoleRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/client-scopes/{id}/scope-mappings/realm
Get realm-level roles associated with the client’s scope
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
POST /admin/realms/{realm}/client-scopes/{id}/scope-mappings/realm
Add a set of realm-level roles to the client’s scope
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
RoleRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
201 |
Created |
<<>> |
GET /admin/realms/{realm}/client-templates/{id}/scope-mappings/clients/{client}/available
The available client-level roles Returns the roles for the client that can be associated with the client’s scope
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
client |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/client-templates/{id}/scope-mappings/clients/{client}/composite
Get effective client roles Returns the roles for the client that are associated with the client’s scope.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
client |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
briefRepresentation |
if false, return roles with their attributes |
true |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/client-templates/{id}/scope-mappings/clients/{client}
Remove client-level roles from the client’s scope.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
client |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
RoleRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/client-templates/{id}/scope-mappings/clients/{client}
Get the roles associated with a client’s scope Returns roles for the client.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
client |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
POST /admin/realms/{realm}/client-templates/{id}/scope-mappings/clients/{client}
Add client-level roles to the client’s scope
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
client |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
RoleRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
201 |
Created |
<<>> |
GET /admin/realms/{realm}/client-templates/{id}/scope-mappings
Get all scope mappings for the client
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/client-templates/{id}/scope-mappings/realm/available
Get realm-level roles that are available to attach to this client’s scope
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/client-templates/{id}/scope-mappings/realm/composite
Get effective realm-level roles associated with the client’s scope What this does is recurse any composite roles associated with the client’s scope and adds the roles to this lists.
Description
The method is really to show a comprehensive total view of realm-level roles associated with the client.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
briefRepresentation |
if false, return roles with their attributes |
true |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/client-templates/{id}/scope-mappings/realm
Remove a set of realm-level roles from the client’s scope
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
RoleRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/client-templates/{id}/scope-mappings/realm
Get realm-level roles associated with the client’s scope
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
POST /admin/realms/{realm}/client-templates/{id}/scope-mappings/realm
Add a set of realm-level roles to the client’s scope
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
RoleRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
201 |
Created |
<<>> |
GET /admin/realms/{realm}/clients/{id}/scope-mappings/clients/{client}/available
The available client-level roles Returns the roles for the client that can be associated with the client’s scope
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
client |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/clients/{id}/scope-mappings/clients/{client}/composite
Get effective client roles Returns the roles for the client that are associated with the client’s scope.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
client |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
briefRepresentation |
if false, return roles with their attributes |
true |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/clients/{id}/scope-mappings/clients/{client}
Remove client-level roles from the client’s scope.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
client |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
RoleRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/clients/{id}/scope-mappings/clients/{client}
Get the roles associated with a client’s scope Returns roles for the client.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
client |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
POST /admin/realms/{realm}/clients/{id}/scope-mappings/clients/{client}
Add client-level roles to the client’s scope
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
client |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
RoleRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
201 |
Created |
<<>> |
GET /admin/realms/{realm}/clients/{id}/scope-mappings
Get all scope mappings for the client
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/clients/{id}/scope-mappings/realm/available
Get realm-level roles that are available to attach to this client’s scope
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/clients/{id}/scope-mappings/realm/composite
Get effective realm-level roles associated with the client’s scope What this does is recurse any composite roles associated with the client’s scope and adds the roles to this lists.
Description
The method is really to show a comprehensive total view of realm-level roles associated with the client.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
briefRepresentation |
if false, return roles with their attributes |
true |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/clients/{id}/scope-mappings/realm
Remove a set of realm-level roles from the client’s scope
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
RoleRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/clients/{id}/scope-mappings/realm
Get realm-level roles associated with the client’s scope
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
POST /admin/realms/{realm}/clients/{id}/scope-mappings/realm
Add a set of realm-level roles to the client’s scope
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
RoleRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
201 |
Created |
<<>> |
Users
GET /admin/realms/{realm}/users/count
Returns the number of users that match the given criteria.
Description
It can be called in three different ways. 1. Don’t specify any criteria and pass {@code null}. The number of all users within that realm will be returned. <p> 2. If {@code search} is specified other criteria such as {@code last} will be ignored even though you set them. The {@code search} string will be matched against the first and last name, the username and the email of a user. <p> 3. If {@code search} is unspecified but any of {@code last}, {@code first}, {@code email} or {@code username} those criteria are matched against their respective fields on a user entity. Combined with a logical and.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
email |
email filter |
null |
|
emailVerified |
null |
||
enabled |
Boolean representing if user is enabled or not |
null |
|
firstName |
first name filter |
null |
|
lastName |
last name filter |
null |
|
q |
null |
||
search |
arbitrary search string for all the fields below. Default search behavior is prefix-based (e.g., foo or foo*). Use foo for infix search and "foo" for exact search. |
null |
|
username |
username filter |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/users
Get users Returns a stream of users, filtered according to query parameters.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
briefRepresentation |
Boolean which defines whether brief representations are returned (default: false) |
null |
|
email |
A String contained in email, or the complete email, if param "exact" is true |
null |
|
emailVerified |
whether the email has been verified |
null |
|
enabled |
Boolean representing if user is enabled or not |
null |
|
exact |
Boolean which defines whether the params "last", "first", "email" and "username" must match exactly |
null |
|
first |
Pagination offset |
null |
|
firstName |
A String contained in firstName, or the complete firstName, if param "exact" is true |
null |
|
idpAlias |
The alias of an Identity Provider linked to the user |
null |
|
idpUserId |
The userId at an Identity Provider linked to the user |
null |
|
lastName |
A String contained in lastName, or the complete lastName, if param "exact" is true |
null |
|
max |
Maximum results size (defaults to 100) |
null |
|
q |
A query to search for custom attributes, in the format 'key1:value2 key2:value2' |
null |
|
search |
A String contained in username, first or last name, or email. Default search behavior is prefix-based (e.g., foo or foo*). Use foo for infix search and "foo" for exact search. |
null |
|
username |
A String contained in username, or the complete username, if param "exact" is true |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/users/{id}/configured-user-storage-credential-types
Return credential types, which are provided by the user storage where user is stored.
