Class RealmAdminResource

java.lang.Object
org.keycloak.services.resources.admin.RealmAdminResource

public class RealmAdminResource extends Object
Base resource class for the admin REST api of one realm
Version:
$Revision: 1 $
Author:
Bill Burke
  • Field Details

    • logger

      protected static final org.jboss.logging.Logger logger
    • auth

      protected final AdminPermissionEvaluator auth
    • realm

      protected final RealmModel realm
    • session

      protected final KeycloakSession session
    • connection

      protected final ClientConnection connection
    • headers

      protected final jakarta.ws.rs.core.HttpHeaders headers
  • Constructor Details

  • Method Details

    • convertClientDescription

      @Path("client-description-converter") @Consumes({"application/json","application/xml","text/plain"}) @POST @Produces("application/json") public ClientRepresentation convertClientDescription(String description)
      Base path for importing clients under this realm.
      Returns:
    • getAttackDetection

      @Path("attack-detection") public AttackDetectionResource getAttackDetection()
      Base path for managing attack detection.
      Returns:
    • getClients

      @Path("clients") public ClientsResource getClients()
      Base path for managing clients under this realm.
      Returns:
    • getClientTemplates

      @Deprecated @Path("client-templates") public ClientScopesResource getClientTemplates()
      Deprecated.
      This endpoint is deprecated. It's here just because of backwards compatibility. Use getClientScopes() instead
      Returns:
    • getClientScopes

      @Path("client-scopes") public ClientScopesResource getClientScopes()
      Base path for managing client scopes under this realm.
      Returns:
    • getLocalization

      @Path("localization") public RealmLocalizationResource getLocalization()
      Base path for managing localization under this realm.
    • getDefaultDefaultClientScopes

      @GET @Produces("application/json") @Path("default-default-client-scopes") public Stream<ClientScopeRepresentation> getDefaultDefaultClientScopes()
      Get realm default client scopes. Only name and ids are returned.
      Returns:
    • addDefaultDefaultClientScope

      @PUT @Path("default-default-client-scopes/{clientScopeId}") public void addDefaultDefaultClientScope(@PathParam("clientScopeId") String clientScopeId)
    • removeDefaultDefaultClientScope

      @DELETE @Path("default-default-client-scopes/{clientScopeId}") public void removeDefaultDefaultClientScope(@PathParam("clientScopeId") String clientScopeId)
    • getDefaultOptionalClientScopes

      @GET @Produces("application/json") @Path("default-optional-client-scopes") public Stream<ClientScopeRepresentation> getDefaultOptionalClientScopes()
      Get realm optional client scopes. Only name and ids are returned.
      Returns:
    • addDefaultOptionalClientScope

      @PUT @Path("default-optional-client-scopes/{clientScopeId}") public void addDefaultOptionalClientScope(@PathParam("clientScopeId") String clientScopeId)
    • removeDefaultOptionalClientScope

      @DELETE @Path("default-optional-client-scopes/{clientScopeId}") public void removeDefaultOptionalClientScope(@PathParam("clientScopeId") String clientScopeId)
    • getClientInitialAccess

      @Path("clients-initial-access") public ClientInitialAccessResource getClientInitialAccess()
      Base path for managing client initial access tokens
      Returns:
    • getClientRegistrationPolicy

      @Path("client-registration-policy") public ClientRegistrationPolicyResource getClientRegistrationPolicy()
    • getComponents

      @Path("components") public ComponentResource getComponents()
      Base path for managing components under this realm.
      Returns:
    • getRoleContainerResource

      @Path("roles") public RoleContainerResource getRoleContainerResource()
      base path for managing realm-level roles of this realm
      Returns:
    • getRealm

      @GET @Produces("application/json") public RealmRepresentation getRealm()
      Get the top-level representation of the realm It will not include nested information like User and Client representations.
      Returns:
    • updateRealm

      @PUT @Consumes("application/json") public jakarta.ws.rs.core.Response updateRealm(RealmRepresentation rep)
      Update the top-level information of the realm Any user, roles or client information in the representation will be ignored. This will only update top-level attributes of the realm.
      Parameters:
      rep -
      Returns:
    • deleteRealm

      @DELETE public void deleteRealm()
      Delete the realm
    • users

      @Path("users") public UsersResource users()
      Base path for managing users in this realm.
      Returns:
    • getUserMgmtPermissions

      @GET @Produces("application/json") @Path("users-management-permissions") public ManagementPermissionReference getUserMgmtPermissions()
    • setUsersManagementPermissionsEnabled

      @PUT @Produces("application/json") @Consumes("application/json") @Path("users-management-permissions") public ManagementPermissionReference setUsersManagementPermissionsEnabled(ManagementPermissionReference ref)
    • toUsersMgmtRef

      public static ManagementPermissionReference toUsersMgmtRef(AdminPermissionManagement permissions)
    • extension

      @Path("{extension}") public Object extension(@PathParam("extension") String extension)
    • flows

      @Path("authentication") public AuthenticationManagementResource flows()
    • rolesById

      @Path("roles-by-id") public RoleByIdResource rolesById()
      Path for managing all realm-level or client-level roles defined in this realm by its id.
      Returns:
    • pushRevocation

      @Path("push-revocation") @Produces("application/json") @POST public GlobalRequestResult pushRevocation()
      Push the realm's revocation policy to any client that has an admin url associated with it.
    • logoutAll

      @Path("logout-all") @POST @Produces("application/json") public GlobalRequestResult logoutAll()
      Removes all user sessions. Any client that has an admin url will also be told to invalidate any sessions they have.
    • deleteSession

