Keycloak Admin REST API

Tools (283)

Extracted live via the executor SDK.

• attackDetection.deleteRealmAttackDetectionBruteForceUsers

  Clear any user login failures for all users This can release temporary disabled users

• attackDetection.deleteRealmAttackDetectionBruteForceUsersUserId

  Clear any user login failures for the user This can release temporary disabled user

• attackDetection.getRealmAttackDetectionBruteForceUsersUserId

  Get status of a username in brute force detection

• authenticationManagement.deleteRealmAuthenticationConfigId

  Delete authenticator configuration

• authenticationManagement.deleteRealmAuthenticationExecutionsExecutionId

  Delete execution

• authenticationManagement.deleteRealmAuthenticationFlowsId

  Delete an authentication flow

• authenticationManagement.deleteRealmAuthenticationRequiredActionsAlias

  Delete required action

• authenticationManagement.getRealmAuthenticationAuthenticatorProviders

  Get authenticator providers Returns a list of authenticator providers.

• authenticationManagement.getRealmAuthenticationClientAuthenticatorProviders

  Get client authenticator providers Returns a list of client authenticator providers.

• authenticationManagement.getRealmAuthenticationConfigDescriptionProviderId

  Get authenticator provider’s configuration description

• authenticationManagement.getRealmAuthenticationConfigId

  Get authenticator configuration

• authenticationManagement.getRealmAuthenticationExecutionsExecutionId

  Get Single Execution

• authenticationManagement.getRealmAuthenticationFlows

  Get authentication flows Returns a list of authentication flows.

• authenticationManagement.getRealmAuthenticationFlowsFlowAliasExecutions

  Get authentication executions for a flow

• authenticationManagement.getRealmAuthenticationFlowsId

  Get authentication flow for id

• authenticationManagement.getRealmAuthenticationFormActionProviders

  Get form action providers Returns a list of form action providers.

• authenticationManagement.getRealmAuthenticationFormProviders

  Get form providers Returns a list of form providers.

• authenticationManagement.getRealmAuthenticationPerClientConfigDescription

  Get configuration descriptions for all clients

• authenticationManagement.getRealmAuthenticationRequiredActions

  Get required actions Returns a list of required actions.

• authenticationManagement.getRealmAuthenticationRequiredActionsAlias

  Get required action for alias

• authenticationManagement.getRealmAuthenticationUnregisteredRequiredActions

  Get unregistered required actions Returns a list of unregistered required actions.

• authenticationManagement.postRealmAuthenticationExecutions

  Add new authentication execution

• authenticationManagement.postRealmAuthenticationExecutionsExecutionIdConfig

  Update execution with new configuration

• authenticationManagement.postRealmAuthenticationExecutionsExecutionIdLowerPriority

  Lower execution’s priority

• authenticationManagement.postRealmAuthenticationExecutionsExecutionIdRaisePriority

  Raise execution’s priority

• authenticationManagement.postRealmAuthenticationFlows

  Create a new authentication flow

• authenticationManagement.postRealmAuthenticationFlowsFlowAliasCopy

  Copy existing authentication flow under a new name The new name is given as 'newName' attribute of the passed JSON object

• authenticationManagement.postRealmAuthenticationFlowsFlowAliasExecutionsExecution

  Add new authentication execution to a flow

• authenticationManagement.postRealmAuthenticationFlowsFlowAliasExecutionsFlow

  Add new flow with new execution to existing flow

• authenticationManagement.postRealmAuthenticationRegisterRequiredAction

  Register a new required actions

• authenticationManagement.postRealmAuthenticationRequiredActionsAliasLowerPriority

  Lower required action’s priority

• authenticationManagement.postRealmAuthenticationRequiredActionsAliasRaisePriority

  Raise required action’s priority

• authenticationManagement.putRealmAuthenticationConfigId

  Update authenticator configuration

• authenticationManagement.putRealmAuthenticationFlowsFlowAliasExecutions

  Update authentication executions of a flow

• authenticationManagement.putRealmAuthenticationFlowsId

  Update an authentication flow

• authenticationManagement.putRealmAuthenticationRequiredActionsAlias

  Update required action

• clientAttributeCertificate.getRealmClientsIdCertificatesAttr

  Get key info

• clientAttributeCertificate.postRealmClientsIdCertificatesAttrDownload

  Get a keystore file for the client, containing private key and public certificate

• clientAttributeCertificate.postRealmClientsIdCertificatesAttrGenerate

  Generate a new certificate with new key pair

• clientAttributeCertificate.postRealmClientsIdCertificatesAttrGenerateAndDownload

  Generate a new keypair and certificate, and get the private key file Generates a keypair and certificate and serves the private key in a specified keystore format.