Description
Returned values can contain for example \"password\", \"otp\" etc. This will always return empty list for \"local\" users, which are not backed by any user storage
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/users/{id}/consents/{client}
Revoke consent and offline tokens for particular client from user
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
client |
Client id |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/users/{id}/consents
Get consents granted by the user
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/users/{id}/credentials/{credentialId}
Remove a credential for a user
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
credentialId |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
POST /admin/realms/{realm}/users/{id}/credentials/{credentialId}/moveAfter/{newPreviousCredentialId}
Move a credential to a position behind another credential
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
credentialId |
The credential to move |
null |
|
newPreviousCredentialId |
The credential that will be the previous element in the list. If set to null, the moved credential will be the first element in the list. |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
201 |
Created |
<<>> |
POST /admin/realms/{realm}/users/{id}/credentials/{credentialId}/moveToFirst
Move a credential to a first position in the credentials list of the user
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
credentialId |
The credential to move |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
201 |
Created |
<<>> |
PUT /admin/realms/{realm}/users/{id}/credentials/{credentialId}/userLabel
Update a credential label for a user
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
credentialId |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
body |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/users/{id}/credentials
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/users/{id}
Delete the user
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
PUT /admin/realms/{realm}/users/{id}/disable-credential-types
Disable all credentials for a user of a specific type
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
string |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
PUT /admin/realms/{realm}/users/{id}/execute-actions-email
Send an email to the user with a link they can click to execute particular actions.
Description
An email contains a link the user can click to perform a set of required actions. The redirectUri and clientId parameters are optional. If no redirect is given, then there will be no link back to click after actions have completed. Redirect uri must be a valid uri for the particular clientId.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
string |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
client_id |
Client id |
null |
|
lifespan |
Number of seconds after which the generated token expires |
null |
|
redirect_uri |
Redirect uri |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/users/{id}/federated-identity
Get social logins associated with the user
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/users/{id}/federated-identity/{provider}
Remove a social login provider from user
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
provider |
Social login provider id |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
POST /admin/realms/{realm}/users/{id}/federated-identity/{provider}
Add a social login provider to the user
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
provider |
Social login provider id |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/users/{id}
Get representation of the user
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
userProfileMetadata |
Indicates if the user profile metadata should be added to the response |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/users/{id}/groups/count
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
search |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
Map[[long]] |
GET /admin/realms/{realm}/users/{id}/groups
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
briefRepresentation |
true |
||
first |
null |
||
max |
null |
||
search |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/users/{id}/groups/{groupId}
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
groupId |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
PUT /admin/realms/{realm}/users/{id}/groups/{groupId}
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
groupId |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
POST /admin/realms/{realm}/users/{id}/impersonation
Impersonate the user
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
Map[<<>>] |
POST /admin/realms/{realm}/users/{id}/logout
Remove all user sessions associated with the user Also send notification to all clients that have an admin URL to invalidate the sessions for the particular user.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
201 |
Created |
<<>> |
GET /admin/realms/{realm}/users/{id}/offline-sessions/{clientUuid}
Get offline sessions associated with the user and client
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
||
clientUuid |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/users/{id}
Update the user
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
UserRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
PUT /admin/realms/{realm}/users/{id}/reset-password-email
Send an email to the user with a link they can click to reset their password.
Description
The redirectUri and clientId parameters are optional. The default for the redirect is the account client. This endpoint has been deprecated. Please use the execute-actions-email passing a list with UPDATE_PASSWORD within it.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
client_id |
client id |
null |
|
redirect_uri |
redirect uri |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
PUT /admin/realms/{realm}/users/{id}/reset-password
Set up a new password for the user.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
CredentialRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
204 |
No Content |
<<>> |
PUT /admin/realms/{realm}/users/{id}/send-verify-email
Send an email-verification email to the user An email contains a link the user can click to verify their email address.
Description
The redirectUri and clientId parameters are optional. The default for the redirect is the account client.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Query Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
client_id |
Client id |
null |
|
redirect_uri |
Redirect uri |
null |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/users/{id}/sessions
Get sessions associated with the user
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
POST /admin/realms/{realm}/users
Create a new user Username must be unique.
