Overview
This is a REST API reference for the Keycloak Admin REST API.
Version information
Version: 1.0
OpenAPI Definitions
The OpenAPI definitions are a feature that is currently in preview. Please provide your feedback by joining this discussion while we’re continuing to work on this. If you find something is outdated or wrong, create a GitHub issue and provide a pull request. |
Resources
Attack Detection
DELETE /admin/realms/{realm}/attack-detection/brute-force/users
Clear any user login failures for all users This can release temporary disabled users
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
DELETE /admin/realms/{realm}/attack-detection/brute-force/users/{userId}
Clear any user login failures for the user This can release temporary disabled user
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
userId |
null |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/attack-detection/brute-force/users/{userId}
Get status of a username in brute force detection
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
userId |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
Map[<<>>] |
Authentication Management
GET /admin/realms/{realm}/authentication/authenticator-providers
Get authenticator providers Returns a stream of authenticator providers.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[[AnyType]] |
GET /admin/realms/{realm}/authentication/client-authenticator-providers
Get client authenticator providers Returns a stream of client authenticator providers.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[[AnyType]] |
GET /admin/realms/{realm}/authentication/config-description/{providerId}
Get authenticator provider’s configuration description
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
providerId |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/authentication/config/{id}
Delete authenticator configuration
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
Configuration id |
null |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/authentication/config/{id}
Get authenticator configuration
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
Configuration id |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/authentication/config/{id}
Update authenticator configuration
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
Configuration id |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
AuthenticatorConfigRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
POST /admin/realms/{realm}/authentication/config
Create new authenticator configuration
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
AuthenticatorConfigRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
201 |
Created |
<<>> |
GET /admin/realms/{realm}/authentication/executions/{executionId}/config/{id}
Get execution’s configuration
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
executionId |
Execution id |
null |
|
id |
Configuration id |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
POST /admin/realms/{realm}/authentication/executions/{executionId}/config
Update execution with new configuration
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
executionId |
Execution id |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
AuthenticatorConfigRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
201 |
Created |
<<>> |
DELETE /admin/realms/{realm}/authentication/executions/{executionId}
Delete execution
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
executionId |
Execution id |
null |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/authentication/executions/{executionId}
Get Single Execution
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
executionId |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
POST /admin/realms/{realm}/authentication/executions/{executionId}/lower-priority
Lower execution’s priority
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
executionId |
Execution id |
null |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
POST /admin/realms/{realm}/authentication/executions/{executionId}/raise-priority
Raise execution’s priority
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
executionId |
Execution id |
null |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
POST /admin/realms/{realm}/authentication/executions
Add new authentication execution
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
AuthenticationExecutionRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
201 |
Created |
<<>> |
POST /admin/realms/{realm}/authentication/flows/{flowAlias}/copy
Copy existing authentication flow under a new name The new name is given as 'newName' attribute of the passed JSON object
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
flowAlias |
name of the existing authentication flow |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
request_body |
Responses
Code | Message | Datatype |
---|---|---|
201 |
Created |
<<>> |
POST /admin/realms/{realm}/authentication/flows/{flowAlias}/executions/execution
Add new authentication execution to a flow
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
flowAlias |
Alias of parent flow |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
request_body |
Responses
Code | Message | Datatype |
---|---|---|
201 |
Created |
<<>> |
POST /admin/realms/{realm}/authentication/flows/{flowAlias}/executions/flow
Add new flow with new execution to existing flow
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
flowAlias |
Alias of parent authentication flow |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
request_body |
Responses
Code | Message | Datatype |
---|---|---|
201 |
Created |
<<>> |
GET /admin/realms/{realm}/authentication/flows/{flowAlias}/executions
Get authentication executions for a flow
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
flowAlias |
Flow alias |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/authentication/flows/{flowAlias}/executions
Update authentication executions of a Flow
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
flowAlias |
Flow alias |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
AuthenticationExecutionInfoRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/authentication/flows
Get authentication flows Returns a stream of authentication flows.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/authentication/flows/{id}
Delete an authentication flow
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
Flow id |
null |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/authentication/flows/{id}
Get authentication flow for id
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
Flow id |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/authentication/flows/{id}
Update an authentication flow
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
AuthenticationFlowRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
POST /admin/realms/{realm}/authentication/flows
Create a new authentication flow
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
AuthenticationFlowRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
201 |
Created |
<<>> |
GET /admin/realms/{realm}/authentication/form-action-providers
Get form action providers Returns a stream of form action providers.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[[AnyType]] |
GET /admin/realms/{realm}/authentication/form-providers
Get form providers Returns a stream of form providers.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[[AnyType]] |
GET /admin/realms/{realm}/authentication/per-client-config-description
Get configuration descriptions for all clients
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
POST /admin/realms/{realm}/authentication/register-required-action
Register a new required actions
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
request_body |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
DELETE /admin/realms/{realm}/authentication/required-actions/{alias}/config
Delete RequiredAction configuration
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
alias |
Alias of required action |
null |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/authentication/required-actions/{alias}/config-description
Get RequiredAction provider configuration description
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
alias |
Alias of required action |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
GET /admin/realms/{realm}/authentication/required-actions/{alias}/config
Get RequiredAction configuration
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
alias |
Alias of required action |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/authentication/required-actions/{alias}/config
Update RequiredAction configuration
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
alias |
Alias of required action |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
RequiredActionConfigRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
DELETE /admin/realms/{realm}/authentication/required-actions/{alias}
Delete required action
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
alias |
Alias of required action |
null |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/authentication/required-actions/{alias}
Get required action for alias
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
alias |
Alias of required action |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
POST /admin/realms/{realm}/authentication/required-actions/{alias}/lower-priority
Lower required action’s priority
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
alias |
Alias of required action |
null |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
PUT /admin/realms/{realm}/authentication/required-actions/{alias}
Update required action
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
alias |
Alias of required action |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
RequiredActionProviderRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
POST /admin/realms/{realm}/authentication/required-actions/{alias}/raise-priority
Raise required action’s priority
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
alias |
Alias of required action |
null |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/authentication/required-actions
Get required actions Returns a stream of required actions.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
GET /admin/realms/{realm}/authentication/unregistered-required-actions
Get unregistered required actions Returns a stream of unregistered required actions.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[[string]] |