• clientAttributeCertificate.postRealmClientsIdCertificatesAttrUpload

  Upload certificate and eventually private key

• clientAttributeCertificate.postRealmClientsIdCertificatesAttrUploadCertificate

  Upload only certificate, not private key

• clientInitialAccess.deleteRealmClientsInitialAccessId

  DELETE /{realm}/clients-initial-access/{id}

• clientInitialAccess.getRealmClientsInitialAccess

  GET /{realm}/clients-initial-access

• clientInitialAccess.postRealmClientsInitialAccess

  Create a new initial access token.

• clientRegistrationPolicy.getRealmClientRegistrationPolicyProviders

  Base path for retrieve providers with the configProperties properly filled

• clientRoleMappings.deleteRealmGroupsIdRoleMappingsClientsClient

  Delete client-level roles from user role mapping

• clientRoleMappings.deleteRealmUsersIdRoleMappingsClientsClient

  Delete client-level roles from user role mapping

• clientRoleMappings.getRealmGroupsIdRoleMappingsClientsClient

  Get client-level role mappings for the user, and the app

• clientRoleMappings.getRealmGroupsIdRoleMappingsClientsClientAvailable

  Get available client-level roles that can be mapped to the user

• clientRoleMappings.getRealmGroupsIdRoleMappingsClientsClientComposite

  Get effective client-level role mappings This recurses any composite roles

• clientRoleMappings.getRealmUsersIdRoleMappingsClientsClient

  Get client-level role mappings for the user, and the app

• clientRoleMappings.getRealmUsersIdRoleMappingsClientsClientAvailable

  Get available client-level roles that can be mapped to the user

• clientRoleMappings.getRealmUsersIdRoleMappingsClientsClientComposite

  Get effective client-level role mappings This recurses any composite roles

• clientRoleMappings.postRealmGroupsIdRoleMappingsClientsClient

  Add client-level roles to the user role mapping

• clientRoleMappings.postRealmUsersIdRoleMappingsClientsClient

  Add client-level roles to the user role mapping

• clients.deleteRealmClientsId

  Delete the client

• clients.deleteRealmClientsIdDefaultClientScopesClientScopeId

  DELETE /{realm}/clients/{id}/default-client-scopes/{clientScopeId}

• clients.deleteRealmClientsIdNodesNode

  Unregister a cluster node from the client

• clients.deleteRealmClientsIdOptionalClientScopesClientScopeId

  DELETE /{realm}/clients/{id}/optional-client-scopes/{clientScopeId}

• clients.getRealmClients

  Get clients belonging to the realm Returns a list of clients belonging to the realm

• clients.getRealmClientsId

  Get representation of the client

• clients.getRealmClientsIdClientSecret

  Get the client secret

• clients.getRealmClientsIdDefaultClientScopes

  Get default client scopes.

• clients.getRealmClientsIdEvaluateScopesGenerateExampleAccessToken

  Create JSON with payload of example access token

• clients.getRealmClientsIdEvaluateScopesProtocolMappers

  Return list of all protocol mappers, which will be used when generating tokens issued for particular client.

• clients.getRealmClientsIdEvaluateScopesScopeMappingsRoleContainerIdGranted

  Get effective scope mapping of all roles of particular role container, which this client is defacto allowed to have in the accessToken issued for him.

• clients.getRealmClientsIdEvaluateScopesScopeMappingsRoleContainerIdNotGranted

  Get roles, which this client doesn’t have scope for and can’t have them in the accessToken issued for him.

• clients.getRealmClientsIdInstallationProvidersProviderId

  GET /{realm}/clients/{id}/installation/providers/{providerId}

• clients.getRealmClientsIdManagementPermissions

  Return object stating whether client Authorization permissions have been initialized or not and a reference

• clients.getRealmClientsIdOfflineSessionCount

  Get application offline session count Returns a number of offline user sessions associated with this client { "count": number }

• clients.getRealmClientsIdOfflineSessions

  Get offline sessions for client Returns a list of offline user sessions associated with this client

• clients.getRealmClientsIdOptionalClientScopes

  Get optional client scopes.