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
UserRepresentation |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/users/profile
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
GET /admin/realms/{realm}/users/profile/metadata
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/users/profile
Parameters
Path Parameters
| Name | Description | Default | Pattern |
|---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
| Name | Description | Default | Pattern |
|---|---|---|---|
body |
Responses
| Code | Message | Datatype |
|---|---|---|
200 |
OK |
<<>> |
Definitions
Access
| Name | Type | Format |
|---|---|---|
roles |
Set of [string] |
|
verify_caller |
Boolean |
AccessToken
| Name | Type | Format |
|---|---|---|
jti |
String |
|
exp |
Long |
int64 |
nbf |
Long |
int64 |
iat |
Long |
int64 |
iss |
String |
|
sub |
String |
|
typ |
String |
|
azp |
String |
|
otherClaims |
Map of [object] |
|
nonce |
String |
|
auth_time |
Long |
int64 |
session_state |
String |
|
at_hash |
String |
|
c_hash |
String |
|
name |
String |
|
given_name |
String |
|
family_name |
String |
|
middle_name |
String |
|
nickname |
String |
|
preferred_username |
String |
|
profile |
String |
|
picture |
String |
|
website |
String |
|
email |
String |
|
email_verified |
Boolean |
|
gender |
String |
|
birthdate |
String |
|
zoneinfo |
String |
|
locale |
String |
|
phone_number |
String |
|
phone_number_verified |
Boolean |
|
address |
AddressClaimSet |
|
updated_at |
Long |
int64 |
claims_locales |
String |
|
acr |
String |
|
s_hash |
String |
|
authTime |
Integer |
int32 |
sid |
String |
|
trusted-certs |
Set of [string] |
|
allowed-origins |
Set of [string] |
|
realm_access |
Access |
|
resource_access |
Map of Access |
|
authorization |
Authorization |
|
cnf |
CertConf |
|
scope |
String |
AddressClaimSet
| Name | Type | Format |
|---|---|---|
formatted |
String |
|
street_address |
String |
|
locality |
String |
|
region |
String |
|
postal_code |
String |
|
country |
String |
ApplicationRepresentation
| Name | Type | Format |
|---|---|---|
id |
String |
|
clientId |
String |
|
description |
String |
|
rootUrl |
String |
|
adminUrl |
String |
|
baseUrl |
String |
|
surrogateAuthRequired |
Boolean |
|
enabled |
Boolean |
|
alwaysDisplayInConsole |
Boolean |
|
clientAuthenticatorType |
String |
|
secret |
String |
|
registrationAccessToken |
String |
|
defaultRoles |
List of [string] |
|
redirectUris |
List of [string] |
|
webOrigins |
List of [string] |
|
notBefore |
Integer |
int32 |
bearerOnly |
Boolean |
|
consentRequired |
Boolean |
|
standardFlowEnabled |
Boolean |
|
implicitFlowEnabled |
Boolean |
|
directAccessGrantsEnabled |
Boolean |
|
serviceAccountsEnabled |
Boolean |
|
oauth2DeviceAuthorizationGrantEnabled |
Boolean |
|
authorizationServicesEnabled |
Boolean |
|
directGrantsOnly |
Boolean |
|
publicClient |
Boolean |
|
frontchannelLogout |
Boolean |
|
protocol |
String |
|
attributes |
Map of [string] |
|
authenticationFlowBindingOverrides |
Map of [string] |
|
fullScopeAllowed |
Boolean |
|
nodeReRegistrationTimeout |
Integer |
int32 |
registeredNodes |
Map of [integer] |
int32 |
protocolMappers |
List of ProtocolMapperRepresentation |
|
clientTemplate |
String |
|
useTemplateConfig |
Boolean |
|
useTemplateScope |
Boolean |
|
useTemplateMappers |
Boolean |
|
defaultClientScopes |
List of [string] |
|
optionalClientScopes |
List of [string] |
|
authorizationSettings |
ResourceServerRepresentation |
|
access |
Map of [boolean] |
|
origin |
String |
|
name |
String |
|
claims |
ApplicationRepresentation_claims |
ApplicationRepresentationClaims
| Name | Type | Format |
|---|---|---|
name |
Boolean |
|
username |
Boolean |
|
profile |
Boolean |
|
picture |
Boolean |
|
website |
Boolean |
|
email |
Boolean |
|
gender |
Boolean |
|
locale |
Boolean |
|
address |
Boolean |
|
phone |
Boolean |
AuthenticationExecutionExportRepresentation
| Name | Type | Format |
|---|---|---|
authenticatorConfig |
String |
|
authenticator |
String |
|
authenticatorFlow |
Boolean |
|
requirement |
String |
|
priority |
Integer |
int32 |
autheticatorFlow |
Boolean |
|
flowAlias |
String |
|
userSetupAllowed |
Boolean |
AuthenticationExecutionInfoRepresentation
| Name | Type | Format |
|---|---|---|
id |
String |
|
requirement |
String |
|
displayName |
String |
|
alias |
String |
|
description |
String |
|
requirementChoices |
List of [string] |
|
configurable |
Boolean |
|
authenticationFlow |
Boolean |
|
providerId |
String |
|
authenticationConfig |
String |
|
flowId |
String |
|
level |
Integer |
int32 |
index |
Integer |
int32 |
AuthenticationExecutionRepresentation
| Name | Type | Format |
|---|---|---|
authenticatorConfig |
String |
|
authenticator |
String |
|
authenticatorFlow |
Boolean |
|
requirement |
String |
|
priority |
Integer |
int32 |
autheticatorFlow |
Boolean |