Client Attribute Certificate
POST /admin/realms/{realm}/clients/{client-uuid}/certificates/{attr}/download
Get a keystore file for the client, containing private key and public certificate
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
attr |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
KeyStoreConfig |
Content Type
-
application/octet-stream
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
POST /admin/realms/{realm}/clients/{client-uuid}/certificates/{attr}/generate-and-download
Generate a new keypair and certificate, and get the private key file Generates a keypair and certificate and serves the private key in a specified keystore format. Only generated public certificate is saved in Keycloak DB - the private key is not.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
attr |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
KeyStoreConfig |
Content Type
-
application/octet-stream
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
POST /admin/realms/{realm}/clients/{client-uuid}/certificates/{attr}/generate
Generate a new certificate with new key pair
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
attr |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
GET /admin/realms/{realm}/clients/{client-uuid}/certificates/{attr}
Get key info
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
attr |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
POST /admin/realms/{realm}/clients/{client-uuid}/certificates/{attr}/upload-certificate
Upload only certificate, not private key
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
attr |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
POST /admin/realms/{realm}/clients/{client-uuid}/certificates/{attr}/upload
Upload certificate and eventually private key
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
attr |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
Client Initial Access
GET /admin/realms/{realm}/clients-initial-access
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/clients-initial-access/{id}
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
POST /admin/realms/{realm}/clients-initial-access
Create a new initial access token.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
ClientInitialAccessCreatePresentation |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
201 |
Created |
Client Registration Policy
GET /admin/realms/{realm}/client-registration-policy/providers
Base path for retrieve providers with the configProperties properly filled
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
Client Role Mappings
GET /admin/realms/{realm}/groups/{group-id}/role-mappings/clients/{client-id}/available
Get available client-level roles that can be mapped to the user or group
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
group-id |
null |
||
client-id |
client id (not clientId!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[RoleRepresentation] |
GET /admin/realms/{realm}/groups/{group-id}/role-mappings/clients/{client-id}/composite
Get effective client-level role mappings This recurses any composite roles
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
group-id |
null |
||
client-id |
client id (not clientId!) |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
briefRepresentation |
if false, return roles with their attributes |
true |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[RoleRepresentation] |
DELETE /admin/realms/{realm}/groups/{group-id}/role-mappings/clients/{client-id}
Delete client-level roles from user or group role mapping
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
group-id |
null |
||
client-id |
client id (not clientId!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
RoleRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/groups/{group-id}/role-mappings/clients/{client-id}
Get client-level role mappings for the user or group, and the app
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
group-id |
null |
||
client-id |
client id (not clientId!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[RoleRepresentation] |
POST /admin/realms/{realm}/groups/{group-id}/role-mappings/clients/{client-id}
Add client-level roles to the user or group role mapping
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
group-id |
null |
||
client-id |
client id (not clientId!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
RoleRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/users/{user-id}/role-mappings/clients/{client-id}/available
Get available client-level roles that can be mapped to the user or group
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
user-id |
null |
||
client-id |
client id (not clientId!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[RoleRepresentation] |
GET /admin/realms/{realm}/users/{user-id}/role-mappings/clients/{client-id}/composite
Get effective client-level role mappings This recurses any composite roles
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
user-id |
null |
||
client-id |
client id (not clientId!) |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
briefRepresentation |
if false, return roles with their attributes |
true |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[RoleRepresentation] |
DELETE /admin/realms/{realm}/users/{user-id}/role-mappings/clients/{client-id}
Delete client-level roles from user or group role mapping
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
user-id |
null |
||
client-id |
client id (not clientId!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
RoleRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/users/{user-id}/role-mappings/clients/{client-id}
Get client-level role mappings for the user or group, and the app
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
user-id |
null |
||
client-id |
client id (not clientId!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[RoleRepresentation] |
POST /admin/realms/{realm}/users/{user-id}/role-mappings/clients/{client-id}
Add client-level roles to the user or group role mapping
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
user-id |
null |
||
client-id |
client id (not clientId!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
RoleRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
Client Scopes
DELETE /admin/realms/{realm}/client-scopes/{client-scope-id}
Delete the client scope
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-scope-id |
null |
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/client-scopes/{client-scope-id}
Get representation of the client scope
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-scope-id |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/client-scopes/{client-scope-id}
Update the client scope
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-scope-id |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
ClientScopeRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/client-scopes
Get client scopes belonging to the realm Returns a list of client scopes belonging to the realm
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
POST /admin/realms/{realm}/client-scopes
Create a new client scope Client Scope’s name must be unique!
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
ClientScopeRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
<<>> |
DELETE /admin/realms/{realm}/client-templates/{client-scope-id}
Delete the client scope
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-scope-id |
null |
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/client-templates/{client-scope-id}
Get representation of the client scope
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-scope-id |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/client-templates/{client-scope-id}
Update the client scope
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-scope-id |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
ClientScopeRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/client-templates
Get client scopes belonging to the realm Returns a list of client scopes belonging to the realm
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
POST /admin/realms/{realm}/client-templates
Create a new client scope Client Scope’s name must be unique!
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
ClientScopeRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
<<>> |
Clients
GET /admin/realms/{realm}/clients/{client-uuid}/client-secret
Get the client secret
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
POST /admin/realms/{realm}/clients/{client-uuid}/client-secret
Generate a new secret for the client
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/clients/{client-uuid}/client-secret/rotated
Invalidate the rotated secret for the client
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/clients/{client-uuid}/client-secret/rotated
Get the rotated client secret
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/clients/{client-uuid}/default-client-scopes/{clientScopeId}
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
clientScopeId |
null |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
PUT /admin/realms/{realm}/clients/{client-uuid}/default-client-scopes/{clientScopeId}
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
clientScopeId |
null |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/clients/{client-uuid}/default-client-scopes
Get default client scopes. Only name and ids are returned.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/clients/{client-uuid}
Delete the client
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/clients/{client-uuid}/evaluate-scopes/generate-example-access-token
Create JSON with payload of example access token
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
scope |
null |
||
userId |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
GET /admin/realms/{realm}/clients/{client-uuid}/evaluate-scopes/generate-example-id-token
Create JSON with payload of example id token
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
scope |
null |
||
userId |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
GET /admin/realms/{realm}/clients/{client-uuid}/evaluate-scopes/generate-example-userinfo
Create JSON with payload of example user info
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
scope |
null |
||
userId |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
Map[<<>>] |
GET /admin/realms/{realm}/clients/{client-uuid}/evaluate-scopes/protocol-mappers
Return list of all protocol mappers, which will be used when generating tokens issued for particular client.