• clients.getRealmClientsIdServiceAccountUser

  Get a user dedicated to the service account

• clients.getRealmClientsIdSessionCount

  Get application session count Returns a number of user sessions associated with this client { "count": number }

• clients.getRealmClientsIdTestNodesAvailable

  Test if registered cluster nodes are available Tests availability by sending 'ping' request to all cluster nodes.

• clients.getRealmClientsIdUserSessions

  Get user sessions for client Returns a list of user sessions associated with this client

• clients.postRealmClients

  Create a new client Client’s client_id must be unique!

• clients.postRealmClientsIdClientSecret

  Generate a new secret for the client

• clients.postRealmClientsIdNodes

  Register a cluster node with the client Manually register cluster node to this client - usually it’s not needed to call this directly as adapter should handle by sending registration request to Keycloak

• clients.postRealmClientsIdPushRevocation

  Push the client’s revocation policy to its admin URL If the client has an admin URL, push revocation policy to it.

• clients.postRealmClientsIdRegistrationAccessToken

  Generate a new registration access token for the client

• clients.putRealmClientsId

  Update the client

• clients.putRealmClientsIdDefaultClientScopesClientScopeId

  PUT /{realm}/clients/{id}/default-client-scopes/{clientScopeId}

• clients.putRealmClientsIdManagementPermissions

  Return object stating whether client Authorization permissions have been initialized or not and a reference

• clients.putRealmClientsIdOptionalClientScopesClientScopeId

  PUT /{realm}/clients/{id}/optional-client-scopes/{clientScopeId}

• clientScopes.deleteRealmClientScopesId

  Delete the client scope

• clientScopes.getRealmClientScopes

  Get client scopes belonging to the realm Returns a list of client scopes belonging to the realm

• clientScopes.getRealmClientScopesId

  Get representation of the client scope

• clientScopes.postRealmClientScopes

  Create a new client scope Client Scope’s name must be unique!

• clientScopes.putRealmClientScopesId

  Update the client scope

• component.deleteRealmComponentsId

  DELETE /{realm}/components/{id}

• component.getRealmComponents

  GET /{realm}/components

• component.getRealmComponentsId

  GET /{realm}/components/{id}

• component.getRealmComponentsIdSubComponentTypes

  List of subcomponent types that are available to configure for a particular parent component.

• component.postRealmComponents

  POST /{realm}/components

• component.putRealmComponentsId

  PUT /{realm}/components/{id}

• groups.deleteRealmGroupsId

  DELETE /{realm}/groups/{id}

• groups.getRealmGroups

  Get group hierarchy.

• groups.getRealmGroupsCount

  Returns the groups counts.

• groups.getRealmGroupsId

  GET /{realm}/groups/{id}

• groups.getRealmGroupsIdManagementPermissions

  Return object stating whether client Authorization permissions have been initialized or not and a reference

• groups.getRealmGroupsIdMembers

  Get users Returns a list of users, filtered according to query parameters

• groups.postRealmGroups

  create or add a top level realm groupSet or create child.

• groups.postRealmGroupsIdChildren

  Set or create child.

• groups.putRealmGroupsId

  Update group, ignores subgroups.

• groups.putRealmGroupsIdManagementPermissions

  Return object stating whether client Authorization permissions have been initialized or not and a reference

• identityProviders.deleteRealmIdentityProviderInstancesAlias

  Delete the identity provider

• identityProviders.deleteRealmIdentityProviderInstancesAliasMappersId

  Delete a mapper for the identity provider

• identityProviders.getRealmIdentityProviderInstances

  Get identity providers

• identityProviders.getRealmIdentityProviderInstancesAlias

  Get the identity provider

• identityProviders.getRealmIdentityProviderInstancesAliasExport

  Export public broker configuration for identity provider

• identityProviders.getRealmIdentityProviderInstancesAliasManagementPermissions

  Return object stating whether client Authorization permissions have been initialized or not and a reference

• identityProviders.getRealmIdentityProviderInstancesAliasMappers

  Get mappers for identity provider

• identityProviders.getRealmIdentityProviderInstancesAliasMappersId

  Get mapper by id for the identity provider

• identityProviders.getRealmIdentityProviderInstancesAliasMapperTypes

  Get mapper types for identity provider

• identityProviders.getRealmIdentityProviderProvidersProviderId

  Get identity providers

• identityProviders.postRealmIdentityProviderImportConfig

  Import identity provider from uploaded JSON file

• identityProviders.postRealmIdentityProviderInstances

  Create a new identity provider

• identityProviders.postRealmIdentityProviderInstancesAliasMappers

  Add a mapper to identity provider

• identityProviders.putRealmIdentityProviderInstancesAlias

  Update the identity provider

• identityProviders.putRealmIdentityProviderInstancesAliasManagementPermissions

  Return object stating whether client Authorization permissions have been initialized or not and a reference