|
id |
String |
|
flowId |
String |
|
parentFlow |
String |
AuthenticationFlowRepresentation
| Name | Type | Format |
|---|---|---|
id |
String |
|
alias |
String |
|
description |
String |
|
providerId |
String |
|
topLevel |
Boolean |
|
builtIn |
Boolean |
|
authenticationExecutions |
AuthenticatorConfigInfoRepresentation
| Name | Type | Format |
|---|---|---|
name |
String |
|
providerId |
String |
|
helpText |
String |
|
properties |
List of ConfigPropertyRepresentation |
AuthenticatorConfigRepresentation
| Name | Type | Format |
|---|---|---|
id |
String |
|
alias |
String |
|
config |
Map of [string] |
Authorization
| Name | Type | Format |
|---|---|---|
permissions |
List of Permission |
CertConf
| Name | Type | Format |
|---|---|---|
x5t#S256 |
String |
CertificateRepresentation
| Name | Type | Format |
|---|---|---|
privateKey |
String |
|
publicKey |
String |
|
certificate |
String |
|
kid |
String |
ClaimRepresentation
| Name | Type | Format |
|---|---|---|
name |
Boolean |
|
username |
Boolean |
|
profile |
Boolean |
|
picture |
Boolean |
|
website |
Boolean |
|
email |
Boolean |
|
gender |
Boolean |
|
locale |
Boolean |
|
address |
Boolean |
|
phone |
Boolean |
ClientInitialAccessCreatePresentation
| Name | Type | Format |
|---|---|---|
expiration |
Integer |
int32 |
count |
Integer |
int32 |
ClientInitialAccessPresentation
| Name | Type | Format |
|---|---|---|
id |
String |
|
token |
String |
|
timestamp |
Integer |
int32 |
expiration |
Integer |
int32 |
count |
Integer |
int32 |
remainingCount |
Integer |
int32 |
ClientMappingsRepresentation
| Name | Type | Format |
|---|---|---|
id |
String |
|
client |
String |
|
mappings |
List of RoleRepresentation |
ClientPoliciesRepresentation
| Name | Type | Format |
|---|---|---|
policies |
List of ClientPolicyRepresentation |
ClientPolicyConditionRepresentation
| Name | Type | Format |
|---|---|---|
condition |
String |
|
configuration |
List |
ClientPolicyExecutorRepresentation
| Name | Type | Format |
|---|---|---|
executor |
String |
|
configuration |
List |
ClientPolicyRepresentation
| Name | Type | Format |
|---|---|---|
name |
String |
|
description |
String |
|
enabled |
Boolean |
|
conditions |
||
profiles |
List of [string] |
ClientProfileRepresentation
| Name | Type | Format |
|---|---|---|
name |
String |
|
description |
String |
|
executors |
ClientProfilesRepresentation
| Name | Type | Format |
|---|---|---|
profiles |
List of ClientProfileRepresentation |
|
globalProfiles |
List of ClientProfileRepresentation |
ClientRepresentation
| Name | Type | Format |
|---|---|---|
id |
String |
|
clientId |
String |
|
name |
String |
|
description |
String |
|
rootUrl |
String |
|
adminUrl |
String |
|
baseUrl |
String |
|
surrogateAuthRequired |
Boolean |
|
enabled |
Boolean |
|
alwaysDisplayInConsole |
Boolean |
|
clientAuthenticatorType |
String |
|
secret |
String |
|
registrationAccessToken |
String |
|
defaultRoles |
List of [string] |
|
redirectUris |
List of [string] |
|
webOrigins |
List of [string] |
|
notBefore |
Integer |
int32 |
bearerOnly |
Boolean |
|
consentRequired |
Boolean |
|
standardFlowEnabled |
Boolean |
|
implicitFlowEnabled |
Boolean |
|
directAccessGrantsEnabled |
Boolean |
|
serviceAccountsEnabled |
Boolean |
|
oauth2DeviceAuthorizationGrantEnabled |
Boolean |
|
authorizationServicesEnabled |
Boolean |
|
directGrantsOnly |
Boolean |
|
publicClient |
Boolean |
|
frontchannelLogout |
Boolean |
|
protocol |
String |
|
attributes |
Map of [string] |
|
authenticationFlowBindingOverrides |
Map of [string] |
|
fullScopeAllowed |
Boolean |
|
nodeReRegistrationTimeout |
Integer |
int32 |
registeredNodes |
Map of [integer] |
int32 |
protocolMappers |
List of ProtocolMapperRepresentation |
|
clientTemplate |
String |
|
useTemplateConfig |
Boolean |
|
useTemplateScope |
Boolean |
|
useTemplateMappers |
Boolean |
|
defaultClientScopes |
List of [string] |
|
optionalClientScopes |
List of [string] |
|
authorizationSettings |
ResourceServerRepresentation |
|
access |
Map of [boolean] |
|
origin |
String |
ClientScopeRepresentation
| Name | Type | Format |
|---|---|---|
id |
String |
|
name |
String |
|
description |
String |
|
protocol |
String |
|
attributes |
Map of [string] |
|
protocolMappers |
List of ProtocolMapperRepresentation |
ClientTemplateRepresentation
| Name | Type | Format |
|---|---|---|
id |
String |
|
name |
String |
|
description |
String |
|
protocol |
String |
|
fullScopeAllowed |
Boolean |
|
bearerOnly |
Boolean |
|
consentRequired |
Boolean |
|
standardFlowEnabled |
Boolean |
|
implicitFlowEnabled |
Boolean |
|
directAccessGrantsEnabled |
Boolean |
|
serviceAccountsEnabled |
Boolean |
|
publicClient |
Boolean |
|
frontchannelLogout |
Boolean |
|
attributes |
Map of [string] |
|
protocolMappers |
List of ProtocolMapperRepresentation |
ComponentExportRepresentation