Description
This means protocol mappers assigned to this client directly and protocol mappers assigned to all client scopes of this client.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
scope |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
GET /admin/realms/{realm}/clients/{client-uuid}/evaluate-scopes/scope-mappings/{roleContainerId}/granted
Get effective scope mapping of all roles of particular role container, which this client is defacto allowed to have in the accessToken issued for him.
Description
This contains scope mappings, which this client has directly, as well as scope mappings, which are granted to all client scopes, which are linked with this client.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
roleContainerId |
either realm name OR client UUID |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
scope |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[RoleRepresentation] |
GET /admin/realms/{realm}/clients/{client-uuid}/evaluate-scopes/scope-mappings/{roleContainerId}/not-granted
Get roles, which this client doesn’t have scope for and can’t have them in the accessToken issued for him.
Description
Defacto all the other roles of particular role container, which are not in {@link #getGrantedScopeMappings()}
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
roleContainerId |
either realm name OR client UUID |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
scope |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[RoleRepresentation] |
GET /admin/realms/{realm}/clients/{client-uuid}
Get representation of the client
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
GET /admin/realms/{realm}/clients/{client-uuid}/installation/providers/{providerId}
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
providerId |
null |
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/clients/{client-uuid}/management/permissions
Return object stating whether client Authorization permissions have been initialized or not and a reference
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/clients/{client-uuid}/management/permissions
Return object stating whether client Authorization permissions have been initialized or not and a reference
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
ManagementPermissionReference |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/clients/{client-uuid}/nodes/{node}
Unregister a cluster node from the client
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
node |
null |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
POST /admin/realms/{realm}/clients/{client-uuid}/nodes
Register a cluster node with the client Manually register cluster node to this client - usually it’s not needed to call this directly as adapter should handle by sending registration request to Keycloak
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
request_body |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/clients/{client-uuid}/offline-session-count
Get application offline session count Returns a number of offline user sessions associated with this client { \"count\": number }
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
Map[[long]] |
GET /admin/realms/{realm}/clients/{client-uuid}/offline-sessions
Get offline sessions for client Returns a list of offline user sessions associated with this client
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
first |
Paging offset |
null |
|
max |
Maximum results size (defaults to 100) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/clients/{client-uuid}/optional-client-scopes/{clientScopeId}
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
clientScopeId |
null |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
PUT /admin/realms/{realm}/clients/{client-uuid}/optional-client-scopes/{clientScopeId}
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
clientScopeId |
null |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/clients/{client-uuid}/optional-client-scopes
Get optional client scopes. Only name and ids are returned.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
POST /admin/realms/{realm}/clients/{client-uuid}/push-revocation
Push the client’s revocation policy to its admin URL If the client has an admin URL, push revocation policy to it.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/clients/{client-uuid}
Update the client
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
ClientRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
<<>> |
POST /admin/realms/{realm}/clients/{client-uuid}/registration-access-token
Generate a new registration access token for the client
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
GET /admin/realms/{realm}/clients/{client-uuid}/service-account-user
Get a user dedicated to the service account
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
GET /admin/realms/{realm}/clients/{client-uuid}/session-count
Get application session count Returns a number of user sessions associated with this client { \"count\": number }
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
Map[[long]] |
GET /admin/realms/{realm}/clients/{client-uuid}/test-nodes-available
Test if registered cluster nodes are available Tests availability by sending 'ping' request to all cluster nodes.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
GET /admin/realms/{realm}/clients/{client-uuid}/user-sessions
Get user sessions for client Returns a list of user sessions associated with this client
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
first |
Paging offset |
null |
|
max |
Maximum results size (defaults to 100) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
GET /admin/realms/{realm}/clients
Get clients belonging to the realm.
Description
If a client can’t be retrieved from the storage due to a problem with the underlying storage, it is silently removed from the returned list. This ensures that concurrent modifications to the list don’t prevent callers from retrieving this list.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
clientId |
filter by clientId |
null |
|
first |
the first result |
null |
|
max |
the max results to return |
null |
|
q |
null |
||
search |
whether this is a search query or a getClientById query |
false |
|
viewableOnly |
filter clients that cannot be viewed in full by admin |
false |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[ClientRepresentation] |
POST /admin/realms/{realm}/clients
Create a new client Client’s client_id must be unique!
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
ClientRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
201 |
Created |
<<>> |
Component
GET /admin/realms/{realm}/components
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
name |
null |
||
parent |
null |
||
type |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[ComponentRepresentation] |
DELETE /admin/realms/{realm}/components/{id}
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/components/{id}
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/components/{id}
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
ComponentRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/components/{id}/sub-component-types
List of subcomponent types that are available to configure for a particular parent component.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
id |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
type |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
POST /admin/realms/{realm}/components
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
ComponentRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
<<>> |
default
GET /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
POST /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/import
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
ResourceServerRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
POST /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/permission/evaluate
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
PolicyEvaluationRequest |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
|
500 |
Internal Server Error |
<<>> |
GET /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/permission
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
fields |
null |
||
first |
null |
||
max |
null |
||
name |
null |
||
owner |
null |
||
permission |
null |
||
policyId |
null |
||
resource |
null |
||
scope |
null |
||
type |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
|
204 |
No Content |
<<>> |
POST /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/permission
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
body |
Responses
Code | Message | Datatype |
---|---|---|
201 |
Created |
<<>> |
GET /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/permission/providers
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
GET /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/permission/search
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
fields |
null |
||
name |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
|
204 |
No Content |
<<>> |
400 |
Bad Request |
<<>> |
POST /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/policy/evaluate
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
PolicyEvaluationRequest |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
|
500 |
Internal Server Error |
<<>> |
GET /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/policy
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
fields |
null |
||
first |
null |
||
max |
null |
||
name |
null |
||
owner |
null |
||
permission |
null |
||
policyId |
null |
||
resource |
null |
||
scope |
null |
||
type |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
|
204 |
No Content |
<<>> |
POST /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/policy
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
body |
Responses
Code | Message | Datatype |
---|---|---|
201 |
Created |
<<>> |
GET /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/policy/providers
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
GET /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/policy/search