• identityProviders.putRealmIdentityProviderInstancesAliasMappersId

  Update a mapper for the identity provider

• key.getRealmKeys

  GET /{realm}/keys

• protocolMappers.deleteRealmClientScopesId1ProtocolMappersModelsId2

  Delete the mapper

• protocolMappers.deleteRealmClientsId1ProtocolMappersModelsId2

  Delete the mapper

• protocolMappers.getRealmClientScopesId1ProtocolMappersModelsId2

  Get mapper by id

• protocolMappers.getRealmClientScopesIdProtocolMappersModels

  Get mappers

• protocolMappers.getRealmClientScopesIdProtocolMappersProtocolProtocol

  Get mappers by name for a specific protocol

• protocolMappers.getRealmClientsId1ProtocolMappersModelsId2

  Get mapper by id

• protocolMappers.getRealmClientsIdProtocolMappersModels

  Get mappers

• protocolMappers.getRealmClientsIdProtocolMappersProtocolProtocol

  Get mappers by name for a specific protocol

• protocolMappers.postRealmClientScopesIdProtocolMappersAddModels

  Create multiple mappers

• protocolMappers.postRealmClientScopesIdProtocolMappersModels

  Create a mapper

• protocolMappers.postRealmClientsIdProtocolMappersAddModels

  Create multiple mappers

• protocolMappers.postRealmClientsIdProtocolMappersModels

  Create a mapper

• protocolMappers.putRealmClientScopesId1ProtocolMappersModelsId2

  Update the mapper

• protocolMappers.putRealmClientsId1ProtocolMappersModelsId2

  Update the mapper

• realmsAdmin.deleteRealm

  Delete the realm

• realmsAdmin.deleteRealmAdminEvents

  Delete all admin events

• realmsAdmin.deleteRealmDefaultDefaultClientScopesClientScopeId

  DELETE /{realm}/default-default-client-scopes/{clientScopeId}

• realmsAdmin.deleteRealmDefaultGroupsGroupId

  DELETE /{realm}/default-groups/{groupId}

• realmsAdmin.deleteRealmDefaultOptionalClientScopesClientScopeId

  DELETE /{realm}/default-optional-client-scopes/{clientScopeId}

• realmsAdmin.deleteRealmEvents

  Delete all events

• realmsAdmin.deleteRealmSessionsSession

  Remove a specific user session.

• realmsAdmin.getRealm

  Get the top-level representation of the realm It will not include nested information like User and Client representations.

• realmsAdmin.getRealmAdminEvents

  Get admin events Returns all admin events, or filters events based on URL query parameters listed here

• realmsAdmin.getRealmClientSessionStats

  Get client session stats Returns a JSON map.

• realmsAdmin.getRealmCredentialRegistrators

  GET /{realm}/credential-registrators

• realmsAdmin.getRealmDefaultDefaultClientScopes

  Get realm default client scopes.

• realmsAdmin.getRealmDefaultGroups

  Get group hierarchy.

• realmsAdmin.getRealmDefaultOptionalClientScopes

  Get realm optional client scopes.

• realmsAdmin.getRealmEvents

  Get events Returns all events, or filters them based on URL query parameters listed here

• realmsAdmin.getRealmEventsConfig

  Get the events provider configuration Returns JSON object with events provider configuration

• realmsAdmin.getRealmGroupByPathPath

  GET /{realm}/group-by-path/{path}

• realmsAdmin.getRealmUsersManagementPermissions

  GET /{realm}/users-management-permissions

• realmsAdmin.post

  Import a realm Imports a realm from a full representation of that realm.

• realmsAdmin.postRealmClearKeysCache

  Clear cache of external public keys (Public keys of clients or Identity providers)

• realmsAdmin.postRealmClearRealmCache

  Clear realm cache

• realmsAdmin.postRealmClearUserCache

  Clear user cache

• realmsAdmin.postRealmClientDescriptionConverter

  Base path for importing clients under this realm.

• realmsAdmin.postRealmLogoutAll

  Removes all user sessions.