| Name | Type | Format |
|---|---|---|
id |
String |
|
name |
String |
|
providerId |
String |
|
subType |
String |
|
subComponents |
Map of [array] |
|
config |
Map of [array] |
ComponentRepresentation
| Name | Type | Format |
|---|---|---|
id |
String |
|
name |
String |
|
providerId |
String |
|
providerType |
String |
|
parentId |
String |
|
subType |
String |
|
config |
Map of [array] |
Composites
| Name | Type | Format |
|---|---|---|
realm |
Set of [string] |
|
client |
Map of [array] |
|
application |
Map of [array] |
ConfigPropertyRepresentation
| Name | Type | Format |
|---|---|---|
name |
String |
|
label |
String |
|
helpText |
String |
|
type |
String |
|
defaultValue |
Object |
|
options |
List of [string] |
|
secret |
Boolean |
|
readOnly |
Boolean |
CredentialRepresentation
| Name | Type | Format |
|---|---|---|
id |
String |
|
type |
String |
|
userLabel |
String |
|
createdDate |
Long |
int64 |
secretData |
String |
|
credentialData |
String |
|
priority |
Integer |
int32 |
value |
String |
|
temporary |
Boolean |
|
device |
String |
|
hashedSaltedValue |
String |
|
salt |
String |
|
hashIterations |
Integer |
int32 |
counter |
Integer |
int32 |
algorithm |
String |
|
digits |
Integer |
int32 |
period |
Integer |
int32 |
config |
Map |
DecisionStrategy
| Name | Type | Format |
|---|
EnforcementMode
| Name | Type | Format |
|---|
FederatedIdentityRepresentation
| Name | Type | Format |
|---|---|---|
identityProvider |
String |
|
userId |
String |
|
userName |
String |
GlobalRequestResult
| Name | Type | Format |
|---|---|---|
successRequests |
List of [string] |
|
failedRequests |
List of [string] |
GroupRepresentation
| Name | Type | Format |
|---|---|---|
id |
String |
|
name |
String |
|
path |
String |
|
attributes |
Map of [array] |
|
realmRoles |
List of [string] |
|
clientRoles |
Map of [array] |
|
subGroups |
List of GroupRepresentation |
|
access |
Map of [boolean] |
IDToken
| Name | Type | Format |
|---|---|---|
jti |
String |
|
exp |
Long |
int64 |
nbf |
Long |
int64 |
iat |
Long |
int64 |
iss |
String |
|
sub |
String |
|
typ |
String |
|
azp |
String |
|
otherClaims |
Map of [object] |
|
nonce |
String |
|
auth_time |
Long |
int64 |
session_state |
String |
|
at_hash |
String |
|
c_hash |
String |
|
name |
String |
|
given_name |
String |
|
family_name |
String |
|
middle_name |
String |
|
nickname |
String |
|
preferred_username |
String |
|
profile |
String |
|
picture |
String |
|
website |
String |
|
email |
String |
|
email_verified |
Boolean |
|
gender |
String |
|
birthdate |
String |
|
zoneinfo |
String |
|
locale |
String |
|
phone_number |
String |
|
phone_number_verified |
Boolean |
|
address |
AddressClaimSet |
|
updated_at |
Long |
int64 |
claims_locales |
String |
|
acr |
String |
|
s_hash |
String |
|
authTime |
Integer |
int32 |
sid |
String |
IdentityProviderMapperRepresentation
| Name | Type | Format |
|---|---|---|
id |
String |
|
name |
String |
|
identityProviderAlias |
String |
|
identityProviderMapper |
String |
|
config |
Map of [string] |
IdentityProviderMapperTypeRepresentation
| Name | Type | Format |
|---|---|---|
id |
String |
|
name |
String |
|
category |
String |
|
helpText |
String |
|
properties |
List of ConfigPropertyRepresentation |
IdentityProviderRepresentation
| Name | Type | Format |
|---|---|---|
alias |
String |
|
displayName |
String |
|
internalId |
String |
|
providerId |
String |
|
enabled |
Boolean |
|
updateProfileFirstLoginMode |
String |
|
trustEmail |
Boolean |
|
storeToken |
Boolean |
|
addReadTokenRoleOnCreate |
Boolean |
|
authenticateByDefault |
Boolean |
|
linkOnly |
Boolean |
|
firstBrokerLoginFlowAlias |
String |
|
postBrokerLoginFlowAlias |
String |
|
config |
Map of [string] |
|
updateProfileFirstLogin |
Boolean |
InstallationAdapterConfig
| Name | Type | Format |
|---|---|---|
realm |
String |
|
realm-public-key |
String |
|
auth-server-url |
String |
|
ssl-required |
String |
|
bearer-only |
Boolean |
|
resource |
String |
|
public-client |
Boolean |
|
verify-token-audience |
Boolean |
|
credentials |
Map of [object] |
|
use-resource-role-mappings |
Boolean |
|
confidential-port |
Integer |
int32 |
policy-enforcer |
PolicyEnforcerConfig |
KeyMetadataRepresentation
| Name | Type | Format |
|---|---|---|
providerId |
String |
|
providerPriority |
Long |
int64 |
kid |
String |
|
status |
String |
|
type |
String |
|
algorithm |
String |
|
publicKey |
String |
|
certificate |
String |
|
use |
KeyUse |
KeyStoreConfig
| Name | Type | Format |
|---|---|---|
realmCertificate |
Boolean |
|
storePassword |
String |
|
keyPassword |
String |
|
keyAlias |
String |
|
realmAlias |
String |
|
format |
String |
KeyUse
| Name | Type | Format |
|---|
KeysMetadataRepresentation
| Name | Type | Format |
|---|---|---|
active |
Map of [string] |
|
keys |
List of KeyMetadataRepresentation |
Logic