      @Path("sessions/{session}") @DELETE public void deleteSession(@PathParam("session") String sessionId)
      Remove a specific user session. Any client that has an admin url will also be told to invalidate this particular session.
      Parameters:
      sessionId -
    • getClientSessionStats

      @Path("client-session-stats") @GET @Produces("application/json") public Stream<Map<String,String>> getClientSessionStats()
      Get client session stats Returns a JSON map. The key is the client id, the value is the number of sessions that currently are active with that client. Only clients that actually have a session associated with them will be in this map.
      Returns:
    • getRealmEventsConfig

      @GET @Path("events/config") @Produces("application/json") public RealmEventsConfigRepresentation getRealmEventsConfig()
      Get the events provider configuration Returns JSON object with events provider configuration
      Returns:
    • updateRealmEventsConfig

      @PUT @Path("events/config") @Consumes("application/json") public void updateRealmEventsConfig(RealmEventsConfigRepresentation rep)
      Update the events provider Change the events provider and/or its configuration
      Parameters:
      rep -
    • getEvents

      @Path("events") @GET @Produces("application/json") public Stream<EventRepresentation> getEvents(@QueryParam("type") List<String> types, @QueryParam("client") String client, @QueryParam("user") String user, @QueryParam("dateFrom") String dateFrom, @QueryParam("dateTo") String dateTo, @QueryParam("ipAddress") String ipAddress, @QueryParam("first") Integer firstResult, @QueryParam("max") Integer maxResults)
      Get events Returns all events, or filters them based on URL query parameters listed here
      Parameters:
      types - The types of events to return
      client - App or oauth client name
      user - User id
      ipAddress - IP address
      dateTo - To date
      dateFrom - From date
      firstResult - Paging offset
      maxResults - Maximum results size (defaults to 100)
      Returns:
    • getEvents

      @Path("admin-events") @GET @Produces("application/json") public Stream<AdminEventRepresentation> getEvents(@QueryParam("operationTypes") List<String> operationTypes, @QueryParam("authRealm") String authRealm, @QueryParam("authClient") String authClient, @QueryParam("authUser") String authUser, @QueryParam("authIpAddress") String authIpAddress, @QueryParam("resourcePath") String resourcePath, @QueryParam("dateFrom") String dateFrom, @QueryParam("dateTo") String dateTo, @QueryParam("first") Integer firstResult, @QueryParam("max") Integer maxResults, @QueryParam("resourceTypes") List<String> resourceTypes)
      Get admin events Returns all admin events, or filters events based on URL query parameters listed here
      Parameters:
      operationTypes -
      authRealm -
      authClient -
      authUser - user id
      authIpAddress -
      resourcePath -
      dateTo -
      dateFrom -
      firstResult -
      maxResults - Maximum results size (defaults to 100)
      Returns:
    • clearEvents

      @Path("events") @DELETE public void clearEvents()
      Delete all events
    • clearAdminEvents

      @Path("admin-events") @DELETE public void clearAdminEvents()
      Delete all admin events
    • testSMTPConnection

      @Path("testSMTPConnection") @POST @Consumes("application/x-www-form-urlencoded") @Deprecated public jakarta.ws.rs.core.Response testSMTPConnection(@FormParam("config") String config) throws Exception
      Deprecated.
      Test SMTP connection with current logged in user
      Parameters:
      config - SMTP server configuration
      Returns:
      Throws:
      Exception
    • testSMTPConnection

      @Path("testSMTPConnection") @POST @Consumes("application/json") public jakarta.ws.rs.core.Response testSMTPConnection(Map<String,String> settings) throws Exception
      Throws:
      Exception
    • getIdentityProviderResource

      @Path("identity-provider") public IdentityProvidersResource getIdentityProviderResource()
    • getDefaultGroups

      @GET @Produces("application/json") @Path("default-groups") public Stream<GroupRepresentation> getDefaultGroups()
      Get group hierarchy. Only name and ids are returned.
      Returns:
    • addDefaultGroup

      @PUT @Path("default-groups/{groupId}") public void addDefaultGroup(@PathParam("groupId") String groupId)
    • removeDefaultGroup

      @DELETE @Path("default-groups/{groupId}") public void removeDefaultGroup(@PathParam("groupId") String groupId)
    • getGroups

      @Path("groups") public GroupsResource getGroups()
    • getGroupByPath

      @GET @Path("group-by-path/{path: .*}") @Produces("application/json") public GroupRepresentation getGroupByPath(@PathParam("path") List<jakarta.ws.rs.core.PathSegment> pathSegments)
    • partialImport

      @Path("partialImport") @POST @Produces("application/json") @Consumes("application/json") public jakarta.ws.rs.core.Response partialImport(InputStream requestBody)
      Partial import from a JSON file to an existing realm.
    • partialExport

      @Path("partial-export") @Produces("application/json") @POST public jakarta.ws.rs.core.Response partialExport(@QueryParam("exportGroupsAndRoles") Boolean exportGroupsAndRoles, @QueryParam("exportClients") Boolean exportClients)
      Partial export of existing realm into a JSON file.
      Parameters:
      exportGroupsAndRoles -
      exportClients -
      Returns:
    • keys

      @Path("keys") public KeyResource keys()
    • getCredentialRegistrators

      @GET @Path("credential-registrators") @Produces("application/json") public Stream<String> getCredentialRegistrators()
    • getClientPoliciesResource

      @Path("client-policies/policies") public ClientPoliciesResource getClientPoliciesResource()
    • getClientProfilesResource

      @Path("client-policies/profiles") public ClientProfilesResource getClientProfilesResource()