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
fields |
null |
||
name |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
|
204 |
No Content |
<<>> |
400 |
Bad Request |
<<>> |
PUT /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
ResourceServerRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/resource
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
id |
null |
||
deep |
null |
||
exactName |
null |
||
first |
null |
||
matchingUri |
null |
||
max |
null |
||
name |
null |
||
owner |
null |
||
scope |
null |
||
type |
null |
||
uri |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[ResourceRepresentation] |
POST /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/resource
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
ResourceRepresentation |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
id |
null |
||
deep |
null |
||
exactName |
null |
||
first |
null |
||
matchingUri |
null |
||
max |
null |
||
name |
null |
||
owner |
null |
||
scope |
null |
||
type |
null |
||
uri |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
201 |
Created |
|
400 |
Bad Request |
<<>> |
GET /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/resource/{resource-id}/attributes
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
resource-id |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
id |
null |
||
deep |
null |
||
exactName |
null |
||
first |
null |
||
matchingUri |
null |
||
max |
null |
||
name |
null |
||
owner |
null |
||
scope |
null |
||
type |
null |
||
uri |
null |
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
<<>> |
DELETE /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/resource/{resource-id}
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
resource-id |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
id |
null |
||
deep |
null |
||
exactName |
null |
||
first |
null |
||
matchingUri |
null |
||
max |
null |
||
name |
null |
||
owner |
null |
||
scope |
null |
||
type |
null |
||
uri |
null |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
404 |
Not Found |
<<>> |
GET /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/resource/{resource-id}
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
resource-id |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
id |
null |
||
deep |
null |
||
exactName |
null |
||
first |
null |
||
matchingUri |
null |
||
max |
null |
||
name |
null |
||
owner |
null |
||
scope |
null |
||
type |
null |
||
uri |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
|
404 |
Not found |
<<>> |
GET /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/resource/{resource-id}/permissions
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
resource-id |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
id |
null |
||
deep |
null |
||
exactName |
null |
||
first |
null |
||
matchingUri |
null |
||
max |
null |
||
name |
null |
||
owner |
null |
||
scope |
null |
||
type |
null |
||
uri |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[PolicyRepresentation] |
404 |
Not found |
<<>> |
PUT /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/resource/{resource-id}
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
resource-id |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
ResourceRepresentation |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
id |
null |
||
deep |
null |
||
exactName |
null |
||
first |
null |
||
matchingUri |
null |
||
max |
null |
||
name |
null |
||
owner |
null |
||
scope |
null |
||
type |
null |
||
uri |
null |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
404 |
Not Found |
<<>> |
GET /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/resource/{resource-id}/scopes
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
resource-id |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
id |
null |
||
deep |
null |
||
exactName |
null |
||
first |
null |
||
matchingUri |
null |
||
max |
null |
||
name |
null |
||
owner |
null |
||
scope |
null |
||
type |
null |
||
uri |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[ScopeRepresentation] |
404 |
Not found |
<<>> |
GET /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/resource/search
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
id |
null |
||
deep |
null |
||
exactName |
null |
||
first |
null |
||
matchingUri |
null |
||
max |
null |
||
owner |
null |
||
scope |
null |
||
type |
null |
||
uri |
null |
||
name |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
|
400 |
Bad Request |
<<>> |
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/scope
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
first |
null |
||
max |
null |
||
name |
null |
||
scopeId |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[ScopeRepresentation] |
POST /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/scope
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
ScopeRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
<<>> |
DELETE /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/scope/{scope-id}
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
scope-id |
null |
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/scope/{scope-id}
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
scope-id |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
|
404 |
Not found |
<<>> |
GET /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/scope/{scope-id}/permissions
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
scope-id |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[PolicyRepresentation] |
404 |
Not found |
<<>> |
PUT /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/scope/{scope-id}
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
scope-id |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
ScopeRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/scope/{scope-id}/resources
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
scope-id |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[ResourceRepresentation] |
404 |
Not found |
<<>> |
GET /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/scope/search
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
name |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[ScopeRepresentation] |
204 |
No Content |
<<>> |
400 |
Bad Request |
<<>> |
GET /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/settings
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
Groups
GET /admin/realms/{realm}/groups/count
Returns the groups counts.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
search |
null |
||
top |
false |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
Map[[long]] |
GET /admin/realms/{realm}/groups
Get group hierarchy. Only name and ids are returned.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
briefRepresentation |
true |
||
exact |
false |
||
first |
null |
||
max |
null |
||
populateHierarchy |
true |
||
q |
null |
||
search |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[GroupRepresentation] |
GET /admin/realms/{realm}/groups/{group-id}/children
Return a paginated list of subgroups that have a parent group corresponding to the group on the URL
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
group-id |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
briefRepresentation |
Boolean which defines whether brief groups representations are returned or not (default: false) |
false |
|
exact |
Boolean which defines whether the params "search" must match exactly or not |
null |
|
first |
The position of the first result to be returned (pagination offset). |
null |
|
max |
The maximum number of results that are to be returned. Defaults to 10 |
null |
|
search |
A String representing either an exact group name or a partial name |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[GroupRepresentation] |
POST /admin/realms/{realm}/groups/{group-id}/children
Set or create child.
Description
This will just set the parent if it exists. Create it and set the parent if the group doesn’t exist.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
group-id |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
GroupRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
<<>> |
DELETE /admin/realms/{realm}/groups/{group-id}
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
group-id |
null |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/groups/{group-id}
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
group-id |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
GET /admin/realms/{realm}/groups/{group-id}/management/permissions
Return object stating whether client Authorization permissions have been initialized or not and a reference
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
group-id |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/groups/{group-id}/management/permissions
Return object stating whether client Authorization permissions have been initialized or not and a reference
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
group-id |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
ManagementPermissionReference |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
GET /admin/realms/{realm}/groups/{group-id}/members
Get users Returns a stream of users, filtered according to query parameters
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
group-id |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
briefRepresentation |
Only return basic information (only guaranteed to return id, username, created, first and last name, email, enabled state, email verification state, federation link, and access. Note that it means that namely user attributes, required actions, and not before are not returned.) |
null |
|
first |
Pagination offset |
null |
|
max |
Maximum results size (defaults to 100) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[UserRepresentation] |
PUT /admin/realms/{realm}/groups/{group-id}
Update group, ignores subgroups.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
group-id |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
GroupRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
<<>> |
POST /admin/realms/{realm}/groups
create or add a top level realm groupSet or create child.