• realmsAdmin.postRealmPartialExport

  Partial export of existing realm into a JSON file.

• realmsAdmin.postRealmPartialImport

  Partial import from a JSON file to an existing realm.

• realmsAdmin.postRealmPushRevocation

  Push the realm’s revocation policy to any client that has an admin url associated with it.

• realmsAdmin.postRealmTestLdapConnection

  Test LDAP connection

• realmsAdmin.postRealmTestSmtpConnection

  POST /{realm}/testSMTPConnection

• realmsAdmin.putRealm

  Update the top-level information of the realm Any user, roles or client information in the representation will be ignored.

• realmsAdmin.putRealmDefaultDefaultClientScopesClientScopeId

  PUT /{realm}/default-default-client-scopes/{clientScopeId}

• realmsAdmin.putRealmDefaultGroupsGroupId

  PUT /{realm}/default-groups/{groupId}

• realmsAdmin.putRealmDefaultOptionalClientScopesClientScopeId

  PUT /{realm}/default-optional-client-scopes/{clientScopeId}

• realmsAdmin.putRealmEventsConfig

  Update the events provider Change the events provider and/or its configuration

• realmsAdmin.putRealmUsersManagementPermissions

  PUT /{realm}/users-management-permissions

• roleMapper.deleteRealmGroupsIdRoleMappingsRealm

  Delete realm-level role mappings

• roleMapper.deleteRealmUsersIdRoleMappingsRealm

  Delete realm-level role mappings

• roleMapper.getRealmGroupsIdRoleMappings

  Get role mappings

• roleMapper.getRealmGroupsIdRoleMappingsRealm

  Get realm-level role mappings

• roleMapper.getRealmGroupsIdRoleMappingsRealmAvailable

  Get realm-level roles that can be mapped

• roleMapper.getRealmGroupsIdRoleMappingsRealmComposite

  Get effective realm-level role mappings This will recurse all composite roles to get the result.

• roleMapper.getRealmUsersIdRoleMappings

  Get role mappings

• roleMapper.getRealmUsersIdRoleMappingsRealm

  Get realm-level role mappings

• roleMapper.getRealmUsersIdRoleMappingsRealmAvailable

  Get realm-level roles that can be mapped

• roleMapper.getRealmUsersIdRoleMappingsRealmComposite

  Get effective realm-level role mappings This will recurse all composite roles to get the result.

• roleMapper.postRealmGroupsIdRoleMappingsRealm

  Add realm-level role mappings to the user

• roleMapper.postRealmUsersIdRoleMappingsRealm

  Add realm-level role mappings to the user

• roles.deleteRealmClientsIdRolesRoleName

  Delete a role by name

• roles.deleteRealmClientsIdRolesRoleNameComposites

  Remove roles from the role’s composite

• roles.deleteRealmRolesRoleName

  Delete a role by name

• roles.deleteRealmRolesRoleNameComposites

  Remove roles from the role’s composite

• roles.getRealmClientsIdRoles

  Get all roles for the realm or client

• roles.getRealmClientsIdRolesRoleName

  Get a role by name

• roles.getRealmClientsIdRolesRoleNameComposites

  Get composites of the role

• roles.getRealmClientsIdRolesRoleNameCompositesClientsClient

  An app-level roles for the specified app for the role’s composite

• roles.getRealmClientsIdRolesRoleNameCompositesRealm

  Get realm-level roles of the role’s composite

• roles.getRealmClientsIdRolesRoleNameGroups

  Return List of Groups that have the specified role name

• roles.getRealmClientsIdRolesRoleNameManagementPermissions

  Return object stating whether role Authoirzation permissions have been initialized or not and a reference

• roles.getRealmClientsIdRolesRoleNameUsers

  Return List of Users that have the specified role name

• roles.getRealmRoles

  Get all roles for the realm or client

• roles.getRealmRolesRoleName

  Get a role by name

• roles.getRealmRolesRoleNameComposites

  Get composites of the role

• roles.getRealmRolesRoleNameCompositesClientsClient

  An app-level roles for the specified app for the role’s composite

• roles.getRealmRolesRoleNameCompositesRealm

  Get realm-level roles of the role’s composite

• roles.getRealmRolesRoleNameGroups

  Return List of Groups that have the specified role name

• roles.getRealmRolesRoleNameManagementPermissions

  Return object stating whether role Authoirzation permissions have been initialized or not and a reference