| Name | Type | Format |
|---|
ManagementPermissionReference
| Name | Type | Format |
|---|---|---|
enabled |
Boolean |
|
resource |
String |
|
scopePermissions |
Map of [string] |
MappingsRepresentation
| Name | Type | Format |
|---|---|---|
realmMappings |
List of RoleRepresentation |
|
clientMappings |
Map of ClientMappingsRepresentation |
MethodConfig
| Name | Type | Format |
|---|---|---|
method |
String |
|
scopes |
List of [string] |
|
scopes-enforcement-mode |
ScopeEnforcementMode |
OAuthClientRepresentation
| Name | Type | Format |
|---|---|---|
id |
String |
|
clientId |
String |
|
description |
String |
|
rootUrl |
String |
|
adminUrl |
String |
|
baseUrl |
String |
|
surrogateAuthRequired |
Boolean |
|
enabled |
Boolean |
|
alwaysDisplayInConsole |
Boolean |
|
clientAuthenticatorType |
String |
|
secret |
String |
|
registrationAccessToken |
String |
|
defaultRoles |
List of [string] |
|
redirectUris |
List of [string] |
|
webOrigins |
List of [string] |
|
notBefore |
Integer |
int32 |
bearerOnly |
Boolean |
|
consentRequired |
Boolean |
|
standardFlowEnabled |
Boolean |
|
implicitFlowEnabled |
Boolean |
|
directAccessGrantsEnabled |
Boolean |
|
serviceAccountsEnabled |
Boolean |
|
oauth2DeviceAuthorizationGrantEnabled |
Boolean |
|
authorizationServicesEnabled |
Boolean |
|
directGrantsOnly |
Boolean |
|
publicClient |
Boolean |
|
frontchannelLogout |
Boolean |
|
protocol |
String |
|
attributes |
Map of [string] |
|
authenticationFlowBindingOverrides |
Map of [string] |
|
fullScopeAllowed |
Boolean |
|
nodeReRegistrationTimeout |
Integer |
int32 |
registeredNodes |
Map of [integer] |
int32 |
protocolMappers |
List of ProtocolMapperRepresentation |
|
clientTemplate |
String |
|
useTemplateConfig |
Boolean |
|
useTemplateScope |
Boolean |
|
useTemplateMappers |
Boolean |
|
defaultClientScopes |
List of [string] |
|
optionalClientScopes |
List of [string] |
|
authorizationSettings |
ResourceServerRepresentation |
|
access |
Map of [boolean] |
|
origin |
String |
|
name |
String |
|
claims |
ApplicationRepresentation_claims |
PathCacheConfig
| Name | Type | Format |
|---|---|---|
max-entries |
Integer |
int32 |
lifespan |
Long |
int64 |
PathConfig
| Name | Type | Format |
|---|---|---|
name |
String |
|
type |
String |
|
path |
String |
|
methods |
List of MethodConfig |
|
scopes |
List of [string] |
|
id |
String |
|
enforcement-mode |
EnforcementMode |
|
claim-information-point |
Map of [map] |
|
invalidated |
Boolean |
|
staticPath |
Boolean |
|
static |
Boolean |
Permission
| Name | Type | Format |
|---|---|---|
rsid |
String |
|
rsname |
String |
|
scopes |
Set of [string] |
|
claims |
Map of [set] |
PolicyEnforcementMode
| Name | Type | Format |
|---|
PolicyEnforcerConfig
| Name | Type | Format |
|---|---|---|
enforcement-mode |
EnforcementMode |
|
paths |
List of PathConfig |
|
path-cache |
PathCacheConfig |
|
lazy-load-paths |
Boolean |
|
on-deny-redirect-to |
String |
|
user-managed-access |
Object |
|
claim-information-point |
Map of [map] |
|
http-method-as-scope |
Boolean |
|
realm |
String |
|
auth-server-url |
String |
|
credentials |
Map of [object] |
|
resource |
String |
PolicyRepresentation
| Name | Type | Format |
|---|---|---|
id |
String |
|
name |
String |
|
description |
String |
|
type |
String |
|
policies |
Set of [string] |
|
resources |
Set of [string] |
|
scopes |
Set of [string] |
|
logic |
Logic |
|
decisionStrategy |
DecisionStrategy |
|
owner |
String |
|
resourcesData |
Set of ResourceRepresentation |
|
scopesData |
Set of ScopeRepresentation |
|
config |
Map of [string] |
ProtocolMapperRepresentation
| Name | Type | Format |
|---|---|---|
id |
String |
|
name |
String |
|
protocol |
String |
|
protocolMapper |
String |
|
consentRequired |
Boolean |
|
consentText |
String |
|
config |
Map of [string] |
PublishedRealmRepresentation
| Name | Type | Format |
|---|---|---|
realm |
String |
|
public_key |
String |
|
token-service |
String |
|
account-service |
String |
|
tokens-not-before |
Integer |
int32 |
RealmEventsConfigRepresentation
| Name | Type | Format |
|---|---|---|
eventsEnabled |
Boolean |
|
eventsExpiration |
Long |
int64 |
eventsListeners |
List of [string] |
|
enabledEventTypes |
List of [string] |
|
adminEventsEnabled |
Boolean |
|
adminEventsDetailsEnabled |
Boolean |
RealmRepresentation
| Name | Type | Format |
|---|---|---|
id |
String |
|
realm |
String |
|
displayName |
String |
|
displayNameHtml |
String |
|
notBefore |
Integer |
int32 |
defaultSignatureAlgorithm |
String |
|
revokeRefreshToken |
Boolean |
|
refreshTokenMaxReuse |
Integer |
int32 |
accessTokenLifespan |
Integer |
int32 |
accessTokenLifespanForImplicitFlow |
Integer |
int32 |
ssoSessionIdleTimeout |
Integer |
int32 |
ssoSessionMaxLifespan |
Integer |
int32 |
ssoSessionIdleTimeoutRememberMe |
Integer |
int32 |
ssoSessionMaxLifespanRememberMe |