Description
This will update the group and set the parent if it exists. Create it and set the parent if the group doesn’t exist.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
GroupRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
<<>> |
Identity Providers
POST /admin/realms/{realm}/identity-provider/import-config
Import identity provider from JSON body
Description
Import identity provider from uploaded JSON file
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
request_body |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
Map[[string]] |
DELETE /admin/realms/{realm}/identity-provider/instances/{alias}
Delete the identity provider
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
alias |
null |
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/identity-provider/instances/{alias}/export
Export public broker configuration for identity provider
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
alias |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
format |
Format to use |
null |
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/identity-provider/instances/{alias}
Get the identity provider
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
alias |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
GET /admin/realms/{realm}/identity-provider/instances/{alias}/management/permissions
Return object stating whether client Authorization permissions have been initialized or not and a reference
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
alias |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/identity-provider/instances/{alias}/management/permissions
Return object stating whether client Authorization permissions have been initialized or not and a reference
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
alias |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
ManagementPermissionReference |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
GET /admin/realms/{realm}/identity-provider/instances/{alias}/mapper-types
Get mapper types for identity provider
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
alias |
null |
Content Type
-
*/*
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
GET /admin/realms/{realm}/identity-provider/instances/{alias}/mappers
Get mappers for identity provider
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
alias |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/identity-provider/instances/{alias}/mappers/{id}
Delete a mapper for the identity provider
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
alias |
null |
||
id |
Mapper id |
null |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/identity-provider/instances/{alias}/mappers/{id}
Get mapper by id for the identity provider
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
alias |
null |
||
id |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/identity-provider/instances/{alias}/mappers/{id}
Update a mapper for the identity provider
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
alias |
null |
||
id |
Mapper id |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
IdentityProviderMapperRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
POST /admin/realms/{realm}/identity-provider/instances/{alias}/mappers
Add a mapper to identity provider
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
alias |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
IdentityProviderMapperRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
<<>> |
PUT /admin/realms/{realm}/identity-provider/instances/{alias}
Update the identity provider
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
alias |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
IdentityProviderRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/identity-provider/instances/{alias}/reload-keys
Reaload keys for the identity provider if the provider supports it, \"true\" is returned if reload was performed, \"false\" if not.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
alias |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
GET /admin/realms/{realm}/identity-provider/instances
List identity providers
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
briefRepresentation |
Boolean which defines whether brief representations are returned (default: false) |
null |
|
first |
Pagination offset |
null |
|
max |
Maximum results size (defaults to 100) |
null |
|
search |
Filter specific providers by name. Search can be prefix (name*), contains (name) or exact ("name"). Default prefixed. |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
POST /admin/realms/{realm}/identity-provider/instances
Create a new identity provider
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
IdentityProviderRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/identity-provider/providers/{provider_id}
Get the identity provider factory for that provider id
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
provider_id |
The provider id to get the factory |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
Key
GET /admin/realms/{realm}/keys
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
Protocol Mappers
POST /admin/realms/{realm}/client-scopes/{client-scope-id}/protocol-mappers/add-models
Create multiple mappers
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-scope-id |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
ProtocolMapperRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/client-scopes/{client-scope-id}/protocol-mappers/models
Get mappers
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-scope-id |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/client-scopes/{client-scope-id}/protocol-mappers/models/{id}
Delete the mapper
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-scope-id |
null |
||
id |
Mapper id |
null |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/client-scopes/{client-scope-id}/protocol-mappers/models/{id}
Get mapper by id
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-scope-id |
null |
||
id |
Mapper id |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/client-scopes/{client-scope-id}/protocol-mappers/models/{id}
Update the mapper
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-scope-id |
null |
||
id |
Mapper id |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
ProtocolMapperRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
POST /admin/realms/{realm}/client-scopes/{client-scope-id}/protocol-mappers/models
Create a mapper
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-scope-id |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
ProtocolMapperRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/client-scopes/{client-scope-id}/protocol-mappers/protocol/{protocol}
Get mappers by name for a specific protocol
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-scope-id |
null |
||
protocol |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
POST /admin/realms/{realm}/client-templates/{client-scope-id}/protocol-mappers/add-models
Create multiple mappers
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-scope-id |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
ProtocolMapperRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/client-templates/{client-scope-id}/protocol-mappers/models
Get mappers
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-scope-id |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/client-templates/{client-scope-id}/protocol-mappers/models/{id}
Delete the mapper
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-scope-id |
null |
||
id |
Mapper id |
null |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/client-templates/{client-scope-id}/protocol-mappers/models/{id}
Get mapper by id
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-scope-id |
null |
||
id |
Mapper id |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/client-templates/{client-scope-id}/protocol-mappers/models/{id}
Update the mapper
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-scope-id |
null |
||
id |
Mapper id |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
ProtocolMapperRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
POST /admin/realms/{realm}/client-templates/{client-scope-id}/protocol-mappers/models
Create a mapper
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-scope-id |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
ProtocolMapperRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/client-templates/{client-scope-id}/protocol-mappers/protocol/{protocol}
Get mappers by name for a specific protocol
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-scope-id |
null |
||
protocol |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
POST /admin/realms/{realm}/clients/{client-uuid}/protocol-mappers/add-models
Create multiple mappers
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
ProtocolMapperRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/clients/{client-uuid}/protocol-mappers/models
Get mappers
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}/clients/{client-uuid}/protocol-mappers/models/{id}
Delete the mapper
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
id |
Mapper id |
null |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/clients/{client-uuid}/protocol-mappers/models/{id}
Get mapper by id
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
id |
Mapper id |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/clients/{client-uuid}/protocol-mappers/models/{id}
Update the mapper
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
id |
Mapper id |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
ProtocolMapperRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
POST /admin/realms/{realm}/clients/{client-uuid}/protocol-mappers/models
Create a mapper
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
ProtocolMapperRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/clients/{client-uuid}/protocol-mappers/protocol/{protocol}
Get mappers by name for a specific protocol
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
protocol |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
Realms Admin
GET /admin/realms
Get accessible realms Returns a list of accessible realms. The list is filtered based on what realms the caller is allowed to view.
Parameters
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
briefRepresentation |
false |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[RealmRepresentation] |
POST /admin/realms
Import a realm. Imports a realm from a full representation of that realm.
Description
Realm name must be unique.
Parameters
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
body |
Responses
Code | Message | Datatype |
---|---|---|
201 |
Created |
<<>> |
DELETE /admin/realms/{realm}/admin-events
Delete all admin events
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/admin-events
Get admin events Returns all admin events, or filters events based on URL query parameters listed here
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
authClient |
null |
||
authIpAddress |
null |
||
authRealm |
null |
||
authUser |
user id |
null |
|
dateFrom |
null |
||
dateTo |
null |
||
first |
null |
||
max |
Maximum results size (defaults to 100) |
null |
|
operationTypes |
null |
||
resourcePath |
null |
||
resourceTypes |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[AdminEventRepresentation] |
POST /admin/realms/{realm}/client-description-converter
Base path for importing clients under this realm.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
body |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
GET /admin/realms/{realm}/client-policies/policies
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
include-global-policies |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/client-policies/policies
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
ClientPoliciesRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/client-policies/profiles
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
include-global-profiles |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/client-policies/profiles
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
ClientProfilesRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/client-session-stats
Get client session stats Returns a JSON map.