• roles.getRealmRolesRoleNameUsers

  Return List of Users that have the specified role name

• roles.postRealmClientsIdRoles

  Create a new role for the realm or client

• roles.postRealmClientsIdRolesRoleNameComposites

  Add a composite to the role

• roles.postRealmRoles

  Create a new role for the realm or client

• roles.postRealmRolesRoleNameComposites

  Add a composite to the role

• roles.putRealmClientsIdRolesRoleName

  Update a role by name

• roles.putRealmClientsIdRolesRoleNameManagementPermissions

  Return object stating whether role Authoirzation permissions have been initialized or not and a reference

• roles.putRealmRolesRoleName

  Update a role by name

• roles.putRealmRolesRoleNameManagementPermissions

  Return object stating whether role Authoirzation permissions have been initialized or not and a reference

• rolesById.deleteRealmRolesByIdRoleId

  Delete the role

• rolesById.deleteRealmRolesByIdRoleIdComposites

  Remove a set of roles from the role’s composite

• rolesById.getRealmRolesByIdRoleId

  Get a specific role’s representation

• rolesById.getRealmRolesByIdRoleIdComposites

  Get role’s children Returns a set of role’s children provided the role is a composite.

• rolesById.getRealmRolesByIdRoleIdCompositesClientsClient

  Get client-level roles for the client that are in the role’s composite

• rolesById.getRealmRolesByIdRoleIdCompositesRealm

  Get realm-level roles that are in the role’s composite

• rolesById.getRealmRolesByIdRoleIdManagementPermissions

  Return object stating whether role Authoirzation permissions have been initialized or not and a reference

• rolesById.postRealmRolesByIdRoleIdComposites

  Make the role a composite role by associating some child roles

• rolesById.putRealmRolesByIdRoleId

  Update the role

• rolesById.putRealmRolesByIdRoleIdManagementPermissions

  Return object stating whether role Authoirzation permissions have been initialized or not and a reference

• root.get

  Get themes, social providers, auth providers, and event listeners available on this server

• scopeMappings.deleteRealmClientScopesIdScopeMappingsClientsClient

  Remove client-level roles from the client’s scope.

• scopeMappings.deleteRealmClientScopesIdScopeMappingsRealm

  Remove a set of realm-level roles from the client’s scope

• scopeMappings.deleteRealmClientsIdScopeMappingsClientsClient

  Remove client-level roles from the client’s scope.

• scopeMappings.deleteRealmClientsIdScopeMappingsRealm

  Remove a set of realm-level roles from the client’s scope

• scopeMappings.getRealmClientScopesIdScopeMappings

  Get all scope mappings for the client

• scopeMappings.getRealmClientScopesIdScopeMappingsClientsClient

  Get the roles associated with a client’s scope Returns roles for the client.

• scopeMappings.getRealmClientScopesIdScopeMappingsClientsClientAvailable

  The available client-level roles Returns the roles for the client that can be associated with the client’s scope

• scopeMappings.getRealmClientScopesIdScopeMappingsClientsClientComposite

  Get effective client roles Returns the roles for the client that are associated with the client’s scope.

• scopeMappings.getRealmClientScopesIdScopeMappingsRealm

  Get realm-level roles associated with the client’s scope

• scopeMappings.getRealmClientScopesIdScopeMappingsRealmAvailable

  Get realm-level roles that are available to attach to this client’s scope

• scopeMappings.getRealmClientScopesIdScopeMappingsRealmComposite

  Get effective realm-level roles associated with the client’s scope What this does is recurse any composite roles associated with the client’s scope and adds the roles to this lists.

• scopeMappings.getRealmClientsIdScopeMappings

  Get all scope mappings for the client

• scopeMappings.getRealmClientsIdScopeMappingsClientsClient

  Get the roles associated with a client’s scope Returns roles for the client.

• scopeMappings.getRealmClientsIdScopeMappingsClientsClientAvailable

  The available client-level roles Returns the roles for the client that can be associated with the client’s scope

• scopeMappings.getRealmClientsIdScopeMappingsClientsClientComposite

  Get effective client roles Returns the roles for the client that are associated with the client’s scope.

• scopeMappings.getRealmClientsIdScopeMappingsRealm

  Get realm-level roles associated with the client’s scope

• scopeMappings.getRealmClientsIdScopeMappingsRealmAvailable

  Get realm-level roles that are available to attach to this client’s scope

• scopeMappings.getRealmClientsIdScopeMappingsRealmComposite

  Get effective realm-level roles associated with the client’s scope What this does is recurse any composite roles associated with the client’s scope and adds the roles to this lists.