Integer |
int32 |
offlineSessionIdleTimeout |
Integer |
int32 |
offlineSessionMaxLifespanEnabled |
Boolean |
|
offlineSessionMaxLifespan |
Integer |
int32 |
clientSessionIdleTimeout |
Integer |
int32 |
clientSessionMaxLifespan |
Integer |
int32 |
clientOfflineSessionIdleTimeout |
Integer |
int32 |
clientOfflineSessionMaxLifespan |
Integer |
int32 |
accessCodeLifespan |
Integer |
int32 |
accessCodeLifespanUserAction |
Integer |
int32 |
accessCodeLifespanLogin |
Integer |
int32 |
actionTokenGeneratedByAdminLifespan |
Integer |
int32 |
actionTokenGeneratedByUserLifespan |
Integer |
int32 |
oauth2DeviceCodeLifespan |
Integer |
int32 |
oauth2DevicePollingInterval |
Integer |
int32 |
enabled |
Boolean |
|
sslRequired |
String |
|
passwordCredentialGrantAllowed |
Boolean |
|
registrationAllowed |
Boolean |
|
registrationEmailAsUsername |
Boolean |
|
rememberMe |
Boolean |
|
verifyEmail |
Boolean |
|
loginWithEmailAllowed |
Boolean |
|
duplicateEmailsAllowed |
Boolean |
|
resetPasswordAllowed |
Boolean |
|
editUsernameAllowed |
Boolean |
|
userCacheEnabled |
Boolean |
|
realmCacheEnabled |
Boolean |
|
bruteForceProtected |
Boolean |
|
permanentLockout |
Boolean |
|
maxFailureWaitSeconds |
Integer |
int32 |
minimumQuickLoginWaitSeconds |
Integer |
int32 |
waitIncrementSeconds |
Integer |
int32 |
quickLoginCheckMilliSeconds |
Long |
int64 |
maxDeltaTimeSeconds |
Integer |
int32 |
failureFactor |
Integer |
int32 |
privateKey |
String |
|
publicKey |
String |
|
certificate |
String |
|
codeSecret |
String |
|
roles |
RolesRepresentation |
|
groups |
List of GroupRepresentation |
|
defaultRoles |
List of [string] |
|
defaultRole |
RoleRepresentation |
|
defaultGroups |
List of [string] |
|
requiredCredentials |
Set of [string] |
|
passwordPolicy |
String |
|
otpPolicyType |
String |
|
otpPolicyAlgorithm |
String |
|
otpPolicyInitialCounter |
Integer |
int32 |
otpPolicyDigits |
Integer |
int32 |
otpPolicyLookAheadWindow |
Integer |
int32 |
otpPolicyPeriod |
Integer |
int32 |
otpPolicyCodeReusable |
Boolean |
|
otpSupportedApplications |
List of [string] |
|
webAuthnPolicyRpEntityName |
String |
|
webAuthnPolicySignatureAlgorithms |
List of [string] |
|
webAuthnPolicyRpId |
String |
|
webAuthnPolicyAttestationConveyancePreference |
String |
|
webAuthnPolicyAuthenticatorAttachment |
String |
|
webAuthnPolicyRequireResidentKey |
String |
|
webAuthnPolicyUserVerificationRequirement |
String |
|
webAuthnPolicyCreateTimeout |
Integer |
int32 |
webAuthnPolicyAvoidSameAuthenticatorRegister |
Boolean |
|
webAuthnPolicyAcceptableAaguids |
List of [string] |
|
webAuthnPolicyPasswordlessRpEntityName |
String |
|
webAuthnPolicyPasswordlessSignatureAlgorithms |
List of [string] |
|
webAuthnPolicyPasswordlessRpId |
String |
|
webAuthnPolicyPasswordlessAttestationConveyancePreference |
String |
|
webAuthnPolicyPasswordlessAuthenticatorAttachment |
String |
|
webAuthnPolicyPasswordlessRequireResidentKey |
String |
|
webAuthnPolicyPasswordlessUserVerificationRequirement |
String |
|
webAuthnPolicyPasswordlessCreateTimeout |
Integer |
int32 |
webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister |
Boolean |
|
webAuthnPolicyPasswordlessAcceptableAaguids |
List of [string] |
|
clientProfiles |
List |
|
clientPolicies |
List |
|
users |
List of UserRepresentation |
|
federatedUsers |
List of UserRepresentation |
|
scopeMappings |
List of ScopeMappingRepresentation |
|
clientScopeMappings |
Map of [array] |
|
clients |
List of ClientRepresentation |
|
clientScopes |
List of ClientScopeRepresentation |
|
defaultDefaultClientScopes |
List of [string] |
|
defaultOptionalClientScopes |
List of [string] |
|
browserSecurityHeaders |
Map of [string] |
|
smtpServer |
Map of [string] |
|
userFederationProviders |
||
userFederationMappers |
||
loginTheme |
String |
|
accountTheme |
String |
|
adminTheme |
String |
|
emailTheme |
String |
|
eventsEnabled |
Boolean |
|
eventsExpiration |
Long |
int64 |
eventsListeners |
List of [string] |
|
enabledEventTypes |
List of [string] |
|
adminEventsEnabled |
Boolean |
|
adminEventsDetailsEnabled |
Boolean |
|
identityProviders |
List of IdentityProviderRepresentation |
|
identityProviderMappers |
||
protocolMappers |
List of ProtocolMapperRepresentation |
|
components |
Map of [array] |
|
internationalizationEnabled |
Boolean |
|
supportedLocales |
Set of [string] |
|
defaultLocale |
String |
|
authenticationFlows |
List of AuthenticationFlowRepresentation |
|
authenticatorConfig |
||
requiredActions |
||
browserFlow |
String |
|
registrationFlow |
String |
|
directGrantFlow |
String |
|
resetCredentialsFlow |
String |
|
clientAuthenticationFlow |
String |
|
dockerAuthenticationFlow |
String |
|
attributes |
Map of [string] |
|
keycloakVersion |
String |
|
userManagedAccessAllowed |
Boolean |
|
social |
Boolean |
|
updateProfileOnInitialSocialLogin |