Description
The key is the client id, the value is the number of sessions that currently are active with that client. Only clients that actually have a session associated with them will be in this map.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[[string]] |
GET /admin/realms/{realm}/client-types
List all client types available in the current realm
Description
This endpoint returns a list of both global and realm level client types and the attributes they set
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/client-types
Update a client type
Description
This endpoint allows you to update a realm level client type
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
ClientTypesRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/credential-registrators
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[[string]] |
DELETE /admin/realms/{realm}/default-default-client-scopes/{clientScopeId}
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
clientScopeId |
null |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
PUT /admin/realms/{realm}/default-default-client-scopes/{clientScopeId}
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
clientScopeId |
null |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/default-default-client-scopes
Get realm default client scopes. Only name and ids are returned.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
GET /admin/realms/{realm}/default-groups
Get group hierarchy. Only name and ids are returned.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[GroupRepresentation] |
DELETE /admin/realms/{realm}/default-groups/{groupId}
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
groupId |
null |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
PUT /admin/realms/{realm}/default-groups/{groupId}
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
groupId |
null |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
DELETE /admin/realms/{realm}/default-optional-client-scopes/{clientScopeId}
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
clientScopeId |
null |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
PUT /admin/realms/{realm}/default-optional-client-scopes/{clientScopeId}
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
clientScopeId |
null |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/default-optional-client-scopes
Get realm optional client scopes. Only name and ids are returned.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
DELETE /admin/realms/{realm}
Delete the realm
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/events/config
Get the events provider configuration Returns JSON object with events provider configuration
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/events/config
Description
Update the events provider Change the events provider and/or its configuration
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
RealmEventsConfigRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
DELETE /admin/realms/{realm}/events
Delete all events
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/events
Get events Returns all events, or filters them based on URL query parameters listed here
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
client |
App or oauth client name |
null |
|
dateFrom |
From date |
null |
|
dateTo |
To date |
null |
|
first |
Paging offset |
null |
|
ipAddress |
IP Address |
null |
|
max |
Maximum results size (defaults to 100) |
null |
|
type |
The types of events to return [String] |
null |
|
user |
User id |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[EventRepresentation] |
GET /admin/realms/{realm}
Get the top-level representation of the realm It will not include nested information like User and Client representations.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
GET /admin/realms/{realm}/group-by-path/{path}
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
path |
null |
/.*/ |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
GET /admin/realms/{realm}/localization
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[[string]] |
DELETE /admin/realms/{realm}/localization/{locale}
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
locale |
null |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/localization/{locale}
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
locale |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
useRealmDefaultLocaleFallback |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
Map[[string]] |
DELETE /admin/realms/{realm}/localization/{locale}/{key}
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
key |
null |
||
locale |
null |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/localization/{locale}/{key}
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
key |
null |
||
locale |
null |
Content Type
-
text/plain
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/localization/{locale}/{key}
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
key |
null |
||
locale |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
body |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
POST /admin/realms/{realm}/localization/{locale}
Import localization from uploaded JSON file
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
locale |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
request_body |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
POST /admin/realms/{realm}/logout-all
Removes all user sessions.
Description
Any client that has an admin url will also be told to invalidate any sessions they have.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
POST /admin/realms/{realm}/partial-export
Partial export of existing realm into a JSON file.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
exportClients |
null |
||
exportGroupsAndRoles |
null |
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
<<>> |
POST /admin/realms/{realm}/partialImport
Partial import from a JSON file to an existing realm.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
body |
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
<<>> |
POST /admin/realms/{realm}/push-revocation
Push the realm’s revocation policy to any client that has an admin url associated with it.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
PUT /admin/realms/{realm}
Update the top-level information of the realm Any user, roles or client information in the representation will be ignored.
Description
This will only update top-level attributes of the realm.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
RealmRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
<<>> |
DELETE /admin/realms/{realm}/sessions/{session}
Remove a specific user session.
Description
Any client that has an admin url will also be told to invalidate this particular session.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
session |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
isOffline |
false |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
POST /admin/realms/{realm}/testSMTPConnection
Test SMTP connection with current logged in user
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
request_body |
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/users-management-permissions
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/users-management-permissions
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
ManagementPermissionReference |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
Role Mapper
GET /admin/realms/{realm}/groups/{group-id}/role-mappings
Get role mappings
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
group-id |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
GET /admin/realms/{realm}/groups/{group-id}/role-mappings/realm/available
Get realm-level roles that can be mapped
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
group-id |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[RoleRepresentation] |
GET /admin/realms/{realm}/groups/{group-id}/role-mappings/realm/composite
Get effective realm-level role mappings This will recurse all composite roles to get the result.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
group-id |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
briefRepresentation |
if false, return roles with their attributes |
true |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[RoleRepresentation] |
DELETE /admin/realms/{realm}/groups/{group-id}/role-mappings/realm
Delete realm-level role mappings
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
group-id |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
RoleRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/groups/{group-id}/role-mappings/realm
Get realm-level role mappings
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
group-id |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[RoleRepresentation] |
POST /admin/realms/{realm}/groups/{group-id}/role-mappings/realm
Add realm-level role mappings to the user
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
group-id |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
RoleRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/users/{user-id}/role-mappings
Get role mappings
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
user-id |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
GET /admin/realms/{realm}/users/{user-id}/role-mappings/realm/available
Get realm-level roles that can be mapped
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
user-id |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[RoleRepresentation] |
GET /admin/realms/{realm}/users/{user-id}/role-mappings/realm/composite
Get effective realm-level role mappings This will recurse all composite roles to get the result.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
user-id |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
briefRepresentation |
if false, return roles with their attributes |
true |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[RoleRepresentation] |
DELETE /admin/realms/{realm}/users/{user-id}/role-mappings/realm
Delete realm-level role mappings
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
user-id |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
RoleRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/users/{user-id}/role-mappings/realm
Get realm-level role mappings
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
user-id |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[RoleRepresentation] |
POST /admin/realms/{realm}/users/{user-id}/role-mappings/realm
Add realm-level role mappings to the user
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
user-id |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
RoleRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
Roles
GET /admin/realms/{realm}/clients/{client-uuid}/roles
Get all roles for the realm or client
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
briefRepresentation |
true |
||
first |
null |
||
max |
null |
||
search |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[RoleRepresentation] |
POST /admin/realms/{realm}/clients/{client-uuid}/roles
Create a new role for the realm or client
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
RoleRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/clients/{client-uuid}/roles/{role-name}/composites/clients/{client-uuid}
Get client-level roles for the client that are in the role’s composite
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
null |
||
role-name |
role's name (not id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[RoleRepresentation] |
DELETE /admin/realms/{realm}/clients/{client-uuid}/roles/{role-name}/composites
Remove roles from the role’s composite
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
role-name |
role's name (not id!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
RoleRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/clients/{client-uuid}/roles/{role-name}/composites
Get composites of the role
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
role-name |
role's name (not id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[RoleRepresentation] |
POST /admin/realms/{realm}/clients/{client-uuid}/roles/{role-name}/composites
Add a composite to the role
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
role-name |
role's name (not id!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
RoleRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/clients/{client-uuid}/roles/{role-name}/composites/realm
Get realm-level roles of the role’s composite
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
role-name |
role's name (not id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[RoleRepresentation] |
DELETE /admin/realms/{realm}/clients/{client-uuid}/roles/{role-name}
Delete a role by name
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
role-name |
role's name (not id!) |
null |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/clients/{client-uuid}/roles/{role-name}
Get a role by name
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
role-name |
role's name (not id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
GET /admin/realms/{realm}/clients/{client-uuid}/roles/{role-name}/groups
Returns a stream of groups that have the specified role name
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
role-name |
the role name. |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
briefRepresentation |
if false, return a full representation of the {@code GroupRepresentation} objects. |
true |
|
first |
first result to return. Ignored if negative or {@code null}. |
null |
|
max |
maximum number of results to return. Ignored if negative or {@code null}. |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[GroupRepresentation] |
GET /admin/realms/{realm}/clients/{client-uuid}/roles/{role-name}/management/permissions
Return object stating whether role Authorization permissions have been initialized or not and a reference
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
role-name |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/clients/{client-uuid}/roles/{role-name}/management/permissions
Return object stating whether role Authorization permissions have been initialized or not and a reference
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
role-name |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
ManagementPermissionReference |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/clients/{client-uuid}/roles/{role-name}
Update a role by name
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
role-name |
role's name (not id!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
RoleRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/clients/{client-uuid}/roles/{role-name}/users
Returns a stream of users that have the specified role name.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
role-name |
the role name. |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
first |
first result to return. Ignored if negative or {@code null}. |
null |
|
max |
maximum number of results to return. Ignored if negative or {@code null}. |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[UserRepresentation] |
GET /admin/realms/{realm}/roles
Get all roles for the realm or client
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
briefRepresentation |
true |
||
first |
null |
||
max |
null |
||
search |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[RoleRepresentation] |
POST /admin/realms/{realm}/roles
Create a new role for the realm or client
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
RoleRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/roles/{role-name}/composites/clients/{client-uuid}
Get client-level roles for the client that are in the role’s composite
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
null |
||
role-name |
role's name (not id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[RoleRepresentation] |
DELETE /admin/realms/{realm}/roles/{role-name}/composites
Remove roles from the role’s composite
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
role-name |
role's name (not id!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
RoleRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/roles/{role-name}/composites
Get composites of the role
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
role-name |
role's name (not id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[RoleRepresentation] |
POST /admin/realms/{realm}/roles/{role-name}/composites
Add a composite to the role
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
role-name |
role's name (not id!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
RoleRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/roles/{role-name}/composites/realm
Get realm-level roles of the role’s composite
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
role-name |
role's name (not id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[RoleRepresentation] |
DELETE /admin/realms/{realm}/roles/{role-name}
Delete a role by name
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
role-name |
role's name (not id!) |
null |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/roles/{role-name}
Get a role by name
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
role-name |
role's name (not id!) |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
GET /admin/realms/{realm}/roles/{role-name}/groups
Returns a stream of groups that have the specified role name
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
role-name |
the role name. |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
briefRepresentation |
if false, return a full representation of the {@code GroupRepresentation} objects. |
true |
|
first |
first result to return. Ignored if negative or {@code null}. |
null |
|
max |
maximum number of results to return. Ignored if negative or {@code null}. |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[GroupRepresentation] |
GET /admin/realms/{realm}/roles/{role-name}/management/permissions
Return object stating whether role Authorization permissions have been initialized or not and a reference
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
role-name |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/roles/{role-name}/management/permissions
Return object stating whether role Authorization permissions have been initialized or not and a reference
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
role-name |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
ManagementPermissionReference |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/roles/{role-name}
Update a role by name
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
role-name |
role's name (not id!) |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
RoleRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
<<>> |
GET /admin/realms/{realm}/roles/{role-name}/users
Returns a stream of users that have the specified role name.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
role-name |
the role name. |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
first |
first result to return. Ignored if negative or {@code null}. |
null |
|
max |
maximum number of results to return. Ignored if negative or {@code null}. |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[UserRepresentation] |
Roles (by ID)
GET /admin/realms/{realm}/roles-by-id/{role-id}/composites/clients/{clientUuid}
Get client-level roles for the client that are in the role’s composite
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
clientUuid |
null |
||
role-id |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[RoleRepresentation] |
DELETE /admin/realms/{realm}/roles-by-id/{role-id}/composites
Remove a set of roles from the role’s composite
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
role-id |
Role id |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
RoleRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/roles-by-id/{role-id}/composites
Get role’s children Returns a set of role’s children provided the role is a composite.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
role-id |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
first |
null |
||
max |
null |
||
search |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[RoleRepresentation] |
POST /admin/realms/{realm}/roles-by-id/{role-id}/composites
Make the role a composite role by associating some child roles
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
role-id |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
RoleRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/roles-by-id/{role-id}/composites/realm
Get realm-level roles that are in the role’s composite
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
role-id |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[RoleRepresentation] |
DELETE /admin/realms/{realm}/roles-by-id/{role-id}
Delete the role
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
role-id |
id of role |
null |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/roles-by-id/{role-id}
Get a specific role’s representation
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
role-id |
id of role |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
GET /admin/realms/{realm}/roles-by-id/{role-id}/management/permissions
Return object stating whether role Authorization permissions have been initialized or not and a reference
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
role-id |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/roles-by-id/{role-id}/management/permissions
Return object stating whether role Authorization permissions have been initialized or not and a reference
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
role-id |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
ManagementPermissionReference |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
PUT /admin/realms/{realm}/roles-by-id/{role-id}
Update the role
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
role-id |
id of role |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
RoleRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
Scope Mappings
GET /admin/realms/{realm}/client-scopes/{client-scope-id}/scope-mappings/clients/{client}/available
The available client-level roles Returns the roles for the client that can be associated with the client’s scope
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-scope-id |
null |
||
client |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[RoleRepresentation] |
GET /admin/realms/{realm}/client-scopes/{client-scope-id}/scope-mappings/clients/{client}/composite
Get effective client roles Returns the roles for the client that are associated with the client’s scope.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-scope-id |
null |
||
client |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
briefRepresentation |
if false, return roles with their attributes |
true |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[RoleRepresentation] |
DELETE /admin/realms/{realm}/client-scopes/{client-scope-id}/scope-mappings/clients/{client}
Remove client-level roles from the client’s scope.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-scope-id |
null |
||
client |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
RoleRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/client-scopes/{client-scope-id}/scope-mappings/clients/{client}
Get the roles associated with a client’s scope Returns roles for the client.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-scope-id |
null |
||
client |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[RoleRepresentation] |
POST /admin/realms/{realm}/client-scopes/{client-scope-id}/scope-mappings/clients/{client}
Add client-level roles to the client’s scope
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-scope-id |
null |
||
client |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
RoleRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/client-scopes/{client-scope-id}/scope-mappings
Get all scope mappings for the client
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-scope-id |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
GET /admin/realms/{realm}/client-scopes/{client-scope-id}/scope-mappings/realm/available
Get realm-level roles that are available to attach to this client’s scope
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-scope-id |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[RoleRepresentation] |
GET /admin/realms/{realm}/client-scopes/{client-scope-id}/scope-mappings/realm/composite
Get effective realm-level roles associated with the client’s scope What this does is recurse any composite roles associated with the client’s scope and adds the roles to this lists.