• scopeMappings.postRealmClientScopesIdScopeMappingsClientsClient

  Add client-level roles to the client’s scope

• scopeMappings.postRealmClientScopesIdScopeMappingsRealm

  Add a set of realm-level roles to the client’s scope

• scopeMappings.postRealmClientsIdScopeMappingsClientsClient

  Add client-level roles to the client’s scope

• scopeMappings.postRealmClientsIdScopeMappingsRealm

  Add a set of realm-level roles to the client’s scope

• users.deleteRealmUsersId

  Delete the user

• users.deleteRealmUsersIdConsentsClient

  Revoke consent and offline tokens for particular client from user

• users.deleteRealmUsersIdCredentialsCredentialId

  Remove a credential for a user

• users.deleteRealmUsersIdFederatedIdentityProvider

  Remove a social login provider from user

• users.deleteRealmUsersIdGroupsGroupId

  DELETE /{realm}/users/{id}/groups/{groupId}

• users.getRealmUsers

  Get users Returns a list of users, filtered according to query parameters

• users.getRealmUsersCount

  Returns the number of users that match the given criteria.

• users.getRealmUsersId

  Get representation of the user

• users.getRealmUsersIdConfiguredUserStorageCredentialTypes

  Return credential types, which are provided by the user storage where user is stored.

• users.getRealmUsersIdConsents

  Get consents granted by the user

• users.getRealmUsersIdCredentials

  GET /{realm}/users/{id}/credentials

• users.getRealmUsersIdFederatedIdentity

  Get social logins associated with the user

• users.getRealmUsersIdGroups

  GET /{realm}/users/{id}/groups

• users.getRealmUsersIdGroupsCount

  GET /{realm}/users/{id}/groups/count

• users.getRealmUsersIdOfflineSessionsClientId

  Get offline sessions associated with the user and client

• users.getRealmUsersIdSessions

  Get sessions associated with the user

• users.postRealmUsers

  Create a new user Username must be unique.

• users.postRealmUsersIdCredentialsCredentialIdMoveAfterNewPreviousCredentialId

  Move a credential to a position behind another credential

• users.postRealmUsersIdCredentialsCredentialIdMoveToFirst

  Move a credential to a first position in the credentials list of the user

• users.postRealmUsersIdFederatedIdentityProvider

  Add a social login provider to the user

• users.postRealmUsersIdImpersonation

  Impersonate the user

• users.postRealmUsersIdLogout

  Remove all user sessions associated with the user Also send notification to all clients that have an admin URL to invalidate the sessions for the particular user.

• users.putRealmUsersId

  Update the user

• users.putRealmUsersIdCredentialsCredentialIdUserLabel

  Update a credential label for a user

• users.putRealmUsersIdDisableCredentialTypes

  Disable all credentials for a user of a specific type

• users.putRealmUsersIdExecuteActionsEmail

  Send a update account email to the user An email contains a link the user can click to perform a set of required actions.

• users.putRealmUsersIdGroupsGroupId

  PUT /{realm}/users/{id}/groups/{groupId}

• users.putRealmUsersIdResetPassword

  Set up a new password for the user.

• users.putRealmUsersIdSendVerifyEmail

  Send an email-verification email to the user An email contains a link the user can click to verify their email address.

• userStorageProvider.getIdName

  Need this for admin console to display simple name of provider when displaying client detail KEYCLOAK-4328

• userStorageProvider.getRealmUserStorageIdName

  Need this for admin console to display simple name of provider when displaying user detail KEYCLOAK-4328

• userStorageProvider.postRealmUserStorageIdRemoveImportedUsers

  Remove imported users

• userStorageProvider.postRealmUserStorageIdSync

  Trigger sync of users Action can be "triggerFullSync" or "triggerChangedUsersSync"

• userStorageProvider.postRealmUserStorageIdUnlinkUsers

  Unlink imported users from a storage provider

• userStorageProvider.postRealmUserStorageParentIdMappersIdSync

  Trigger sync of mapper data related to ldap mapper (roles, groups, …​) direction is "fedToKeycloak" or "keycloakToFed"

• openapi.previewSpec

  Preview an OpenAPI document before adding it as a source

• openapi.addSource

  Add an OpenAPI source and register its operations as tools