Boolean |
|
socialProviders |
Map of [string] |
|
applicationScopeMappings |
Map of [array] |
|
applications |
List of ApplicationRepresentation |
|
oauthClients |
List of OAuthClientRepresentation |
|
clientTemplates |
List of ClientTemplateRepresentation |
|
oAuth2DeviceCodeLifespan |
Integer |
int32 |
oAuth2DevicePollingInterval |
Integer |
int32 |
RequiredActionProviderRepresentation
| Name | Type | Format |
|---|---|---|
alias |
String |
|
name |
String |
|
providerId |
String |
|
enabled |
Boolean |
|
defaultAction |
Boolean |
|
priority |
Integer |
int32 |
config |
Map of [string] |
ResourceOwnerRepresentation
| Name | Type | Format |
|---|---|---|
id |
String |
|
name |
String |
ResourceRepresentation
| Name | Type | Format |
|---|---|---|
id |
String |
|
name |
String |
|
uris |
Set of [string] |
|
type |
String |
|
scopes |
Set of ScopeRepresentation |
|
icon_uri |
String |
|
owner |
ResourceRepresentation_owner |
|
ownerManagedAccess |
Boolean |
|
displayName |
String |
|
attributes |
Map of [array] |
|
uri |
String |
|
scopesUma |
Set of ScopeRepresentation |
ResourceRepresentationOwner
| Name | Type | Format |
|---|---|---|
id |
String |
|
name |
String |
ResourceServerRepresentation
| Name | Type | Format |
|---|---|---|
id |
String |
|
clientId |
String |
|
name |
String |
|
allowRemoteResourceManagement |
Boolean |
|
policyEnforcementMode |
PolicyEnforcementMode |
|
resources |
List of ResourceRepresentation |
|
policies |
List of PolicyRepresentation |
|
scopes |
List of ScopeRepresentation |
|
decisionStrategy |
DecisionStrategy |
RoleRepresentation
| Name | Type | Format |
|---|---|---|
id |
String |
|
name |
String |
|
description |
String |
|
scopeParamRequired |
Boolean |
|
composite |
Boolean |
|
composites |
Composites |
|
clientRole |
Boolean |
|
containerId |
String |
|
attributes |
Map of [array] |
RolesRepresentation
| Name | Type | Format |
|---|---|---|
realm |
List of RoleRepresentation |
|
client |
Map of [array] |
|
application |
Map of [array] |
ScopeEnforcementMode
| Name | Type | Format |
|---|
ScopeMappingRepresentation
| Name | Type | Format |
|---|---|---|
self |
String |
|
client |
String |
|
clientTemplate |
String |
|
clientScope |
String |
|
roles |
Set of [string] |
ScopeRepresentation
| Name | Type | Format |
|---|---|---|
id |
String |
|
name |
String |
|
iconUri |
String |
|
policies |
List of PolicyRepresentation |
|
resources |
List of ResourceRepresentation |
|
displayName |
String |
SocialLinkRepresentation
| Name | Type | Format |
|---|---|---|
socialProvider |
String |
|
socialUserId |
String |
|
socialUsername |
String |
UserConsentRepresentation
| Name | Type | Format |
|---|---|---|
clientId |
String |
|
grantedClientScopes |
List of [string] |
|
createdDate |
Long |
int64 |
lastUpdatedDate |
Long |
int64 |
grantedRealmRoles |
List of [string] |
UserFederationMapperRepresentation
| Name | Type | Format |
|---|---|---|
id |
String |
|
name |
String |
|
federationProviderDisplayName |
String |
|
federationMapperType |
String |
|
config |
Map of [string] |
UserFederationProviderRepresentation
| Name | Type | Format |
|---|---|---|
id |
String |
|
displayName |
String |
|
providerName |
String |
|
config |
Map of [string] |
|
priority |
Integer |
int32 |
fullSyncPeriod |
Integer |
int32 |
changedSyncPeriod |
Integer |
int32 |
lastSync |
Integer |
int32 |
UserProfileAttributeGroupMetadata
| Name | Type | Format |
|---|---|---|
name |
String |
|
displayHeader |
String |
|
displayDescription |
String |
|
annotations |
Map of [object] |
UserProfileAttributeMetadata
| Name | Type | Format |
|---|---|---|
name |
String |
|
displayName |
String |
|
required |
Boolean |
|
readOnly |
Boolean |
|
annotations |
Map of [object] |
|
validators |
Map of [map] |
|
group |
String |
UserProfileMetadata
| Name | Type | Format |
|---|---|---|
attributes |
List of UserProfileAttributeMetadata |
|
groups |
UserRepresentation
| Name | Type | Format |
|---|---|---|
self |
String |
|
id |
String |
|
origin |
String |
|
createdTimestamp |
Long |
int64 |
username |
String |
|
enabled |
Boolean |
|
totp |
Boolean |
|
emailVerified |
Boolean |
|
firstName |
String |
|
lastName |
String |
|
email |
String |
|
federationLink |
String |
|
serviceAccountClientId |
String |
|
attributes |
Map of [array] |
|
credentials |
List of CredentialRepresentation |
|
disableableCredentialTypes |
Set of [string] |
|
requiredActions |
List of [string] |
|
federatedIdentities |
List of FederatedIdentityRepresentation |
|
realmRoles |
List of [string] |
|
clientRoles |
Map of [array] |
|
clientConsents |
List of UserConsentRepresentation |
|
notBefore |
Integer |
int32 |
applicationRoles |
Map of [array] |
|
socialLinks |
List of SocialLinkRepresentation |
|
groups |
List of [string] |
|
access |
Map of [boolean] |
|
userProfileMetadata |
UserProfileMetadata |