Description
The method is really to show a comprehensive total view of realm-level roles associated with the client.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-scope-id |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
briefRepresentation |
if false, return roles with their attributes |
true |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[RoleRepresentation] |
DELETE /admin/realms/{realm}/client-scopes/{client-scope-id}/scope-mappings/realm
Remove a set of realm-level roles from the client’s scope
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-scope-id |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
RoleRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/client-scopes/{client-scope-id}/scope-mappings/realm
Get realm-level roles associated with the client’s scope
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-scope-id |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[RoleRepresentation] |
POST /admin/realms/{realm}/client-scopes/{client-scope-id}/scope-mappings/realm
Add a set of realm-level roles to the client’s scope
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-scope-id |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
RoleRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/client-templates/{client-scope-id}/scope-mappings/clients/{client}/available
The available client-level roles Returns the roles for the client that can be associated with the client’s scope
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-scope-id |
null |
||
client |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[RoleRepresentation] |
GET /admin/realms/{realm}/client-templates/{client-scope-id}/scope-mappings/clients/{client}/composite
Get effective client roles Returns the roles for the client that are associated with the client’s scope.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-scope-id |
null |
||
client |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
briefRepresentation |
if false, return roles with their attributes |
true |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[RoleRepresentation] |
DELETE /admin/realms/{realm}/client-templates/{client-scope-id}/scope-mappings/clients/{client}
Remove client-level roles from the client’s scope.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-scope-id |
null |
||
client |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
RoleRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/client-templates/{client-scope-id}/scope-mappings/clients/{client}
Get the roles associated with a client’s scope Returns roles for the client.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-scope-id |
null |
||
client |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[RoleRepresentation] |
POST /admin/realms/{realm}/client-templates/{client-scope-id}/scope-mappings/clients/{client}
Add client-level roles to the client’s scope
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-scope-id |
null |
||
client |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
RoleRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/client-templates/{client-scope-id}/scope-mappings
Get all scope mappings for the client
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-scope-id |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
GET /admin/realms/{realm}/client-templates/{client-scope-id}/scope-mappings/realm/available
Get realm-level roles that are available to attach to this client’s scope
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-scope-id |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[RoleRepresentation] |
GET /admin/realms/{realm}/client-templates/{client-scope-id}/scope-mappings/realm/composite
Get effective realm-level roles associated with the client’s scope What this does is recurse any composite roles associated with the client’s scope and adds the roles to this lists.
Description
The method is really to show a comprehensive total view of realm-level roles associated with the client.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-scope-id |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
briefRepresentation |
if false, return roles with their attributes |
true |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[RoleRepresentation] |
DELETE /admin/realms/{realm}/client-templates/{client-scope-id}/scope-mappings/realm
Remove a set of realm-level roles from the client’s scope
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-scope-id |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
RoleRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/client-templates/{client-scope-id}/scope-mappings/realm
Get realm-level roles associated with the client’s scope
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-scope-id |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[RoleRepresentation] |
POST /admin/realms/{realm}/client-templates/{client-scope-id}/scope-mappings/realm
Add a set of realm-level roles to the client’s scope
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-scope-id |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
RoleRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/clients/{client-uuid}/scope-mappings/clients/{client}/available
The available client-level roles Returns the roles for the client that can be associated with the client’s scope
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
client |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[RoleRepresentation] |
GET /admin/realms/{realm}/clients/{client-uuid}/scope-mappings/clients/{client}/composite
Get effective client roles Returns the roles for the client that are associated with the client’s scope.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
client |
null |
Query Parameters
Name | Description | Default | Pattern |
---|---|---|---|
briefRepresentation |
if false, return roles with their attributes |
true |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[RoleRepresentation] |
DELETE /admin/realms/{realm}/clients/{client-uuid}/scope-mappings/clients/{client}
Remove client-level roles from the client’s scope.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
client |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
RoleRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/clients/{client-uuid}/scope-mappings/clients/{client}
Get the roles associated with a client’s scope Returns roles for the client.
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
client |
null |
Content Type
-
application/json
Responses
Code | Message | Datatype |
---|---|---|
200 |
OK |
List[RoleRepresentation] |
POST /admin/realms/{realm}/clients/{client-uuid}/scope-mappings/clients/{client}
Add client-level roles to the client’s scope
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|
realm |
realm name (not id!) |
null |
|
client-uuid |
id of client (not client-id!) |
null |
|
client |
null |
Body Parameter
Name | Description | Default | Pattern |
---|---|---|---|
RoleRepresentation |
Responses
Code | Message | Datatype |
---|---|---|
204 |
No Content |
<<>> |
GET /admin/realms/{realm}/clients/{client-uuid}/scope-mappings
Get all scope mappings for the client
Parameters
Path Parameters
Name | Description | Default | Pattern |
---|---|---|---|